Intel® VTune™ Profiler

User Guide

ID 766319
Date 10/31/2024
Public
Document Table of Contents

Configure SSH Access for Remote Collection

To collect data on a remote Linux* system, you must have a password-less SSH connection.

NOTE:

You need a root connection to load the sampling drivers and collect certain performance metrics. You or your administrator can configure the system using root permissions. If necessary, you can then set up password-less SSH access for a non-root user.

For example, build and load the sampling drivers on the target system using root access. Then, connect to the system and run an analysis as a non-root user. If you set up access without using the sampling drivers, then you can still use driverless event-based sampling.

To enable password-less SSH access, use one of these methods

NOTE:

Versions of Intel® VTune™ Profiler older than 2019 Update 5 have a different configuration for password-less SSH. For legacy instructions, see this article.

Enable a Password-less SSH Access from Windows to Linux

For remote analysis on a Linux system using a Windows system, VTune Profiler configures a password-less access based on the public key identification.

  1. Create a VTune Profiler project.

  2. In the Configure Analysis window, in the WHERE pane, select the Remote Linux (SSH) target system.

  3. In the SSH destination field, specify your remote system as user@target. For example: root@172.16.254.1.

    VTune Profiler verifies your SSH connection. If the connection fails, VTune Profiler generates the public/private keys that are required to enable the password-less access. Results display in an interactive terminal window.

  4. Once the public/private keys are generated, press any key to enter your credentials. VTune Profiler copies and applies the public/private keys.

    You can also select Ctrl-C to stop the automation and manually add the public/private keys. You add these keys from the paths specified in the terminal window to ~/.ssh/authorized_keys on the remote system.

    NOTE:

    VTune Profiler only uses user credentials once to enable the password-less access. This information is not stored.

When the keys are applied, the terminal window closes. You can now proceed to configure your analysis. For subsequent sessions, you do not need to provide credentials for remote accesses to the specified system.

Configure a Password-less SSH Access from Linux to Linux

For remote collection on a Linux target system, set up the password-less mode on the local Linux host:

  1. Generate the key with an empty passphrase:

    host> ssh-keygen -t rsa

  2. Copy the key to target system:

    host> ssh-copy-id user@target

    Alternatively, if you do not have ssh-copy-id on your host system, use the following command:

    host> cat .ssh/id_rsa.pub | ssh user@target 'cat >> .ssh/authorized_keys'

  3. Verify that a password is not required anymore, for example:

    host> ssh user@target ls

Possible Issues

If the keys are copied but VTune Profiler is unable to connect to the remote system via SSH, ensure that the permissions for ~/.ssh and home directories, as well as SSH daemon configuration, are set properly.

Permissions

Make sure your ~/.ssh and ~/.ssh/authorized_keys directory permissions are not too open. Use the following commands:

chmod go-w ~/

chmod 700 ~/.ssh

chmod 600 ~/.ssh/authorized_keys

SSH Configuration

Check that the /etc/ssh/sshd_config file is properly configured for the public key authentication.

NOTE:

For this step, you may need administrative privileges.

If present, make sure the following options are set to yes:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

For root remote connections, use:

PermitRootLogin yes

If the configuration has changed, save the file and restart the SSH service with:

sudo service ssh restart
sudo service sshd restart (on CentOS)