Re: ssh-vs-rsh benchmark result

To: Peter Cordes <peter@llama.nslug.ns.ca>
Cc: debian-beowulf@lists.debian.org
Subject: Re: ssh-vs-rsh benchmark result
From: Dale Southard <southard1@llnl.gov>
Date: 29 Aug 2002 16:59:08 -0700
Message-id: <[🔎] ub67ki9fc8j.fsf@zonker.llnl.gov>
In-reply-to: <[🔎] 20020829194901.GA23342@cordes.phys.dal.ca>
References: <[🔎] 20020826155030.3b5681b9.dancer@netfort.gr.jp> <[🔎] 20020826141248.GL73768@terizla.org> <[🔎] 20020827183710.5e22ef4f.dancer@netfort.gr.jp> <[🔎] 20020828150443.GC30967@dague.net> <[🔎] 20020828233256.GC13090@cordes.phys.dal.ca> <[🔎] ub6n0r58vo9.fsf@riptide.llnl.gov> <[🔎] 20020829194901.GA23342@cordes.phys.dal.ca>

Peter Cordes <peter@llama.nslug.ns.ca> writes:

> On Thu, Aug 29, 2002 at 09:41:10AM -0700, Dale Southard wrote:
> > Also, in some situations keypairs actually lower security.  Eg, on
> > ``control networks'' that are internal to a cluster, where more than
> > one sysadmin needs to do rootly things, it's arguably a little safer
> > to use rsh .hosts type authentication.  Using keypairs means either
> > sharing the private key password with every sysad, or using no
> > password.  In either case you'll run into the non revocable problem
> > when a sysadmin leaves.
> 
>  You can have more than one public key in an authorized_keys file, so each
> sysadmin can have their own private key.  You just have to remove it from
> all the authorized_keys files when they leave.  That should be as simple as
> grep -v key .ssh/authorized_keys > .ssh/new_ak
> mv -f .ssh/new_ak .ssh/authorized_keys
> (which you can run on all your machines with a for loop using ssh or rsh :)

Which doesn't actually revoke the key, it just removes it from the
list of keys ssh accepts.  This is no different than changing the list
of users in .rhosts or .shosts -- security will depend on maintenance
of a file (.ssh/authorized_keys) in the root account of all cluster
nodes.

If one tosses out keypairs and just uses the cluster hostnames in
root's .rhosts or .shosts, removing an admins' permission to
su/sudo/super to root is adequate without further file tweaking.

On small clusters with few admins, keypairs are probably preferred.
On large clusters with large admin teams, things may be different.

-- 

/*  Dale Southard Jr.  dsouth@llnl.gov  925-422-1463, fax 422-9429  */
/*  Computer Scientist, Accelerated Strategic Computing Initiative  */
/*  L-073,  Lawrence Livermore National Lab,  Livermore CA   94551  */
/*  AFF/I, SL/I, T/I, D-11216, Sr. Rig --- I'd rather be skydiving  */

Reply to:

References:
- ssh-vs-rsh benchmark result
  - From: Junichi Uekawa <dancer@netfort.gr.jp>
- Re: ssh-vs-rsh benchmark result
  - From: Rob Latham <rob@terizla.org>
- Re: ssh-vs-rsh benchmark result
  - From: Junichi Uekawa <dancer@netfort.gr.jp>
- Re: ssh-vs-rsh benchmark result
  - From: Sean Dague <sean@dague.net>
- Re: ssh-vs-rsh benchmark result
  - From: Peter Cordes <peter@llama.nslug.ns.ca>
- Re: ssh-vs-rsh benchmark result
  - From: Dale Southard <southard1@llnl.gov>
- Re: ssh-vs-rsh benchmark result
  - From: Peter Cordes <peter@llama.nslug.ns.ca>

Prev by Date: Re: ssh-vs-rsh benchmark result
Next by Date: Re: ssh-vs-rsh benchmark result
Previous by thread: Re: ssh-vs-rsh benchmark result
Next by thread: Re: ssh-vs-rsh benchmark result
Index(es):
- Date
- Thread