[Beowulf] cluster authentication part II

Jonathan Engwall engwalljonathanthereal at gmail.com
Tue Jan 23 17:48:58 PST 2018


Ubuntu has a package called tiger which is very very verbose. I had some
trouble with listeners at strange ports like 13141 or 30303 according to
tiger. At this same time more than a year ago sometimes ssh would report
that keys had changed.
This feels like a ghost story but it is not. This was when I was running a
MUD, so nothing out of the ordinary was going on. But Tiger will tell you
everything.
You should delete the log with a cron job. Tiger is repetitive with with
warnings.

On Jan 23, 2018 2:37 PM, "Prentice Bisbal" <pbisbal at pppl.gov> wrote:

> I second this. sssd is much better than nscd or nslcd.
>
> Prentice
>
> On 01/17/2018 06:08 AM, Rémy Dernat wrote:
>
>> I would switch to sssd. I had many problems with nslcd (connection,
>> cache...).
>>
>> Best regards
>>
>>
>> On 16/01/2018 00:35, Jörg Saßmannshausen wrote:
>>
>>> Dear all,
>>>
>>> reading the Cluster Authentication (LDAP,AD) thread which was posted at
>>> the
>>> end of last year reminds me of a problem we are having.
>>>
>>> For our Ubuntu 14 virtual machines we are authenticating against AD and
>>> I am
>>> using the nslcd daemon to do that.
>>> This is working very well in a shell, i.e. when I am doing this in a
>>> shell:
>>>
>>> $ su -l USER
>>>
>>> It is fast, it is creating the home directory if I need it (or not if I
>>> want
>>> to mount the file space elsewhere and use a local home) and the standard
>>> lookup
>>> tools like
>>>
>>> $ getent password USER
>>>
>>> are fast as well.
>>>
>>> However, and here is where I am stuck: when I want to log in to the
>>> machine
>>> using the GUI, this takes forever. We measures it and it takes up to 90
>>> sec.
>>> until it finally works. I also noticed that it is not reading the
>>> /etc/nslcd.conf file but either /etc/ldap.conf or /etc/ldap/ldap.conf.
>>> The
>>> content of the ldap.conf file is identical with the nslcd.conf file. I
>>> am using
>>> TLS and not SSL for the secure connection .
>>> Furthermore, and here I am not sure whether it is the same problem or a
>>> different one, if I want to ssh into the Ubuntu VM, this also take a
>>> very long
>>> time (90 sec) until I can do that.
>>> Strangely enough, our HPC cluster is using nslcd as well (I used that
>>> nslcd.conf file as a template for the Ubuntu setup), authenticating
>>> against the
>>> same AD and that works instantaneous.
>>>
>>> Does anybody has some ideas of where to look at? It somehow puzzles me.
>>> I am a bit inclined to say the problem is within Ubuntu 14 as the
>>> cluster is
>>> running CentOS and my Debian chroot environment ist Stretch.
>>>
>>> All the best from London
>>>
>>> Jörg
>>>
>>> _______________________________________________
>>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>>> To change your subscription (digest mode or unsubscribe) visit
>>> http://www.beowulf.org/mailman/listinfo/beowulf
>>>
>> _______________________________________________
>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>> To change your subscription (digest mode or unsubscribe) visit
>> http://www.beowulf.org/mailman/listinfo/beowulf
>>
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit
> http://www.beowulf.org/mailman/listinfo/beowulf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20180123/9be2cfda/attachment-0001.html>


More information about the Beowulf mailing list