[Beowulf] A careful exploit?
Robert G. Brown
rgb at phy.duke.edu
Thu Jun 13 18:26:51 PDT 2019
On Thu, 13 Jun 2019, J?rg Sa?mannshausen wrote:
> Dear all,
>
> why port 23? Was that a typo and you mean port 22 (ssh)?
Uh, Oops? I knew that...;-)
rgb
>
> All the best
>
> J?rg
>
> Am Donnerstag, 13. Juni 2019, 11:09:21 BST schrieb Robert G. Brown:
>> On Thu, 13 Jun 2019, Jonathan Engwall wrote:
>> > It was an actual machine I could ping but I could not connect. It was
>> > there
>> > at start up.
>>
>> If it is an actual machine, hang a console on it and see what is
>> happening. If you can ping it, its network is up. But to be able to
>> connect to it, you have to have a bunch of stuff configured to allow
>> connection. These problems all live at a higher level than the physical
>> transport levels.
>>
>> Personally, I'd start by killing selinux, as it is notorious for
>> nearly randomly deciding that this or that connection is not secure and
>> blocking it with no (EXTERNAL) warning -- it would show up in logs. If
>> you prefer, master selinux and figure out how to configure it for the
>> specific ports you are trying to connect to. Then I'd check the
>> firewall. Are you trying to ssh in? Make sure that port 23 is open and
>> not firewalled off in the default installation image. Then check
>> services. Are you trying to ssh in? Well, is sshd installed and
>> running? If it isn't, you have to install it, configure it, make sure
>> the firewall passes it, and make sure selinux isn't going to come in and
>> override the firewall and refuse to pass it after all. And so on, for
>> any port(s) you wish to access. Most linuxes these days install in a
>> default "secure" mode with no open ports and firewalled up pretty tight,
>> assuming that the installer is a normal human who has no idea how to
>> offer services or secure them, but if you run a cluster you really need
>> to be at least on the road to being an abnormal person who does.
>>
>> If you're trying to build a cluster that automagically installs with all
>> of this stuff up, well, then you'll need to read the manual(s) or
>> whatever documentation they provide to see what you didn't preconfigure
>> on the install host.
>>
>> Hopefully you're getting the idea that debugging networking problems
>> requires a) a pretty good knowledge of networking from the wire on up to
>> the network application; b) a pretty good knowledge of systems
>> administration and how to set up, start, manage, debug applications,
>> read logs (know where the logs are to read, for starters) etc; c) a very
>> patient and systematic approach. As Chris says, start at the wire up,
>> if it is wired, look at the wireless router tables of connected hosts if
>> it is wireless, etc. See if it pings. If it pings, see what's
>> wrong with the ports/services you're trying to connect to. Read logs.
>> Try experiments. Compare a working host to the one that isn't working.
>> Read the logs some more.
>>
>> It's all in there, if you know how to get it out.
>>
>> And again, if you really want our help, repost a DETAILED DESCRIPTION OF
>> WHAT IS WRONG. I'd wager 90% or more of the people on this list could
>> debug your problem from a sufficiently detailed description alone, but
>> so far we know next to nothing about what you are trying to do, what
>> your network looks like, what version of Linux (or other operating
>> system!) you are using, what tools you're talking about. I don't even
>> know if you are really trying to build or work with a cluster or are
>> just trying to figure out why ssh doesn't work out of the box on hosts
>> in an office.
>>
>> Details, please!
>>
>> rgb
>>
>> > On Tue, Jun 11, 2019, 9:49 PM Chris Samuel <chris at csamuel.org> wrote:
>> > On 11/6/19 8:18 pm, Robert G. Brown wrote:
>> > > * Are these real hosts, each with their own network interface
>> >
>> > (wired or
>> >
>> > > wireless), or are these virtual hosts?
>> >
>> > In addendum to RGB's excellent advice and questions I would add
>> > to this
>> > question the network engineers maxim of "start at layer 1 and
>> > work up".
>> >
>> > In other words, first check your physical connectivity and then
>> > head up
>> > the layers.
>> >
>> > Best of luck!
>> > Chris
>> > --
>> > ? Chris Samuel? :?https://urldefense.proofpoint.com/v2/url?u=http-3A__www.csamuel.org_-3F&d=DwIGaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=VjN6W5gT-iXGupU3t6I7tA&m=qcf76guaO9OvTiK0BV7Ncnz3Hu5sMxRc-ExyyUrj454&s=Ykkho6Cl2LYOA3cou50w8kkqkaJI__cLL8lTxGmNxiY&e= :?Berkeley, CA, USA
>> > _______________________________________________
>> > Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin
>> > Computing
>> > To change your subscription (digest mode or unsubscribe) visit
>> > https://urldefense.proofpoint.com/v2/url?u=https-3A__beowulf.org_cgi-2Dbin_mailman_listinfo_beowulf&d=DwIGaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=VjN6W5gT-iXGupU3t6I7tA&m=qcf76guaO9OvTiK0BV7Ncnz3Hu5sMxRc-ExyyUrj454&s=T2_p5GbsQwIDpskqrVSoSNnRtrw5y0S8egFRFujMQiQ&e=
>>
>> Robert G. Brown http://www.phy.duke.edu/~rgb/
>> Duke University Dept. of Physics, Box 90305
>> Durham, N.C. 27708-0305
>> Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb at phy.duke.edu
>>
>>
>> _______________________________________________
>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>> To change your subscription (digest mode or unsubscribe) visit
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__beowulf.org_cgi-2Dbin_mailman_listinfo_beowulf&d=DwIGaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=VjN6W5gT-iXGupU3t6I7tA&m=qcf76guaO9OvTiK0BV7Ncnz3Hu5sMxRc-ExyyUrj454&s=T2_p5GbsQwIDpskqrVSoSNnRtrw5y0S8egFRFujMQiQ&e=
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit https://urldefense.proofpoint.com/v2/url?u=https-3A__beowulf.org_cgi-2Dbin_mailman_listinfo_beowulf&d=DwIGaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=VjN6W5gT-iXGupU3t6I7tA&m=qcf76guaO9OvTiK0BV7Ncnz3Hu5sMxRc-ExyyUrj454&s=T2_p5GbsQwIDpskqrVSoSNnRtrw5y0S8egFRFujMQiQ&e=
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb at phy.duke.edu
More information about the Beowulf
mailing list