This is a must do task if you want to securely script the NetApp or N-Series filers in any way. I never use RSH and don’t recommend using it either. Creating pre-shared keys is pretty straight forward and simple, and should be a one time operation anyway, so doesn’t add much hassle, but adds plenty of peace of mind. This is vital if you want to use any of the scripts I have listed in my blog pages.
If you’re using Linux already, this process should not be foreign to you. I haven’t got a Linux box in front of me right now (sat in a hotel room writing some stuff up), so I’ll just go over the process from a very high level. I will come back and update this when I’m back at the lab to test it out.
1) Mount up the filer “/etc” folder via NFS or SMB.
2) Create (if it doesn’t already exist) “/etc/sshd/root/.ssh”
3) Create an “authorized_keys” text file
4) Copy all the public key contents into this file
5) If you are using different users other than root, create a different folder structure above “/etc/sshd/user_name/.ssh”. This user would need to exist on the filer also, and may make things a bit more secure and trackable.
6) Test it!
a. “ssh -c 3des root@filer_name df -h”
Multiple commands can be daisy chained together on the filer to make scripts more efficient and to reduce the number of SSH sessions open at any one time.
ssh -c 3des root@filer_name “snap list; snap delete vol0 snap.3; snap rename vol0 snap.2 snap.3; snap rename vol0 snap.1 snap.2; snap rename vol0 snap.0 snap.1; snap create vol0 snap.0”