[Beowulf] Re: "hobbyists"
Perry E. Metzger
perry at piermont.com
Thu Jun 19 21:03:04 PDT 2008
Joe Landman <landman at scalableinformatics.com> writes:
>> Isn't it a common practice in HPC to keep security rules relatively
>> relaxed *inside* a cluster (passwordless logins between compute
>> nodes for instance), whilst trying to harden the links to the
>> external world?
>
> Yes. Leave the window wide open while bolting the door tight ... :(
I don't think that's "leaving the window open" since there is no
window. If the only way to get to the cluster network is through a
head node that is actually secure, then it is just fine to treat the
cluster network as if it were the backplane of a single box and leave
the cluster nodes fairly open. The head node can dispatch arbitrary
jobs to all the boxes anyway, and once you've got code running on a
box you can often break root anyway. One has to be reasonable about
these things.
Perry
--
Perry E. Metzger perry at piermont.com
More information about the Beowulf
mailing list