Hi Fritz,
Purely theoretical and untested solution, but it may work to "cp
/usr/bin/sshd /usr/bin/sshd2" and then use that sshd2 binary to run an sshd
service on a different port, with a config limiting it to sftp only and a
`/etc/pam.d/sshd2` file that does not enforce pam_slurm_adopt. Downside i
Outside the context of slurm, you could add exceptions to
/etc/security/access.conf. This depends on where pam_access.so appears in
/etc/pam.d/sshd. I believe we’re using the config recommended in the
pam_slurm_adopt documentation. There are a number of caveats: you need system
root to configur
If it's on specific nodes *for specific users*, you could allow them to
log in to those nodes? As in, add them to the exception list in
pam_slurm_adopt.
Tina
On 12/07/2022 07:56, Jake Jellinek wrote:
I cannot think of any way to do this within the Slurm configuration
I would solve this by ha