[Beowulf] SSH without login in nodes
Kilian CAVALOTTI
kilian at stanford.edu
Fri May 4 13:40:50 PDT 2007
Hi,
On Friday 04 May 2007 01:06:51 pm Peter St. John wrote:
> There was a typogrphical error in the question. I had a brief exchange
> with señor Gomez and he confirmed this translation:
>
> I am configuring a cluster with ssh (but without passwords) and
> currently the users can log in to compute nodes.
> I wish the clients to use the queue system (Torque, it works fine)
> without being able to access the compute nodes.
> In the past, we used rsh without allowing rlogin.
What you can do is configure PAM on the nodes, to only allow login for a
specific set of users, if any. It should come with any modern distro.
Be sure your /etc/pam.d/authconfig contains reference to pam_access, like:
account required /lib/security/$ISA/pam_access.so
And configure /etc/security/access.conf to match your needs, like:
# Allow administrative login from everywhere
+:wheel staff:ALL
# Prevent user logins
-:users:ALL
You can give a look at
http://www.informit.com/articles/article.asp?p=165226&seqNum=12&rl=1 for
more info.
Cheers,
--
Kilian
More information about the Beowulf
mailing list