Configuring Lemuria Accounts

This document describes how to configure your lemuria.cis.vtc.edu account for effective access to the cluster. You will need to do the steps here in order to make MPI development easier (for example).

Cluster Organization

Lemuria is your access point to the cluster nodes. Those nodes are located on a private network that connects them to each other and to lemuria's secondary network interface. The cluster nodes are named node1, node2, node3, and node4. They use NIS to obtain user account information from lemuria; you can use the same credentials to log into a cluster node as you use for lemuria access. Similarly the cluster nodes use NFS to mount your home directory so that any files you create on lemuria (or on any node) are visible on all the other nodes. This is a convenient way to distribute files among the nodes.

Because of this configuration you can easily SSH from lemuria to any cluster node, or from one cluster node to another. Use the node name (listed above) as the name of the host and use your lemuria username and password. Once you log in you will find that all your lemuria files are available to you as usual.

However, in order to use the nodes easily, for example with MPI programs, you will want to configure your account so you can log into the cluster nodes without supplying a password. This will allow the mpirun tool to automatically launch MPI programs on other nodes on your behalf (it uses SSH to remotely execute commands). Without this extra configuration you will be prompted for a password for each node that you involve in your program.

Configuring Password-less Logins

The first step is to set up public-key authentication. You only need to do this only once. Log into lemuria and proceed as follows:

  1. Execute ssh-keygen. This command will generate an RSA public/private key pair that can be used by OpenSSH. The private key will be stored in ~/.ssh/id_rsa and the public key will be stored in ~/.ssh/id_rsa.pub. When you generate the key pair you will be prompted for a passphrase. This passphrase is used to encrypt your private key.

  2. Ordinarly you would copy the public key to the machines where you want to log in. However, in this case those machines share files with lemuria so you can "distribute" the public key by just copying ~/.ssh/id_rsa.pub to the file ~/.ssh/authorized_keys.

  3. Check that public-key authentication works. From lemuria SSH to one of the nodes. If you are prompted for the passphrase of your private key, all is well. If you are prompted for your ordinary password, something is wrong. In that case, check the permissions on your home directory and on the ~/.ssh directory. Your home directory should not be writable by other users, and the ~/.ssh directory should have 700 permissions. The OpenSSH server will not use a key if it is stored in what it feels to be an insecure way.

Once you have public-key authentication configured you can enable password-less logins by doing the following:

  1. At a shell prompt on lemuria execute the command eval $(ssh-agent) followed by the command ssh-add. The first command runs the SSH agent program and the second command loads your private key into the agent. When you execute ssh-add you will be prompted for your passphrase.

  2. You can now SSH to any other node without supplying a password. The SSH agent will take care of authenticating you automatically. You must start the agent, etc, each time you log in and before you attempt to run an MPI program!

Running MPI Programs

To test your configuration, log into one of the cluster nodes and configure the shell there using ssh-agent and ssh-add as described above. Then build and run the HelloMPI sample program as follows:

      $ make
      $ mpirun -np 4 --host node1,node2,node3,node4 main
    

Note that you should use mpic++ to compile C++ programs that use MPI.


Last Revised: 2016-10-21
© Copyright 2016 by Peter C. Chapin <PChapin@vtc.vsc.edu>