I'm looking for recommendations for 1 48 port, or two stacked 24 port,
switches for desktop users.
The aim is to bond 2xgigabit connections. I would have normally first
thought Nortel for this job.
Thoughts?
Secondly, do folks here have much experience of 10gig to the desktop?
Distance is a bit to
Leif Nixon wrote:
Joe Landman writes:
I won't fisk this, other than to note most of the exploits we have
cleaned up for our customers, have been windows based attack vectors.
Contrary to the implication here, the ssh-key attack vector, while a
risk, isn't nearly as dangerous as others, in acti
Stuart Barkley wrote:
> - Each user
Very dangerous way to say it. Ideally you do everything possible to
minimize the work of the user, that way they can't get it wrong.
> creates a password-less ssh private key, puts the public
I'm a fan of password-less private keys. Before the screaming beg
Joe Landman writes:
> I won't fisk this, other than to note most of the exploits we have
> cleaned up for our customers, have been windows based attack vectors.
> Contrary to the implication here, the ssh-key attack vector, while a
> risk, isn't nearly as dangerous as others, in active use, out t
Ashley Pittman wrote:
> On Sat, 2009-09-12 at 10:10 -0500, Rahul Nabar wrote:
>
>> *A distribution of file age and prevelance (to know how much of this
>> material is archivable). Same for frequency of access; i.e. maybe the last
>> access stamp.
>>
>
> I thought access stamps were a thing
Am 13.09.2009 um 12:31 schrieb Leif Nixon:
This is the way to go. All our systems are set up this way. Works just
fine. You just need a mechanism for maintaining host keys and
ssh_known_hosts. (And remember that this doesn't work for root - you
need separately set up ~root/.shosts and ~root/.ss
I started writing a long response to this, decrying security theatre in
the face of real issues, but thought better of it. Much shorter version
with free advice.
Leif Nixon wrote:
Stuart Barkley writes:
- Kerberos with ssh works fine for interactive users, but doesn't seem
to translate wel
Hi,
Am 11.09.2009 um 21:39 schrieb Stuart Barkley:
We are working with a couple small clusters (6-8 nodes) and will soon
be working with some much larger cluster/supercomputer systems. We
are currently using SGE 6.2 for job queuing. We use kerberos for
authentication and ssh for system access
On Sat, 2009-09-12 at 10:10 -0500, Rahul Nabar wrote:
> *A distribution of file age and prevelance (to know how much of this
> material is archivable). Same for frequency of access; i.e. maybe the last
> access stamp.
I thought access stamps were a thing of the past and everyone ran with
"noatime"
Stuart Barkley writes:
> - Kerberos with ssh works fine for interactive users, but doesn't seem
> to translate well to a queuing environment. Or am I missing
> something?
It's quite possible to use, but you do get a ticket expiry problem.
> - Each user creates a password-less ssh private key,
Hi Stuart,
> - Each user creates a password-less ssh private key, puts the public
> key in the authorized_hosts file and has relatively unfettered ssh
> access between nodes (nfs shared home directory helps a lot). This
> seems to be the most common approach. It is end-user setup/training
> in
2009/9/11 Stuart Barkley :
>
> - Each user creates a password-less ssh private key, puts the public
> key in the authorized_hosts file and has relatively unfettered ssh
> access between nodes (nfs shared home directory helps a lot). This
> seems to be the most common approach. It is end-user setu
12 matches
Mail list logo
