[Beowulf] SSH without login in nodes
Chris Samuel
csamuel at vpac.org
Fri May 4 21:42:58 PDT 2007
On Sat, 5 May 2007, Peter St. John wrote:
> I am configuring a cluster with ssh (but without passwords) and currently
> the users can log in to compute nodes. I wish the clients to use the queue
> system (Torque, it works fine) without being able to access the compute
> nodes. In the past, we used rsh without allowing rlogin.
We use a very ugly hack (this was already in place when I arrived) which has
been very effective over the past few years at doing that and doesn't prevent
people using SSH based MPI launchers (though we don't recommend them being
used).
Basically it's just the following in /etc/profile on our compute nodes.
if echo $HOSTNAME | egrep -q '^node' ; then
if [ ! $PBS_ENVIRONMENT ];
then if [ $USER != "root" ];
then if [ "$GROUP" != "systems" ];
then exit;
fi;
fi;
fi;
fi;
How's that ?
cheers,
Chris
--
Christopher Samuel - (03)9925 4751 - VPAC Deputy Systems Manager
Victorian Partnership for Advanced Computing http://www.vpac.org/
Bldg 91, 110 Victoria Street, Carlton South, VIC 3053, Australia
More information about the Beowulf
mailing list