[Beowulf] Re:passwordless rsh/ssh
Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.
Donald Kinghorn kinghorn at pqs-chem.comThu Jun 23 08:10:42 PDT 2005
- Previous message: [Beowulf] Shared memory
- Next message: [Beowulf] Shared memory
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
... you usually have to change a line in /etc/pam.d/rlogin to;
auth sufficient pam_securetty.so
by default it will be set to "required".
rsh and rlogin are usually under xinetd control so you also need to add the -h
flag on the server startup line to allow root rsh.
You should also restrict rsh and rlogin to your local cluster subnet with the
"only_from" option.
Here's my rsh file in /etc/xinet.d
service shell
{
socket_type = stream
protocol = tcp
flags = NAMEINARGS
wait = no
user = root
group = root
log_on_success += USERID
log_on_failure += USERID
only_from = 192.168.1.0/24
server = /usr/sbin/tcpd
server_args = /usr/sbin/in.rshd -haL
disable = no
}
You could also put restrictions in /etc/hosts.allow and deny since xinetd will
use tcp wrappers if it's configured
Best wishes
-Don
--
Dr. Donald B. Kinghorn Parallel Quantum Solutions LLC
http://www.pqs-chem.com
- Previous message: [Beowulf] Shared memory
- Next message: [Beowulf] Shared memory
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Beowulf mailing list