node accounts
Peter Jay Salzman
p at belial.ucdavis.edu
Tue Sep 12 09:06:49 PDT 2000
dear beowulf mailing list,
currently, when i change passwords, i have to go through this huge
rigamarole of creating a local passwd/shadow and rdisting it to all the
nodes.
needless to say, this is a huge waste of time and more complex than it ought
to be.
i was thinking of using NIS on the nodes. the NIS HOWTO mentions that using
NIS with shadow is a big security risk since you lose the security of shadow
passwords. however, we're not too concerned with security among the nodes
because the front end acts as a firewall:
/
--net---- front end ---- nodes
\
and we've gotten rid of telnetd/ftpd/httpd on the front end, and implemented
very restrictive tcp wrappers. basically, only a few selected hosts are
allowed to do anything with the front end. we only use ssh to go in/out to
the front end.
so here are my questions:
1- how do other beowulf admins manage accounts on nodes? do other people
use NIS? is there an alternative?
2- using NIS, can i share other useful files like /etc/group or the lamhosts
file?
this is on a beowulf on x86 architecture running linux.
thanks!
pete
More information about the Beowulf
mailing list