[Beowulf] Intra-cluster security
Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.
John Hearns hearnsj at googlemail.comSun Sep 13 01:07:56 PDT 2009
- Previous message: [Beowulf] Intra-cluster security
- Next message: [Beowulf] Intra-cluster security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2009/9/11 Stuart Barkley <stuartb at 4gh.net>: > > - Each user creates a password-less ssh private key, puts the public > key in the authorized_hosts file and has relatively unfettered ssh > access between nodes (nfs shared home directory helps a lot). This > seems to be the most common approach. It is end-user setup/training > intensive (I suppose it could be automated/audited). I consider it > dangerous to encourage use of password-less ssh keys. Yes, I would agree this is the most common approach. You can automate it by having a script which runs when you first login to the cluster (Oscar does this). You can also use shosts trusts. A script which loops through cluster nodes and runs an ssh-keyscan is useful. Re. security its the armadillo principle - hard on the outside, soft on the inside.
- Previous message: [Beowulf] Intra-cluster security
- Next message: [Beowulf] Intra-cluster security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Beowulf mailing list