1 |
Awesome find Eric! I didn't even notice that before. I still have a |
2 |
bunch of stuff that I need to pin down but everything appears to be |
3 |
completely built. SGE needs tested and such. Hopefully tomorrow. (I |
4 |
still don't know why PDSH isn't in the stinking portage tree! Its the |
5 |
coolest program for clusters ever and its not there!) |
6 |
|
7 |
Anyways, to the point. I got RSH working. Jury is still out on SSH |
8 |
but our users already have shared keys so that is a patch job |
9 |
solution for the time being. |
10 |
|
11 |
First thing about getting RSH working is to not listen to anybody on |
12 |
the net. Everybody wants to tell you the wrong way to do it =) |
13 |
|
14 |
Start by adding "only_from += 192.168.0.0/16" in /etc/xinetd.conf |
15 |
after the other only_from line. |
16 |
Then change "disable = yes" to "disable = no" in /etc/xinetd.d/ |
17 |
{rsh,rexec,rlogin}. |
18 |
|
19 |
Change the following files: /etc/pam.d/rsh |
20 |
#%PAM-1.0 |
21 |
# For root login to succeed here with pam_securetty, "rsh" must be |
22 |
# listed in /etc/securetty. |
23 |
auth required pam_nologin.so |
24 |
auth required pam_securetty.so |
25 |
auth optional pam_env.so |
26 |
|
27 |
# Uncomment this and comment the following to use rhosts_auth module |
28 |
auth required pam_rhosts_auth.so |
29 |
#auth include system-auth |
30 |
|
31 |
account include system-auth |
32 |
session include system-auth |
33 |
|
34 |
/etc/pam.d/rlogin: |
35 |
#%PAM-1.0 |
36 |
# For root login to succeed here with pam_securetty, "rlogin" must be |
37 |
# listed in /etc/securetty. |
38 |
auth required pam_nologin.so |
39 |
auth required pam_securetty.so |
40 |
auth required pam_env.so |
41 |
auth sufficient pam_rhosts_auth.so |
42 |
auth include system-auth |
43 |
account include system-auth |
44 |
password include system-auth |
45 |
session include system-auth |
46 |
|
47 |
/etc/pam.d/rexec |
48 |
#%PAM-1.0 |
49 |
# For root login to succeed here with pam_securetty, "rexec" must be |
50 |
# listed in /etc/securetty. |
51 |
auth required pam_nologin.so |
52 |
auth required pam_securetty.so |
53 |
auth optional pam_env.so |
54 |
auth required pam_rhosts_auth.so |
55 |
auth include system-auth |
56 |
account include system-auth |
57 |
session include system-auth |
58 |
|
59 |
|
60 |
|
61 |
Now edit /etc/hosts.equiv and add the hosts you want people to |
62 |
connect from. I had to add ip addresses here for some reason. Once |
63 |
you have that setup you can copy that file to /root/.rhosts |
64 |
|
65 |
Now you just need to add rsh, rlogin, and rexec to /etc/securetty |
66 |
(all on there own lines) and you should be set. |
67 |
|
68 |
|
69 |
|
70 |
|
71 |
|
72 |
|
73 |
|
74 |
On Nov 14, 2005, at 8:46 PM, Eric Thibodeau wrote: |
75 |
|
76 |
> Brady, I just happened to have to look into the lam-mpi ebuild and |
77 |
> here is something you might find interesting: |
78 |
> |
79 |
> |
80 |
> if use crypt; then |
81 |
> |
82 |
> myconf="${myconf} --with-rsh=ssh" |
83 |
> |
84 |
> else |
85 |
> |
86 |
> myconf="${myconf} --with-rsh=rsh" |
87 |
> |
88 |
> fi |
89 |
> |
90 |
> |
91 |
> This is from lam-mpi-7.1.1-r3.ebuild .. so you'll have to decide |
92 |
> wether you want crypt (ssh) or not (rsh)....that might have been |
93 |
> the root cause of some of your headaches. |
94 |
> |
95 |
> |
96 |
> Le 13 Novembre 2005 07:37, Brady Catherman a écrit : |
97 |
> |
98 |
> > Has anybody been been able to get RSH and SSH working password less? |
99 |
> |
100 |
> > We are trying to convert our cluster to Gentoo but can't get |
101 |
> password |
102 |
> |
103 |
> > less authentication working at all. We used our normal RedHat |
104 |
> |
105 |
> > oriented methods but hat just mad things ten times worse. |
106 |
> |
107 |
> > |
108 |
> |
109 |
> > So, if you have a web page that actually CLEARLY documents a WORKING |
110 |
> |
111 |
> > method please let me know =) |
112 |
> |
113 |
> > |
114 |
> |
115 |
> > Thanks for an help you are able to offer. |
116 |
> |
117 |
> |
118 |
> -- |
119 |
> |
120 |
> Eric Thibodeau |
121 |
> |
122 |
> Neural Bucket Solutions Inc. |
123 |
> |
124 |
> T. (514) 736-1436 |
125 |
> |
126 |
> C. (514) 710-0517 |
127 |
> |
128 |
|
129 |
|
130 |
-- |
131 |
gentoo-cluster@g.o mailing list |