Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Schedd and kerberos

Date: Wed, 10 Dec 2008 12:12:20 +0000
From: Liam Gretton <L.Gretton@xxxxxxxxxxx>
Subject: Re: [Condor-users] Schedd and kerberos

David McBride wrote:

Liam Gretton wrote:

I'm setting up a Condor pool which consists of a single Central Manager,
a number of execute hosts and a much smaller number of separate submit
hosts (all running Condor 7.0.5).

I need to treat the submit hosts as untrusted to some extent, and I'm
trying to use Kerberos to authenticate job submissions.

Our configuration differs slightly in that I'm not using a dedicated
service principal for daemon-daemon communications
(condor/hostname@REALM) but am instead using the existing host host keys
(host/hostname@REALM).


[snip]

The configuration we're using (set on all participating Condor hosts) is
as follows; you may find it a useful starting point:


Brilliant, thanks - this has done the trick, and host principals are fine for our uses.

Now I have another problem with realm mapping, but I'll ask about that elsewhere.

--
Liam Gretton                                    L.Gretton@xxxxxxxxxxx
IT Services                                   http://www.lboro.ac.uk/
Loughborough University                       Tel: +44 (0)1509 226048
Leicestershire LE11 3TU
United Kingdom

Prev by Date: Re: [Condor-users] condor-g data transfer mechanism
Next by Date: [Condor-users] Kerberos realm mapping problem
Previous by thread: Re: [Condor-users] Mac Users of Condor Anybody out there?
Next by thread: [Condor-users] Kerberos realm mapping problem
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [Condor-users] Schedd and kerberos