Configure SSH Access for Remote Collection
To collect data on a remote Linux* system, a password-less SSH connection is required.
A root connection is required to load the sampling drivers and to collect certain performance metrics. You (or your administrator) can configure the system using root permissions and then set up password-less SSH access for a non-root user if desired. For example, build and load the sampling drivers on the target system using root access and then connect to the system and run analysis as a non-root user. If you set up access without using the sampling drivers, then driverless event-based sampling can still be used.
Use one of the methods below to enable password-less SSH access:
- Manually configure a connection from macOS*/Linux to Linux
Versions of Intel® VTune™ Profiler older than 2019 Update 5 have a different configuration for password-less SSH. For legacy instructions, see this article.
Enable a Password-less SSH Access from Windows to Linux
For Windows-to-Linux remote analysis, the VTune Profiler automatically configures a password-less access based on the public key identification.
Create a VTune Profiler project.
In the Configure Analysis window, select the Remote Linux (SSH) target system from the WHERE pane.
Specify your remote system in the SSH destination field as user@target; for example: firstname.lastname@example.org.
VTune Profiler verifies your SSH connection and, if fails, it generates public/private keys required for enabling the password-less access and reports the results via an interactive terminal window.
When the public/private keys are generated, press any key to enter your credentials and let VTune Profiler automatically copy and apply the public/private keys.
Alternatively, you may press Ctrl-C to stop the automation. In this case, you need to manually add the already generated public/private keys from the paths specified in the terminal window to ~/.ssh/authorized_keys on the remote system.NOTE:
VTune Profiler does not keep your credentials but uses them only once to enable the password-less access.
When the keys are applied, the terminal window closes and you can proceed with the project configuration and analysis. For all subsequent sessions, you will not be asked to provide credentials for remote accesses to the specified system.
Configure a Password-less SSH Access from Linux/macOS to Linux
For remote collection on a Linux target system, set up the password-less mode on the local Linux or macOS host as follows:
Generate the key with an empty passphrase:
host> ssh-keygen -t rsa
Copy the key to target system:
host> ssh-copy-id user@target
Alternatively, if you do not have ssh-copy-id on your host system, use the following command:
host> cat .ssh/id_rsa.pub | ssh user@target 'cat >> .ssh/authorized_keys'
Verify that a password is not required anymore, for example:
host> ssh user@target ls
If the keys are copied but the VTune Profiler cannot connect to the remote system via SSH, make sure the permissions for ~/.ssh and home directories, as well as SSH daemon configuration, are set properly.
Make sure your ~/.ssh and ~/.ssh/authorized_keys directory permissions are not too open. Use the following commands:
chmod go-w ~/ chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys
Check that the /etc/ssh/sshd_config file is properly configured for the public key authentication.
For this step, you may need administrative privileges.
If present, make sure the following options are set to yes:
RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
For root remote connections, use:
If the configuration has changed, save the file and restart the SSH service with:
sudo service ssh restart sudo service sshd restart (on CentOS)