[Beowulf] High Performance SSH/SCP

Prentice Bisbal prentice at ias.edu
Fri Feb 15 13:54:41 PST 2008

Hash: SHA1

Mark Kosmowski wrote:
>     Robert G. Brown wrote:
>     >  Rsh "and" anything else is difficulty squared,
>     > and kerberos isn't the universally implemented tool it was a
>     decade ago,
>     > largely superceded by ssh and/or ssl connections.  So finding
>     experts to
>     > help you make it work if you're a newbie isn't going to be that easy.
>     I don't think there's anything difficult about setting up rsh, ssh or
>     kerberos for anyone who know how to read a manual. A newbie shouldn't be
>     setting up a cluster in the first place. That's advanced kung-fu best
>     left to the black belts. Letting a neophyte build and run an HPC cluster
>     is some kind of oxymoron.
>     Yes, I know that professors usually tell some green graduate student to
>     go build a cluster for the dept, but that's a completely different topic
>     outside the scope of this list...
> I'm either not as much of a newbie / neophyte as I think I am or I
> missed the memo about this list being for pro's only.
> As far as the scope of this list, as clustering becomes more and more
> prolific, there are going to be more and more newbies.  This list is,
> like it or not, one of the "franchise" clustering information portals. 
> When I was first building my first (and only) personal cluster I stopped
> by here and at ClusterMonkey primarily to get my feet wet.  Most of the
> things were (and, frankly, still are) quite above my head, but I was
> made aware of many other resources and things to think about - this
> increased understanding is helpful even if I don't implement many of the
> ideas dicussed here.  The end result is a functioning cluster - mayhps
> not nearly as elegant as many of the clusters many of the others on the
> list maintain, but I get data nonetheless.
> I think it would be a disservice to the community to turn away cluster
> newbies from this list.  At the very least encouragement and resource
> links should be provided.  Appropriately experienced list members with a
> bit of time are also free to take discussions off to private email if
> that is more appropriate than the list in general.  After all, the world
> is replete with examples of complete newbie's coming up with ideas to
> revolutionize the fields to which they are new.
> Mark Kosmowski

Let me rephrase my response to RGB's statement:

I think the difficulties of setting up rsh/ssh/and kerberos are greatly
exaggerated. SSH usually works out of the box, except for the
password-less login that requires generating keys. That part is
relatively simple, and is documented all over the web.

4 years ago, I set up kerberos for the very first time, without any
prior experience. I read through the relevant chapters of the O' Reilly
Kerberos book and had it up and running in only a couple of days. Most
of that time was spent reading. I disagree with RGB's equation

rsh + anything = (difficulty)^2

I found that once kerberos is set up, using kerberized rsh is
essentially invisible, therefore

rsh + kerberos = difficulty

which is a first-order relationship.

If anything, setting up rsh is the most difficult one. Why? Since rsh is
so insecure, the distro producers/vendors have created many hurdle you
must hop to get it working (correct file and owner permissions, etc.)

- --
Prentice Bisbal
Linux Software Support Specialist/System Administrator
School of Natural Sciences
Institute for Advanced Study
Princeton, NJ
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org


More information about the Beowulf mailing list