No subject
Thu Jun 12 22:07:40 PDT 2014
#%PAM-1.0
# For root login to succeed here with pam_securetty, "rsh" must be
# listed in /etc/securetty.
auth required /lib/security/pam_nologin.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_env.so
auth required /lib/security/pam_rhosts_auth.so
...
Thus, the "rsh" string in /etc/securetty is only required for allowing
root rsh access. For all other users it is sufficient to
1) setup /etc/hosts.equiv
2) change the pam_rhosts_auth line in /etc/pam.d/rsh to
auth sufficient /lib/security/pam_rhosts_auth.so
3) enable rsh in /etc/xinetd.d/rsh
4) allow you private cluster network through the firewall, e.g.,
-A input -s 0/0 -d 0/0 -i eth1 -j ACCEPT
in /etc/sysconfig/ipchains assuming that eth1 is the interface to
the private network of the cluster nodes.
For root to succeed you can either add "rsh" to /etc/securetty
(which is what I do, but only on the nodes on the private network,
not on the main node that has an interface to the world) or remove
the pam_securetty.so line in /etc/pam.d/rsh.
Martin
========================================================================
Martin Siegert
Academic Computing Services phone: (604) 291-4691
Simon Fraser University fax: (604) 291-4242
Burnaby, British Columbia email: siegert at sfu.ca
Canada V5A 1S6
========================================================================
More information about the Beowulf
mailing list