[GE users] SGE, SSH, and LDAP

Nick Couchman Nick.Couchman at seakr.com
Tue Jun 24 21:33:36 BST 2008

Various O/Ss - one of them is Mandrake, mine is OpenSuSE 10.3, and there are some RHEL4U5 and RHEL4U6 ones.  The interesting thing is that it doesn't seem to be dependent on the client - I can launch qrsh under two different user accounts on my machine and have it work on mine and fail on my test account. 


>>> On Tue, Jun 24, 2008 at  2:31 PM, Darin Perusich <Darin.Perusich at cognigencorp.com> wrote:

What OS are the clients running?

Nick Couchman wrote:
> Okay, I've read through the previous threads for issues with SSH and
> LDAP on SGE, but I haven't found an answer to my problem.  I have a
> small grid install - a single master/db server and a few exec nodes.
>  The exec nodes currently use LDAP authentication for SSH connections
> and everything works fine.  Additionally, with the SGE, jobs can be
> submitted with qsub and interactive sessions can start with qsh.  None
> of this has a problem - no error messages, etc.  However, I've just
> recently switched over the configuration of the cluster so that I can
> use SSH-based connections.  I changed the rlogin_daemon, qlogin_daemon,
> and rsh_daemon to "/usr/sbin/sshd -i" and the rsh_command,
> rlogin_command, and qlogin_command variables over to "ssh".  When I run
> "qrsh" I get prompted to accept the host key (the first time) then
> prompted for a password.
> Here's where I start having errors - under *most* user accounts, the
> password fails.  If the user ssh's directly into the exact same host, it
> works fine, but with qrsh, it doesn't work at all.  I type in the
> password, it says "Permission denied, please try again."  Doesn't matter
> how many times I type the password, it doesn't accept it.  The weird
> part is that if I do exactly the same thing with the "root" user AND
> with ONE of my LDAP accounts, it works fine - prompts for the password,
> but accepts the password.  I can understand root being a special case,
> but it's very strange that most of my LDAP accounts except one do not
> work.  The user account that does work has some RSA key-based
> authentication configured, but it doesn't matter which host I connect
> from or which host I connect to - that is, the keys aren't even
> applicable to the hosts being used most of the time, and the system is
> still prompting for and accepting a password.  I've enabled debugging,
> and attached is the debug log for ssh for both a working account and a
> non-working account.  The working account is mine (nick) and the
> non-working account is "testuser".

Darin Perusich
Unix Systems Administrator
Cognigen Corporation
395 Youngs Rd.
Williamsville, NY 14221
Phone: 716-633-3463
Email: darinper at cognigencorp.com

To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net

This e-mail may contain confidential and privileged material for the sole use of the intended recipient.  If this email is not intended for you, or you are not responsible for the delivery of this message to the intended recipient, please note that this message may contain SEAKR Engineering (SEAKR) Privileged/Proprietary Information.  In such a case, you are strictly prohibited from downloading, photocopying, distributing or otherwise using this message, its contents or attachments in any way.  If you have received this message in error, please notify us immediately by replying to this e-mail and delete the message from your mailbox.  Information contained in this message that does not relate to the business of SEAKR is neither endorsed by nor attributable to SEAKR.

More information about the gridengine-users mailing list