add information about using updatenode -k

git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@5826 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
lissav 2010-04-20 15:46:42 +00:00
parent ea98017a2b
commit 73de3f3943

View File

@ -48,16 +48,16 @@ The update install option is normally run as a post operation from the rpm xCAT.
=item B<-k|--sshkeys>
This option will remove and regenerate the root id_rsa keys. It should only be used, if the keys are deleted or corrupted. The key must then be distribute to the nodes by installing or using xdsh -K option, for root to be able to ssh to the nodes without being prompted for a password.
This option will remove and regenerate the root id_rsa keys. It should only be used, if the keys are deleted or corrupted. The keys must then be distribute to the nodes by installing, running updatenode -k, or using xdsh -K option, for root to be able to ssh to the nodes without being prompted for a password.
rspconfig will need to be run to distribute the key to the MM and HMCs. Any device, we need to ssh from the MN to the device will also have to be updated with the new ssh keys.
=item B<-s|--sshnodehostkeys>
This option will remove and regenerate the node host ssh keys. It should only be used, if the keys are deleted or are corrupted. The keys must then be redistribute to the nodes by installing or using xdcp or pcp to copy the keys from /etc/xcat/hostkeys directory to the /etc/ssh directory on the nodes.
This option will remove and regenerate the node host ssh keys. It should only be used, if the keys are deleted or are corrupted. The keys must then be redistribute to the nodes by installing, running updatenode -k or using xdcp or pcp to copy the keys from /etc/xcat/hostkeys directory to the /etc/ssh directory on the nodes.
=item B<-c|--credentials>
This option will remove all xcat credentials for root and any userids where credentials have been created. It will regenerate roots credentials, but the admin will have to add back all the userid credentials needed with the /opt/xcat/share/xcat/scripts/setup-local-client.sh <username> command. It should only be used, if they are deleted or become corrupted. The credentials must be redistribed to the service nodes by installing the service node. makeconservercf must be rerun to pick up the new credentials, and conserver must be stop and started.
This option will remove all xcat credentials for root and any userids where credentials have been created. It will regenerate roots credentials, but the admin will have to add back all the userid credentials needed with the /opt/xcat/share/xcat/scripts/setup-local-client.sh <username> command. It should only be used, if they are deleted or become corrupted. The root credentials must be redistribed to the service nodes by installing the service node or using updatenode -k. makeconservercf must be rerun to pick up the new credentials, and conserver must be stop and started.
=item B<-d|--database>
@ -67,8 +67,8 @@ This option will reinitialize the basic xCAT database table setup. It will not
The force option may be used after the install to reinitialize the Management Node. This option will regenerate keys, credential and reinititialize the site table. This option should be used, if keys or credentials become corrupt or lost.
Additional action must be taken after using the force options. ssh keys must be redistributed to the nodes, site table attributes might need to be restored, makeconservercf needs to be rerun to pick up the new credentials and conserver stoped and started, rspconfig needs to be rerun to distribute the new keys to the MM and the HMCs.
A new set of common ssh host keys will have been generated for the nodes. If you wish your nodes to be able to ssh to each other with out password intervention, then you should redistribute these new keys to the nodes. You can do this my reinstalling the nodes, or by xdcp or pcp /etc/xcat/hostkeys/* to the /etc/ssh directory on all nodes. If the nodes hostkeys are updated then you will need to remove their entries from the known_hosts files on the management node before using ssh, xdsh, xdcp.
For a service node, it is probably best to re-install the service node to make sure the correct keys and credentials are picked up for node installs.
A new set of common ssh host keys will have been generated for the nodes. If you wish your nodes to be able to ssh to each other with out password intervention, then you should redistribute these new keys to the nodes. You can do this by running updatenode -k to the nodes. See man updatenode. If the nodes hostkeys are updated then you will need to remove their entries from the known_hosts files on the management node before using ssh, xdsh, xdcp.
For service nodes, use the updatenode -k command to redistribute the credentials to the service nodes.
=back