Which nodes need to be configured with SSH passwordless login for newly added TiKV nodes in the existing cluster?

This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: 原有集群新增的tikv节点需要和哪些节点配置ssh免密?

| username: andone

[TiDB Usage Environment] Production Environment
[TiDB Version] v4.0.13
[Reproduction Path] What operations were performed when the issue occurred
[Encountered Issue: Issue Phenomenon and Impact] Which nodes need to be configured with SSH passwordless access for the newly added TiKV node?

| username: dba远航 | Original post link

Tiup will automatically help you complete it when you add it.

| username: DBRE | Original post link

As long as there is an SSH trust relationship between the machine where TiUP is deployed and the newly expanded TiKV machine, it will be fine.

| username: tidb菜鸟一只 | Original post link

One control machine is enough for TiUP.

| username: 小龙虾爱大龙虾 | Original post link

Only with the control node is fine.

| username: Kongdom | Original post link

When using tiup for scaling, it should automatically establish SSH mutual trust. If not, you can refer to the new deployment method to add the new TiKV node and establish SSH mutual trust with the tiup control machine.

| username: xingzhenxiang | Original post link

With central control, you can use a single set of key files for central control and all TiDB nodes.

| username: Jellybean | Original post link

When scaling, the target machine can be configured with or without SSH passwordless login.


  1. Configure passwordless login to the target machine on the TiUP control machine, and directly execute the scaling operation.
  2. If SSH passwordless login is not configured, use --user to specify the user to access during scaling, -i to specify the access key, or -p to interactively enter the user’s password.

For more details, please refer to the official documentation:

| username: 像风一样的男子 | Original post link

If you use root for installation, you can also skip password-free configuration. During installation, enter the root password. TiUP controls communication through the tidb account and will automatically configure password-free access.

| username: zhanggame1 | Original post link

Root installation does not require password-free configuration, nor does it require creating a tidb user on each node; the tidb user will be created automatically.
Check and repair:
tiup cluster check ./topo.yaml --apply --user root -p

tiup cluster deploy tidb-test 7.1.2 ./topo.yaml --user root -p

| username: Fly-bird | Original post link

No manual configuration is needed, tiup will handle it automatically.

| username: oceanzhang | Original post link

Use a password instead of setting up mutual trust, it will help you get it done.

| username: system | Original post link

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.