[GE users] qlogin / ssh (ultimately, X forwarding)

rumpelkeks tina.friedrich at diamond.ac.uk
Tue Feb 2 16:11:53 GMT 2010


thanks for the quick answer.

>> I know this was discussed numerous times. I've read the  
>> instructions and
>> at least believe I found the related posts in the archives. I still
>> can't get it to work. I'd appreciate some help with this.
>> I'm trying to set up qlogin-via-ssh because we need X forwarding, at
>> least for some things.
>> I plan to only enable it on a couple of nodes, so I am not working on
>> the queue level but node level (rather, queue instance level) config -
>> as I understand things this should be possible?
>> Anyway, I followed these instructions:
>> http://gridengine.sunsource.net/howto/qrsh_qlogin_ssh.html
>> set it up for one test node and tried to log in (and I did first check
>> that qlogin works with the builtin method).
>> Doesn't work. What I get is "Your job XXXXX has been submitted"  
>> followed
>> by "Your interactive job XXXXX as been successfully scheduled.". And
>> then, after a couple of seconds each, numerous repeats of the "has  
>> been
>> successfully scheduled" and in the end a commlib error and the queue
>> instance ends up in an error state.
>> On the node, no ssh processes (no addidional ssh processes, that is)
>> appear to get started. Can't find anything in any logs, either. (Oh  
>> yes,
>> ssh into the nodes directly works.)
> the default ssh will use port 22 which is often open in the firewalls  
> by default. SGE's dedicated sshd (there will be one started for each  
> job) will use a random port, so there must not be any firewall on the  
> nodes.
> Do you have a firewall on the nodes?
> Whether there is a sshd or rshd running all the time is not related  
> to SGE's startup mechanism. You can have a cluster w/o user access to  
> the nodes but through SGE this way.

I haven't got a firewall on the nodes. I've also verified that I can 
very happily run up sshd (as root) on my node on about any port I like 
and log in.

I realise that this can work without 'normal' ssh access, which is one 
reason I want to get it to work :)

>> I've tried a couple of things (lots of things, actually), but now need
>> some help debugging this.
>> I am running Red Hat Enterprise 5 everywhere. I have a feeling that  
>> one
>> of my problems is that RHEL5 isn't set up to run ssh from inetd. I
>> looked into that but couldn't actually get it to work. However, I  
>> wasn't
>> too bothered - I don't insist on running it through inetd. Unless SGE
>> insist on it? I've tried setting the daemon to not use the "-i"  
>> flag to
>> sshd, or run sshd without daemonising it; but no luck.
>> Could someone shed some light on to what the Grid Engine is actually
>> trying to do? Is it simply running the command that I enter as the
>> qlogin_daemon (qrsh_daemon etc)?
> Yes, you also have to enter -X -Y there for the *_command for X11  
> forwarding, except it's already defined in /etc/ssh/ssh_config or  
> user's ~/.ssh/config

Sorry, might've gotten confusing here. In this first instance I'd be 
quite happy to get a login. My problem is that it doesn't work at all. 
(I mean even if the X forwarding fails, I should just get a 
shell/prompt/something like that, or not?)

>> And if yes, what user does it run this
>> as? That sort of thing.
> The process tree you can check with:
> ps -e f -o user,ruser,command
> (f w/o -)

I know what process SGE runs as. I want to know what it would try to 
start the ssh process as. The user that wants to login, the user that 
SGE runs as; does it have setuid on something...? (This could very well 
be the user running SGE (sgeadmin) not being allowed to start sshd 
process.) Also, when trying this directly, I cannot run "sshd -i"; is 
this required to work, or can it be used without being run from inetd?



To unsubscribe from this discussion, e-mail: [users-unsubscribe at gridengine.sunsource.net].

More information about the gridengine-users mailing list