DX NetOps

Expand all | Collapse all

Is there a work around for implementing Performance Center's Data Aggregator Vertica Database without needing passwordless SSH?

Jump to Best Answer
  • 1.  Is there a work around for implementing Performance Center's Data Aggregator Vertica Database without needing passwordless SSH?

    Posted 11-08-2017 03:01 PM

    When installing or upgrading the Vertica database, used by the data aggregator, passwordless SSH is required.  Operationally, passwordless SSH isn't needed if there's only a single database node, but it seems to be required for multiple nodes of Vertica.  However, installation or upgrading with a single node requires it.  To require a passwordless SSH configuration seems to be a poor security model for an application in today's environment.

    I would like to be wrong, so is there any work around to this passwordless SSH for Vertica?



  • 2.  Re: Is there a work around for implementing Performance Center's Data Aggregator Vertica Database without needing passwordless SSH?
    Best Answer

    Posted 11-09-2017 05:54 PM

    Hi Brian,

     

    This is a bit out of our control being a requirement of the Vertica DB software (not owned by CA). I know we've requested a change to that behavior in the product.

     

    In the mean time were you aware the SSH requirement for the install or upgrade cycle is temporary?

     

    Run the install/upgrade cycle while allowing the SSH to get set up and used. When it completed delete the SSH keys it creates. Shouldn't be any negative behavior after during normal operation.

     

    Later down the line need to upgrade? Repeat the process to allow it and delete the keys when done.

     

    Hope that helps.

     

    Mike



  • 3.  Re: Is there a work around for implementing Performance Center's Data Aggregator Vertica Database without needing passwordless SSH?

    Posted 12-06-2017 02:27 PM

    In our environment a passwordless SSH configuration is not allowed even if it's only temporary, because it's an IA network security violation.