managing user accounts without NIS
Victor Ortega
vor+ at pitt.edu
Mon May 22 04:47:12 PDT 2000
On Sun, 21 May 2000, dwight wrote:
> Just using rsync per se might well subject you to a man-in-the-middle
> attack, or a spoofing attack. ssh/scp would be a better tool.
It's easy to set up rsync to use ssh instead of rsh, and I'm planning
to do that. I'll think about using Kerberos, but I've used it before
and I simply don't like it.
On Sun, 21 May 2000, Donald Becker wrote:
> An important element of Beowulf clusters is that they have a private,
> protected internal network. There is no possible spoofing attack.
> 'Ssh' imposes a large performance burden for its security.
It's true that beowulf clusters usually have a protected internal
network, but no cluster is impervious to attacks, so I'm implementing
security at every level. And as dwight has already pointed out, the
performance penalty of using ssh to distribute a shadow file is minor.
I like Greg Lindahl's idea of having all the slave nodes simply invoke
the passwd command on the head node, and then have the head node
distribute the shadow file to all nodes. This also ensures that the
scenario of having two users changing their passwords on different
nodes at exactly the same time will be handled correctly (thanks to
Tom Haynes for pointing that out). Now I have to consider the choice
between having a cron job running rsync every minute (which would be
more secure) or having a wrapper to passwd on the head node which will
invoke rsync on a successful password change (which would be more
efficient). I have to look into PAM more closely to see what I can do
with it.
Thanks to all of you for your comments and advice!
Victor
More information about the Beowulf
mailing list