Something else that should of course be a given, the /etc/passwd and
/etc/shadow files should be synced to your compute nodes that users are
accessing. I do this via the standard xCAT syncfiles method. Whenever a
new user is added I just add them to the MN, then run "updatenode
compute -F" to push the new passwd and shadow files across.
You can restrict your users ability to login to the management node via
the MN's DenyUsers option in the standard SSHD config.
On 1/22/2014 12:06 PM, Jonathan Hermann wrote:
Thanks, Jarrod - so ssh for common users IS possible in xCAT environments.
Might be that we screwed something up by installing some pam module.
Mit freundlichen Grüßen / Kind regards
Jonathan (Nathan) Hermann
IT Specialist
Global Technology Services / Data Center Services
Mobile: +49-160-98976942 IBM Allee 1
E-mail: jonathan.herm...@de.ibm.com
Ehningen, 71139
Germany
IBM Deutschland Infrastructure Technology Services GmbH
Geschäftsführung: Ulrike Hetzel
Sitz der Gesellschaft: Ehningen
Registergericht: Amtsgericht Stuttgart, HRB 727973
From: Jarrod B Johnson <jbjoh...@us.ibm.com>
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>,
Date: 22.01.2014 17:53
Subject: Re: [xcat-user] passwordless ssh for common users between nodes
Correct, should be a simple case of:
<running as intended user>
ssh-keygen -b 2048
cat ~/.ssh/id_rsa.pb >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
For a shared home directory setup. It's the reason why we haven't bothered
getting in the business of user key management because *usually* it's that
straightforward...
(Embedded image moved to file: pic59369.gif)Inactive hide details for
Jonathan Hermann ---01/22/2014 11:32:33 AM---Hi all, we've got the
situation that some users need pasJonathan Hermann ---01/22/2014 11:32:33
AM---Hi all, we've got the situation that some users need passwordless ssh
between
From: Jonathan Hermann <jonathan.herm...@de.ibm.com>
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
Date: 01/22/2014 11:32 AM
Subject: [xcat-user] passwordless ssh for common users between nodes
Hi all,
we've got the situation that some users need passwordless ssh between
compute nodes. Management node is running PCM 4.1.1.1 with xCAT 2.8.2
underneath.
Since it's a comparably small cluster and only few users, they are
administered locally via /etc/passwd on the MN. /home is exported via NFS
and mounted on the CNs. It is possible for a user to log in via ssh on the
MN. However, the same user cannot connect to any CN, neither with password
nor without.
What has to be done to make login on the CNs possible for common users? And
if this works, I assume passwordless login should be possible if the public
key is included in ~/.ssh/authorized_keys with permission 600, is that
correct?
Mit freundlichen Grüßen / Kind regards
Jonathan (Nathan) Hermann
IT Specialist
Global Technology Services / Data Center Services
Mobile: +49-160-98976942
IBM Allee 1
E-mail: jonathan.herm...@de.ibm.com
Ehningen, 71139
Germany
IBM Deutschland Infrastructure Technology Services GmbH
Geschäftsführung: Ulrike Hetzel
Sitz der Gesellschaft: Ehningen
Registergericht: Amtsgericht Stuttgart, HRB 727973
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
