User Guide

Intel® VTune™ Profiler User Guide

ID 766319
Date 3/31/2023
Public

A newer version of this document is available. Customers should click here to go to the newest version.

Document Table of Contents

Configure SSH Access for Remote Collection

To collect data on a remote Linux* system, a password-less SSH connection is required.

NOTE:

A root connection is required to load the sampling drivers and to collect certain performance metrics. You (or your administrator) can configure the system using root permissions and then set up password-less SSH access for a non-root user if desired. For example, build and load the sampling drivers on the target system using root access and then connect to the system and run analysis as a non-root user. If you set up access without using the sampling drivers, then driverless event-based sampling can still be used.

Use one of the methods below to enable password-less SSH access:

NOTE:

Versions of Intel® VTune™ Profiler older than 2019 Update 5 have a different configuration for password-less SSH. For legacy instructions, see this article.

Enable a Password-less SSH Access from Windows to Linux

For Windows-to-Linux remote analysis, the VTune Profiler automatically configures a password-less access based on the public key identification.

  1. Create a VTune Profiler project.

  2. In the Configure Analysis window, select the Remote Linux (SSH) target system from the WHERE pane.

  3. Specify your remote system in the SSH destination field as user@target; for example: root@172.16.254.1.

    VTune Profiler verifies your SSH connection and, if fails, it generates public/private keys required for enabling the password-less access and reports the results via an interactive terminal window.

  4. When the public/private keys are generated, press any key to enter your credentials and let VTune Profiler automatically copy and apply the public/private keys.

    Alternatively, you may press Ctrl-C to stop the automation. In this case, you need to manually add the already generated public/private keys from the paths specified in the terminal window to ~/.ssh/authorized_keys on the remote system.

    NOTE:

    VTune Profiler does not keep your credentials but uses them only once to enable the password-less access.

When the keys are applied, the terminal window closes and you can proceed with the project configuration and analysis. For all subsequent sessions, you will not be asked to provide credentials for remote accesses to the specified system.

Configure a Password-less SSH Access from Linux/macOS to Linux

For remote collection on a Linux target system, set up the password-less mode on the local Linux or macOS host as follows:

  1. Generate the key with an empty passphrase:

    host> ssh-keygen -t rsa

  2. Copy the key to target system:

    host> ssh-copy-id user@target

    Alternatively, if you do not have ssh-copy-id on your host system, use the following command:

    host> cat .ssh/id_rsa.pub | ssh user@target 'cat >> .ssh/authorized_keys'

  3. Verify that a password is not required anymore, for example:

    host> ssh user@target ls

Possible Issues

If the keys are copied but the VTune Profiler cannot connect to the remote system via SSH, make sure the permissions for ~/.ssh and home directories, as well as SSH daemon configuration, are set properly.

Permissions

Make sure your ~/.ssh and ~/.ssh/authorized_keys directory permissions are not too open. Use the following commands:

chmod go-w ~/

chmod 700 ~/.ssh

chmod 600 ~/.ssh/authorized_keys

SSH Configuration

Check that the /etc/ssh/sshd_config file is properly configured for the public key authentication.

NOTE:

For this step, you may need administrative privileges.

If present, make sure the following options are set to yes:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

For root remote connections, use:

PermitRootLogin yes

If the configuration has changed, save the file and restart the SSH service with:

sudo service ssh restart
sudo service sshd restart (on CentOS)