[Beowulf] High Performance SSH/SCP

[Robert G. Brown]

On Thu, 14 Feb 2008, Tim Cutts wrote:

> their password is sane.  It's a similar scenario.  The authors' high and 
> mighty principles don't actually necessarily make my systems any more secure 
> at all, quite possibly the reverse.  Quite apart from the extra workload it 
> puts on me.  The average scientist doesn't really want to have to learn about 
> ssh-agent and all that stuff.

Amen to that (about ssh-agent), brother.

And all the rest.  Most of the sysadmins I know (and I know a LOT of
them) are really, really smart.  I'm talking rocket scientists gone bad,
so to speak, turned to the dark world and away from the light.  Just
kidding;-)

They have to solve complex problems in order to make the environment
they manage "work" with whatever mix of users, systems, and tasks that
constitute productivity at their place of employment.  In many cases
the solutions they implement are -- correctly -- solutions to
cost-benefit analyses that optimize productivity AT THE RISK of certain
security compromises.

For example, who actually shuts down their entire network when the word
comes in that e.g. the linux kernel has an exploit that allows any user
to root at will?  Only sites that have to maintain NSA-level security
and integrity of data, maybe banks and the like.  Everywhere else the
sysadmin crosses their mental fingers that they (being in touch with
various private channels that quietly get the word out) know about it
before their users, gets a patched kernel in all seemly haste, and then
wait for the next suitable moment to reboot each system after the next
update.  It spreads out the fix for a day, maybe even for a few days,
sure, but it also doesn't cost their organization days worth of work
times the number of employees who rely on the computers.  Which can
easily have a cash value in the tens of thousands of dollars.

Similarly, there are all sorts of reasons one might want to set up a
particular network differently from those based on the assumption "this
system is exposed to every evil cracker in the Universe and must be so
hardened that it can withstand any possible attack". Mind you, the
latter is a GREAT default configuration.  But one has to trust the
judgement of a professional sysadmin to trump the one-size-fits-all
mentality.  If the systems are all going to sit inside a locked room
such that one has to physically be inside the room and sitting at a
console to access them, WAN-level security is sort of moot and may be
counterproductive.  Or e.g. diskless cluster nodes inside a firewall --
there's nothing there to steal, a nasty bottleneck (at best) to get to
it, and if the bottleneck/firewall is itself compromised, nothing
including ssh is going to save the nodes anyway, as the master serves
their "disk(s)".

So I'm all for giving sysadmin's powerful tools and choices.  Otherwise,
hey, they're rocket scientists.  They'll just work around the obstacles
anyway.  They'll have to work HARDER, and they'll be grumbly and bitter
as a consequence, but they'll find and install rsh, they'll hack the
source, they'll find an alternative implementation.  And then they'll go
back to their homes that night, pull a rocket out of a storage tube in
their basement, and target the idiot who stands between them and the
stress-free accomplishment of their work.

I warned you...;-)

   rgb

>
> Tim
>
>
>

-- 
Robert G. Brown                            Phone(cell): 1-919-280-8443
Duke University Physics Dept, Box 90305
Durham, N.C. 27708-0305
Web: http://www.phy.duke.edu/~rgb
Book of Lilith Website: http://www.phy.duke.edu/~rgb/Lilith/Lilith.php
Lulu Bookstore: http://stores.lulu.com/store.php?fAcctID=877977