Empty passwords vs ssh-agent?

Trent Piepho xyzzy at speakeasy.org
Fri Jul 18 17:10:45 EDT 2003


On Fri, 18 Jul 2003, Dale Harris wrote:
> On Fri, Jul 18, 2003 at 12:04:52PM -0700, John Harrop elucidated:
> > I'm currently switching our system from using r-commands to ssh.  We
> > have a fairly small system with 27 nodes.  The only two options I can
> > see with ssh are empty passwords and ssh-agent.  The first looks like it

You can use RSA host based authentication.  This is the same style as the r
commands, except instead of only using what the remote host claims as its IP
address, a RSA/DSA key check is done.  This way you can do non-interactive ssh
just among your cluster nodes, but still have passwords for extra-cluster
connections.

ssh-agent also works well.  Users can start the agent once and leave it
running, only having to type in their password once per reboot.

A nifty thing would be if login could check for ssh-agent, and if it finds
one, setup the env variables (already can be done from the shell dot-files). 
If it doesn't find one, it starts it and runs ssh-add using the password
supplied for login. 

_______________________________________________
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf



More information about the Beowulf mailing list