node accounts

Jim Phillips jim at ks.uiuc.edu
Tue Sep 12 11:58:53 PDT 2000 

Hi,

I like NIS but we don't use it directly on our cluster because we use the
same network for parallel communication as for NIS, logins, etc.  When a
machine is saturating its network interface with parallel job
communications, logging in is slow enough, without requiring extra
communication to NIS to get basically static information.  The solution I
found for this (since the rest of our network uses NIS) is to set up a
cron script to copy data from NIS into local files once per hour.  That
way, information is found in /etc/passwd etc. and no additional queries
are required.  Our setup may be particularly sensitive to this effect
since they are two processor nodes and launching that second process via
rsh (ssh) while the first is loading via NSF is slow.  For other
applications which don't abuse the network as badly, this may not be as
much of an issue.

-Jim


On Tue, 12 Sep 2000, Peter Jay Salzman wrote:

> dear beowulf mailing list,
> 
> currently, when i change passwords, i have to go through this huge
> rigamarole of creating a local passwd/shadow and rdisting it to all the
> nodes.
> 
> needless to say, this is a huge waste of time and more complex than it ought
> to be.
> 
> i was thinking of using NIS on the nodes.  the NIS HOWTO mentions that using
> NIS with shadow is a big security risk since you lose the security of shadow
> passwords.  however, we're not too concerned with security among the nodes
> because the front end acts as a firewall:
> 
>                          /
>   --net---- front end ----  nodes
>                          \
> 
> and we've gotten rid of telnetd/ftpd/httpd on the front end, and implemented
> very restrictive tcp wrappers.  basically, only a few selected hosts are
> allowed to do anything with the front end.   we only use ssh to go in/out to
> the front end.
> 
> so here are my questions:
> 1- how do other beowulf admins manage accounts on nodes?   do other people
>    use NIS?  is there an alternative?
> 2- using NIS, can i share other useful files like /etc/group or the lamhosts
>    file?
> 
> this is on a beowulf on x86 architecture running linux.
> 
> thanks!
> pete
> 
> 
> _______________________________________________
> Beowulf mailing list
> Beowulf at beowulf.org
> http://www.beowulf.org/mailman/listinfo/beowulf
>

More information about the Beowulf mailing list