rsh
Josip Loncaric
josip at lanl.gov
Wed Sep 24 13:28:27 EDT 2003
Jakob Oestergaard wrote:
> On Tue, Sep 23, 2003 at 08:32:03PM -0400, Robert G. Brown wrote:
> ...
>
>>The issue can also be avoided (as Josip notes) by using LAM or PVM,
>>which spawn a daemon via ssh but subsequently start tasks without any
>>shell-level overhead at all.
>
>
> A fair guess would be, that this connection/communication is not
> encrypted or strongly authenticated in any way.
Correct.
> The resulting security benefit of SSH being null and void.
> [...]
> For internal systems, I am fully aware that since I run NFS, NIS, and
> some clustering services anyway, running SSH would buy me *zero*
> security.
Yes. Inside a cluster contained in a locked computer room, you've got
physical network security, so SSH overhead is not necessary.
> I use SSH for anything with an 'outside' connection. Typically, SSH will
> even be firewalled so that only a few select machines can connect to
> even that service.
A wise policy. Outside connections need SSH. However, in most cases
you do not want to parallelize across outside connections, because they
tend to be slow.
Since nobody I know parallelizes across outside connections, SSH simply
does not get involved in parallel runs. LAM damons are just fine
internally. However, cluster access from the outside is usually
restricted to SSH w/X forwarding.
Sincerely,
Josip
_______________________________________________
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
More information about the Beowulf
mailing list