Launching interactive apps and cluster login node in ~/.ssh/known_hosts

All,

We have been giving users access to our Open OnDemand server which is running on a VM separate from the cluster. Under the hood they use our shared cluster /home directory mounted over NFS.

The issue that we are running in to is that users cannot launch interactive apps until they log in to the cluster through the Clusters - Shell Access dropdown first via OnDemand. They have logged in to our cluster via SSH before and therefore have a /home directory, however, when they go to our OnDemand site they need to hit ‘yes’ on the [SSH: The authenticity of host loginnode.oursite.edu can’t be established] prompt that very first time to add the login node for our cluster to their ~/.ssh/known_hosts file. Otherwise, on launching the apps they’re getting a “Host Key Verification Failed” error message if they do not.

This has been causing some confusion and we’ve been getting a few questions. How are other sites handling this? I was thinking it maybe possible somehow to add the cluster login node to the ~/.ssh/known_hosts file on login, otherwise I don’t really know how else to bridge that issue. Any ideas are greatly appreciated.

You can add keys system wide at /etc/ssh/ssh_known_hosts. That way folks don’t need to add it to ~/.ssh they’re able to read the system wide configuration. (At OSC we manage this file through puppet, so I have to give a shout out to automation wherever I can)

Ah. Thank you! We didn’t realize we could set it there system wide. That worked great. Much appreciated.

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.