[Beowulf] password-less "rsh"
landman at scalableinformatics.com
Fri Jul 29 19:44:15 PDT 2005
Pete Nevill wrote:
> I am trying to put a cluster together but seem to have fallen at the
> first hurdle. A key part of the cluster set up is for the master node to
> be able to communicate and run processes on the slave nodes. One way I
> have seen to do this is to use the "rsh" command. Unfortunately I am
> unable to get this to work in a "password-less" way, actually cannot
> connect one node to the other using "rsh" without getting a connection
> refused or unable to authenticate
> "Trying krb4 rlogin...
> krb_sendauth failed: You have no tickets cached"
> Security is not an issues as none of the nodes will not be connected to
> the Internet. only the master node for which the slave nodes do not need
> to logon to. I have change "disabled = no" in the /etc/xinted.d/rsh and
> telnet files. There is no firewall up, host.deny is empty and so is
> hosts.allow. I have added the machine names to .rhosts and hosts.equiv
> but still no joy. Any help or advice would be much appreciate. I am
> pulling my hair out over what should be a very simple thing.
You will need to make sure your pam configuration enables rhost
You will need this in your /etc/pam.d/rsh file
auth sufficient pam_rhosts_auth.so
and you will need to either add "rsh" to your /etc/securetty , or simply
remove that file. There are other good reasons to have the file, so you
might wish to go with adding it rather than removing it.
Then make sure your .rhosts are 600 mode
chmod 600 ~/.rhosts
Note: if you are trying to do this as root, you might need to use
auth required pam_rootok.so
in your /etc/pam.d/rsh as well.
Note: This is complex and painful to debug (many interacting systems).
If you use ssh, it is much simpler. You create a shared key
ssh-keygen -t dsa
(don't enter a passphrase for the key or you are going to run into
prompting issues, just press enter).
You will have a new key in ~/.ssh/id_dsa.pub . Copy this key to all the
machines you wish to log in to without passwords. Append it to the
~/.ssh/authorized_keys file. Now you should be able to log in w/o a
> P.S. I am using 2.6.11-1.1369_FC4
> Beowulf mailing list, Beowulf at beowulf.org
> To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web : http://www.scalableinformatics.com
phone: +1 734 786 8423
fax : +1 734 786 8452
cell : +1 734 612 4615
More information about the Beowulf