OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Lengyel, Florian (FLENGYELgc.cuny.edu)
Date: Mon Nov 26 2001 - 21:56:57 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I had two unreachable name servers in resolv.conf. This was especially
    brilliant, since they were written into my kickstart configuration files for
    the nodes. Removing the unreacable DNS servers made all the difference.

    Thank you thank you.

    Many happy carriage returns,
    F. Lengyel

    -----Original Message-----
    From: The Big Guy [mailto:HotShitRingBurn.com]
    Sent: Monday, November 26, 2001 7:4 2 PM
    To: Lengyel, Florian
    Subject: Re: Astronomically slow rsh/rlogin

    Yes, that sounds like a name problem .. add an entry into /etc/hosts on
    the nodes for the DELL Controller ... that should do the trick. If not,
    check
    out your /etc/resolv.conf for missing/down name servers and/or a bad
    entry for that IP ... I'd say its just not reverse lookup-able, tho ..

    let me know.

      ----- Original Message -----
    >From: "Lengyel, Florian" <FLENGYELgc.cuny.edu>
    >To: "'pam-listredhat.com'" <pam-listredhat.com>
    >Subject: Astronomically slow rsh/rlogin
    >Date: Mon, 26 Nov 2001 22:04:25 -0500
    >
    > Hi,
    >
    > I have a cluster that--please bear with me--requires the use of root rsh
    and
    > rlogin. These are instantaneous from the nodes (30 dual Pentium III 933
    MHz
    > Dell 1150's to the controller (a dell poweredge 4400), but S L O W from
    the
    > controller to any one of the nodes. All machines are interconnected
    through
    > a 100mb switch, and all machines run RedHat LINUX 7.1. The nodes are
    on
    > their own separate network, with the controller provided with a gateway
    for
    > that network.
    >
    > For the rlogin/rsh business, I added rsh,rexec,and rlogin to securetty and
    > modified /etc/pam.d/rsh (rlogin, rexec) as follows, so that rsh (rlogin,
    > rexec) would allow root login:
    >
    > #auth required /lib/security/pam_securetty.so
    > auth requisite /lib/security/pam_securetty.so
    >
    > But, ladies and gentlemen, it's abysmally slow in one direction, and fast
    in
    > the opposite direction. What further information do I need to provide you?
    >
    > I know I SHOULD be using SSH--I'm not in a position to experiment to
    > determine Platform Computing's LSF's interoperability with SSH; I'd like
    to
    > get this to work, and then I'll do the right thing. Also, I'm going in for
    > surgery on Wednesday, so go easy on me.
    >
    > Regards,
    > F. Lengyel
    >
    > -----Original Message-----
    > From: Johnson, Paul [mailto:Paul.Johnsonmarconi.com]
    > Sent: Thursday, November 22, 2001 5:54 AM
    > To: 'pam-listredhat.com'
    > Subject: RE: authentication proxy?
    >
    >
    > I spent some time looking for something like this. Unfortunately I
    could'nt
    > find anything.
    >
    > I agree it would be very handy to have. In addition to your application
    > (which is an interesting one that had not occured to me) you could also
    have
    > the connection over the network, allowing for one single sophisticated
    > authentication engine on a central server and lots of slaves hanging off
    it.
    > I could really have done with that recently, for various complicated
    > reasons.
    >
    > There would need to be a secure link between client and server, but as far
    > as I can see this would only need ssh to do: it has a mode where you can
    set
    > up a Unix socket at the client end which ends up talking to a daemon at
    the
    > server end. Any protocol can then be tunneled through it. So that would
    > take care of security.
    >
    > Paul.
    >
    > > -----Original Message-----
    > > From: Helge Bahmann [mailto:bahmannmath.tu-freiberg.de]
    >
    > > I have an application supporting pam, but it is running with
    > > insufficient
    > > privileges to do authentication against the system (shadow) password
    > > database. The application is not designed to run with
    > > elevated privileges
    > > [...]my
    > > idea is to have a small local "authentication proxy" with sufficient
    > > privileges to do the authentication, communicating with the
    > > application
    > > through unix domain sockets or similiar.
    >
    >
    >
    >
    >
    > _______________________________________________
    > Pam-list mailing list
    > Pam-listredhat.com
    > https://listman.redhat.com/mailman/listinfo/pam-list
    >
    >
    >
    > _______________________________________________
    > Pam-list mailing list
    > Pam-listredhat.com
    > https://listman.redhat.com/mailman/listinfo/pam-list
    > 

    --
RingBurn.com
"Where there's smoke, there's fire"

    _______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://listman.redhat.com/mailman/listinfo/pam-list