[Beowulf] password-less "rsh"

Joe Landman landman at scalableinformatics.com
Fri Jul 29 19:44:15 PDT 2005 

Hi Pete

Pete Nevill wrote:
> I am trying to put a cluster together but seem to have fallen at the
> first hurdle. A key part of the cluster set up is for the master node to
> be able to communicate and run processes on the slave nodes. One way I
> have seen to do this is to use the "rsh" command. Unfortunately I am
> unable to get this to work in a "password-less" way, actually cannot
> connect one node to the other using "rsh" without getting a connection
> refused or unable to authenticate 
> "Trying krb4 rlogin...
> krb_sendauth failed: You have no tickets cached"
> 
> Security is not an issues as none of the nodes will not be connected to
> the Internet. only the master node for which the slave nodes do not need
> to logon to. I have change "disabled = no" in the /etc/xinted.d/rsh and
> telnet files. There is no firewall up, host.deny is empty and so is
> hosts.allow. I have added the machine names to .rhosts and hosts.equiv
> but still no joy. Any help or advice would be much appreciate. I am
> pulling my hair out over what should be a very simple thing.

You will need to make sure your pam configuration enables rhost 
authentication.

You will need this in your /etc/pam.d/rsh file

	auth       sufficient	pam_rhosts_auth.so

and you will need to either add "rsh" to your /etc/securetty , or simply 
remove that file.  There are other good reasons to have the file, so you 
might wish to go with adding it rather than removing it.

Then make sure your .rhosts are 600 mode

	chmod 600 ~/.rhosts

Note:  if you are trying to do this as root, you might need to use

	auth       required	pam_rootok.so

in your /etc/pam.d/rsh as well.

Note:  This is complex and painful to debug (many interacting systems). 
  If you use ssh, it is much simpler.  You create a shared key

	ssh-keygen -t dsa

(don't enter a passphrase for the key or you are going to run into 
prompting issues, just press enter).

You will have a new key in ~/.ssh/id_dsa.pub .  Copy this key to all the 
machines you wish to log in to without passwords.  Append it to the 
~/.ssh/authorized_keys file.  Now you should be able to log in w/o a 
password.

> 
> Thanks,
> 
> Pete.
> P.S. I am using 2.6.11-1.1369_FC4
> 
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org
> To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf

-- 
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web  : http://www.scalableinformatics.com
phone: +1 734 786 8423
fax  : +1 734 786 8452
cell : +1 734 612 4615

More information about the Beowulf mailing list