Hi Tina,
Do you know how I would do what you suggested?
*Fritz Ratnasamy*
Data Scientist
Information Technology
The University of Chicago
Booth School of Business
5807 S. Woodlawn
Chicago, Illinois 60637
Phone: +(1) 773-834-4556
On Tue, Jul 12, 2022 at 3:27 AM Tina Friedrich
wrote:
> I
Hi Fritz,
Purely theoretical and untested solution, but it may work to "cp
/usr/bin/sshd /usr/bin/sshd2" and then use that sshd2 binary to run an sshd
service on a different port, with a config limiting it to sftp only and a
`/etc/pam.d/sshd2` file that does not enforce pam_slurm_adopt. Downside i
users we’re allowing to
bypass pam_slurm_adopt are HPC staff, not users.
John
From: slurm-users on behalf of
"Ratnasamy, Fritz"
Reply-To: Slurm User Community List
Date: Tuesday, July 12, 2022 at 12:53 AM
To: Slurm User Community List
Subject: [slurm-users] Allow SFTP on a specif
If it's on specific nodes *for specific users*, you could allow them to
log in to those nodes? As in, add them to the exception list in
pam_slurm_adopt.
Tina
On 12/07/2022 07:56, Jake Jellinek wrote:
I cannot think of any way to do this within the Slurm configuration
I would solve this by ha
I cannot think of any way to do this within the Slurm configuration
I would solve this by having a wrapper run at boot time which started a new
sshd process on a different port which you secured (ie only that user could
connect) and then start this as part of your boot time scripts
If your scrip
On 7/12/22 06:51, Ratnasamy, Fritz wrote:
Currently, our cluster does not allow ssh to compute nodes for users
unless they have
a running job on that compute node. I believe a system admin has set up a
PAM module
that does the block. Whn trying ssh, this is the message returned:
Access denied
Hello,
Currently, our cluster does not allow ssh to compute nodes for users
unless they have
a running job on that compute node. I believe a system admin has set up a
PAM module
that does the block. Whn trying ssh, this is the message returned:
Access denied by pam_slurm_adopt: you have no active
