[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: [Linux-cluster] Testing a fence program



Title: RE: [Linux-cluster] Testing a fence program

It’s not really the ssh solution via keys that’s the problem, it’s allowing root to login via ssh that the problem.  That is strictly prohibited.  Xm destroying a host requires root access.  We cannot su  to xm destroy after we login as a non root user for obvious reasons.  Sudo is right out of the question in our environment.  I’m not even going to try to mix up GRSecurity RBAC policies and sudo policies, etc

 

 

 


From: linux-cluster-bounces redhat com [mailto:linux-cluster-bounces redhat com] On Behalf Of Patton, Matthew F, CTR, OSD-PA&E
Sent: Tuesday, August 22, 2006 1:52 PM
To: 'linux clustering'
Subject: RE: [Linux-cluster] Testing a fence program

 

Classification: UNCLASSIFIED

John Anderson wrote:

> Since my security department frowns strongly on authentication by ssh
> key

Can you elaborate on what their problems are? Is the security department staffed by the clueless?
Because the whole SOAP solution while downright creative, is so unnecessary.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]