[Beowulf] CLuster - Mpich - tstmachines - Heeelp !!!!!!!!
Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.
Gerald Davies gerald.davies at gmail.comWed Jul 19 01:58:29 PDT 2006
- Previous message: [Beowulf] CLuster - Mpich - tstmachines - Heeelp !!!!!!!!
- Next message: [Beowulf] Myrinet metrics monitoring via ganglia
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 7/19/06, hahn at physics.mcmaster.ca <hahn at physics.mcmaster.ca> wrote: > > unless you really want to run programs as root, I wouldn't recommend to allow > > root login at all with ssh. Better is to have to login as a user first, and > > then su to root. > > I disagree with this, actually. first, "su root" is almost always > the worst thing to do, since it requires that you have an easy-to-type > password for root, and that you quite possibly type it frequently. > using an SSH identity for logging in directly as root is surely > more secure. that's my preferred technique - I run ssh-agent > so almost never type any password. > If all the slave nodes are coming off a switch connected to the cluster and behind a firewall, then i don't mind enabling ssh with root access for the slave nodes. However, I never allow direct root access to the head node of a cluster or any other box for that matter. This was brought about by one of the SSH root exploits a few years ago. Since then I'm cautious of enabling it. su to root or sudo is my preferred method. -- Gerald Davies --------------------------------------------- w: http://www.geralddavies.com
- Previous message: [Beowulf] CLuster - Mpich - tstmachines - Heeelp !!!!!!!!
- Next message: [Beowulf] Myrinet metrics monitoring via ganglia
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Beowulf mailing list