2009/9/11 Stuart Barkley <stua...@4gh.net>: > > - Each user creates a password-less ssh private key, puts the public > key in the authorized_hosts file and has relatively unfettered ssh > access between nodes (nfs shared home directory helps a lot). This > seems to be the most common approach. It is end-user setup/training > intensive (I suppose it could be automated/audited). I consider it > dangerous to encourage use of password-less ssh keys.
Yes, I would agree this is the most common approach. You can automate it by having a script which runs when you first login to the cluster (Oscar does this). You can also use shosts trusts. A script which loops through cluster nodes and runs an ssh-keyscan is useful. Re. security its the armadillo principle - hard on the outside, soft on the inside. _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
