[Beowulf] Intra-cluster security
Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.
Nicholas M Glykos glykos at mbg.duth.grSun Sep 13 02:46:47 PDT 2009
- Previous message: [Beowulf] Intra-cluster security
- Next message: [Beowulf] Intra-cluster security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Stuart,
<snip>
> - Each user creates a password-less ssh private key, puts the public
> key in the authorized_hosts file and has relatively unfettered ssh
> access between nodes (nfs shared home directory helps a lot). This
> seems to be the most common approach. It is end-user setup/training
> intensive (I suppose it could be automated/audited).
</snip>
A quick note to say that in the case of the perceus/warewulf/slurm
combination as distributed with CaosNSA, you not only get the automation
you've mentioned, but you can also restrict user access to individual
nodes (this is through a pam module for slurm that only allows ssh access
to those nodes that a user has active jobs on).
Nicholas
--
Dr Nicholas M. Glykos, Department of Molecular Biology
and Genetics, Democritus University of Thrace, University Campus,
Dragana, 68100 Alexandroupolis, Greece, Tel/Fax (office) +302551030620,
Ext.77620, Tel (lab) +302551030615, http://utopia.duth.gr/~glykos/
- Previous message: [Beowulf] Intra-cluster security
- Next message: [Beowulf] Intra-cluster security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Beowulf mailing list