[Beowulf] Intra-cluster security

Nicholas M Glykos glykos at mbg.duth.gr
Sun Sep 13 02:46:47 PDT 2009

Hi Stuart,

> - Each user creates a password-less ssh private key, puts the public
> key in the authorized_hosts file and has relatively unfettered ssh
> access between nodes (nfs shared home directory helps a lot).  This
> seems to be the most common approach.  It is end-user setup/training
> intensive (I suppose it could be automated/audited). 

A quick note to say that in the case of the perceus/warewulf/slurm 
combination as distributed with CaosNSA, you not only get the automation 
you've mentioned, but you can also restrict user access to individual 
nodes (this is through a pam module for slurm that only allows ssh access 
to those nodes that a user has active jobs on).



          Dr Nicholas M. Glykos, Department of Molecular Biology
     and Genetics, Democritus University of Thrace, University Campus,
  Dragana, 68100 Alexandroupolis, Greece, Tel/Fax (office) +302551030620,
    Ext.77620, Tel (lab) +302551030615, http://utopia.duth.gr/~glykos/

More information about the Beowulf mailing list