Hi Tina, Do you know how I would do what you suggested?
*Fritz Ratnasamy* Data Scientist Information Technology The University of Chicago Booth School of Business 5807 S. Woodlawn Chicago, Illinois 60637 Phone: +(1) 773-834-4556 On Tue, Jul 12, 2022 at 3:27 AM Tina Friedrich <tina.friedr...@it.ox.ac.uk> wrote: > If it's on specific nodes *for specific users*, you could allow them to > log in to those nodes? As in, add them to the exception list in > pam_slurm_adopt. > > Tina > > On 12/07/2022 07:56, Jake Jellinek wrote: > > I cannot think of any way to do this within the Slurm configuration > > > > I would solve this by having a wrapper run at boot time which started a > > new sshd process on a different port which you secured (ie only that > > user could connect) and then start this as part of your boot time scripts > > If your script was started on one of your ‘special’ machines, start the > > second instance of sshd…..if not, do nothing > > > > Hope that helps > > > >> On 12 Jul 2022, at 05:53, Ratnasamy, Fritz > >> <fritz.ratnas...@chicagobooth.edu> wrote: > >> > >> > >> Hello, > >> > >> Currently, our cluster does not allow ssh to compute nodes for users > >> unless they have > >> a running job on that compute node. I believe a system admin has set > >> up a PAM module > >> that does the block. Whn trying ssh, this is the message returned: > >> Access denied by pam_slurm_adopt: you have no active jobs on this node > >> Connection closed by 10.135.242.188 port 22 > >> > >> However, we would like to allow sftp on a specific compute node for > >> specific users. > >> Any idea on how to do that? > >> Thanks, > >> > >> > >> *Fritz Ratnasamy* > >> > >> Data Scientist > >> > >> Information Technology > >> > >> The University of Chicago > >> > >> Booth School of Business > >> > >> 5807 S. Woodlawn > >> > >> Chicago,Illinois60637 > >> > >> Phone: +(1) 773-834-4556 > >> > > -- > Tina Friedrich, Advanced Research Computing Snr HPC Systems Administrator > > Research Computing and Support Services > IT Services, University of Oxford > http://www.arc.ox.ac.uk http://www.it.ox.ac.uk > > CAUTION: This email has originated outside of University email systems. > Please do not click links or open attachments unless you recognize the > sender and trust the contents as safe. > >
