TWiki> Computing Web>LocalGridTopics>LocalGridBBssh (19 Jan 2010, _47C_61UK_47O_61eScience_47OU_61Birmingham_47L_61ParticlePhysics_47CN_61lawrence_32lowe? ) EditAttach

How BlueBEAR grid workers use ssh

Grid workers run under Torque and this uses the ssh protocol to copy files from the CE to the worker during the job stage-in process, and to copy standard output/error files back to the CE at the end of the job.

Usually grid workers use host-based-authentication to allow them to copy from/to the CE. That is, the CE trusts each worker and knows their public host keys.

BB grid workers are on a private network, behind a NAT router/firewall. So the normal sort of host-based-authentication that grid-workers use is inappropriate.

Instead, on BB, each grid userid has its own ssh key pair in the usual $HOME/.ssh directory. A backup copy of this ssh key pair can be found on BB at /egee/skel/. This allows restore in the case of accidental erasure by the grid user, without having to re-generate the keys.

All the public keys are kept in a single authorized-keys file on the corresponding CE in the /etc/ssh/extra directory. This directory is private for security reasons.

-- LawrenceLowe - 22 Dec 2009

Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r2 - 19 Jan 2010 - _47C_61UK_47O_61eScience_47OU_61Birmingham_47L_61ParticlePhysics_47CN_61lawrence_32lowe?
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback