The script eranger-server-replication.pl will issue various commands on the primary, the standby and if existing on external SKOOR collectors. The reranger user account has been dedicated to these remote execution tasks. The account comes preconfigured at installation time. User reranger must be able to login via ssh without using a password from primary to standby, vice versa, and from primary and standby to all external collectors. This is achieved by using ssh public-key authentication instead of a password. The following steps are required for primary and standby:

• Change to the reranger user and create an ssh key-pair:

  sudo su - reranger 

  ssh-keygen -P "" -f /opt/eranger/reranger/.ssh/id_rsa

• Copy the public part of the key to the remote host(s):

  cat .ssh/id_rsa.pub

• Add this key to the authorized_keys file on the remote host(s):

  vi .ssh/authorized_keys

External collectors with SyncFS service enabled

The following steps are necessary to enable login with sudo commands for the skoor-syncfs service. If this is not needed, the SKOOR primary and standby should be added to an ignore list in the skoor-syncfs.cfg of the external collector.

Add the RSA key fingerprint

• of the SKOOR primary and standby systems to the known_hosts file of user root on the external collector

• of the external collector to the known_hosts file of user root on the primary and standby systems

  ssh 192.168.2.35

  Add the fingerprint:

  The authenticity of host '192.168.2.35 (192.168.2.35)' can't be established.
  RSA key fingerprint is a0:91:a8:f1:52:9f:d6:26:2d:c7:d6:0e:31:f7:4a:0b.
  Are you sure you want to continue connecting (yes/no)? yes
  Warning: Permanently added '192.168.2.35' (RSA) to the list of known hosts.