[GE users] SSH and host keys

reuti reuti at staff.uni-marburg.de
Wed Feb 18 11:02:50 GMT 2009


Am 16.02.2009 um 20:36 schrieb crhea:

> I'm missing something here...
>
> Right now, I'm using RSH between the nodes. I have /root/.rhosts  
> and /etc/hosts.equiv set up to allow passwordless RSH.
>
> We've run into the issue of rsh reaching a number of ports limit  
> (discussed elsewhere in the SGE forums) and I'd like to look at  
> running SSH. I understand your ssh_known_hosts script, but I'm  
> unclear what system(s) this file needs to be populated-- The  
> master? The exec hosts?

You mean for parallel jobs, as you wrote "between" the nodes. Hence  
all exec hosts must trust the other exec hosts.

https://wiki.systemsx.ch/display/ITDOC/OpenSSH+hostbased 
+authentication+HOWTO

This seems working up to the point, when SSH calls PAM. Then PAM  
denies access. I'm still looking to get it working. (For now I set it  
up with passphrase-less user based authentication which will also  
work in clusters [on sites where they need SSH as I on my own prefer  
the rsh/built-in method in a private cluster], but this has to be  
done for each user.)


> The submission hosts?  Is this done for root only, or do I need to  
> pre-load something for
> all user accounts too?

The known_hosts file you have to implement for each user, or common  
in /etc/ssh/ssh_known_hosts.

-- Reuti


> I'm not understanding what hosts need to trust what...
>
> Thanks-
>
> --- Cris
>
> ------------------------------------------------------
> http://gridengine.sunsource.net/ds/viewMessage.do? 
> dsForumId=38&dsMessageId=107494
>
> To unsubscribe from this discussion, e-mail: [users- 
> unsubscribe at gridengine.sunsource.net].

------------------------------------------------------
http://gridengine.sunsource.net/ds/viewMessage.do?dsForumId=38&dsMessageId=108867

To unsubscribe from this discussion, e-mail: [users-unsubscribe at gridengine.sunsource.net].



More information about the gridengine-users mailing list