[GE users] Help with qrsh, SSH, and LDAP

David Olbersen dolbersen at nextwave.com
Fri Nov 9 18:01:15 GMT 2007


I've made a few experiments with very strange results.

First I set SGE_DEBUG_LEVEL to "2 0 0 0 0 0 0 0" (googled from
somewhere) which gives some interesting output (attached). The bits that
are interesting to me are (summarized):

qlogin_daemon = /usr/sbin/in.telnetd
qlogin_command = /usr/bin/ssh
rsh_daemon = /usr/sbin/sshd
rsh_command = /usr/bin/ssh
rlogin_daemon = /usr/sbin/in.rlogind
rlogin_command = /usr/bin/ssh -v

That's interesting because `qconf -sconf | grep '_command\|_daemon'`
shows:
rsh_command                  /usr/bin/ssh
rsh_daemon                   /usr/sbin/sshd
rlogin_command               /usr/bin/ssh -v
rlogin_daemon                /usr/sbin/sshd
qlogin_command               /usr/bin/ssh
qlogin_daemon                /usr/sbin/sshd

So there's some configuration being ignored or overwritten somewhere.
OK, fine. Maybe I'm missing some higher-level configuration settings
somewhere. I believe the debug output to be the Final Answer and I can
work with that.

Since I don't have in.telnetd or in.rlogind in CentOS I made a short
wrapper script and symlink'd to it:

	#!/bin/bash

	env >> /var/tmp/sshd-$$
	exec /usr/sbin/sshd -e >> /var/tmp/sshd-$$

The interesting part about this is when I compare what I see on the
client side:

	OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
	debug1: Reading configuration data /users/dolbersen/.ssh/config
	debug1: Applying options for *
	debug1: Reading configuration data /etc/ssh/ssh_config
	debug1: Applying options for *
	debug1: Connecting to node-2.skunkworks.eng.atg.nw.net
[172.24.19.116] port 34139.
	(more output about SSH keys)

To what I see on the server side (attached as well):

QRSH_PORT=labmaster.skunkworks.eng.atg.nw.net:36910

Client says port 34139, server says port 36910. Maybe I'm putting things
together that I shouldn't be, but that seems pretty strange.

Am I heading down some horribly twisty and ultimately incorrect path?
Are there a few fundamental things I should check first before pursing
this further? If anybody has any import I would love to hear it!

-- 
David Olbersen (x0623)
 

-----Original Message-----
From: Dave Love [mailto:david.love at manchester.ac.uk] 
Sent: Friday, November 09, 2007 3:42 AM
To: users at gridengine.sunsource.net
Subject: Re: [GE users] Help with qrsh, SSH, and LDAP

"David Olbersen" <dolbersen at nextwave.com> writes:

> Like I said before, given that LDAP works right on every other system
I
> really have a hard time seeing it not being SGE.

Presumably you need to debug it the same way as any other program
where something fails when execed from it, but works with the same
arguments otherwise.  Check the environment in which it's called with
a script which logs env(1) output (and the arguments it gets, to be
sure).

Messages from running sshd -d on the server might tell you why it's
failing, though.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net




    [ Part 2, "debugging-server-side.txt"  Text/PLAIN (Name: ]
    [ "debugging-server-side.txt") ~1.4 KB. ]
    [ Unable to print this part. ]


    [ Part 3, "debugging-qrsh-output.txt"  Text/PLAIN (Name: ]
    [ "debugging-qrsh-output.txt") ~16 KB. ]
    [ Unable to print this part. ]


    [ Part 4: "Attached Text" ]

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "ISO-8859-10" character set.  ]
    [ Some special characters may be displayed incorrectly. ]

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net



More information about the gridengine-users mailing list