Password Issues in TiUP Cluster Deployment

Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: TiUP cluster 部署密码问题

| username: TiDBer_YMbqt6MP

May I ask when using the command tiup cluster check ./topology.yaml --user root [-p] [-i /home/root/.ssh/gcp_rsa], if I use the -p option to input the password, how should I handle it if the passwords for my multiple machines are different?

If I use the -i option, how should I operate it? Thank you very much for your guidance.

| username: weixiaobing | Original post link

Create SSH Passwordless Login

  1. Log in to the control machine as the tidb user and execute the following commands. Replace 10.0.1.1 with the IP of your target deployment machine, enter the tidb user password of the target deployment machine when prompted. After successful execution, SSH mutual trust will be established. Repeat the same for other machines. The newly created tidb user does not have a .ssh directory, so you need to execute the command to generate the rsa key to create the .ssh directory. If you need to deploy TiDB components on the control machine, you need to configure mutual trust between the control machine and itself.
ssh-keygen -t rsa
ssh-copy-id -i ~/.ssh/id_rsa.pub 10.0.1.1
| username: TiDBer_YMbqt6MP | Original post link

@weixiaobing I have already implemented this step and ensured that SSH mutual trust is established. The problem arises when using the command tiup cluster check ./topology.yaml --user root. The username is root, and the root passwords for multiple machines are different. This means that if you use the -p option, you can only enter one password. If you use the -i option, the following error is prompted:

| username: weixiaobing | Original post link

Then you don’t need to use a username and password. tiup cluster check ./topology.yaml

| username: TiDBer_YMbqt6MP | Original post link

I just reviewed it again. Actually, I created a tidb user on the target machine where I am deploying, and added tidb ALL=(ALL) NOPASSWD: ALL. So I can use the tidb user directly without using the root user. I will go experiment with it first. Regardless of whether it works or not, thank you. I will also test using your method.

| username: system | Original post link

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.