Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] Moving CM to new host

Date: Tue, 19 Apr 2022 20:29:59 +0000
From: "Bockelman, Brian" <BBockelman@xxxxxxxxxxxxx>
Subject: Re: [HTCondor-users] Moving CM to new host

> On Apr 19, 2022, at 2:55 PM, Michael Thomas <wart@xxxxxxxxxxx> wrote:
> 
> Hi Brian,
> 
> As always, you were right.  Changing the security requirements from 'OPTIONAL' to 'REQUIRED' fixed it.
> 
> I still don't quite understand why there are no token requests showing up or being generated in /etc/condor/tokens.d.  But since my startds and collector are talking with each other, I'm not going to worry about it.
> 

Any possibility you have a common signing key (the "pool password") on each hosts?

If there's no token in place - but the pool password is present - the daemons will generate a token in-memory and use that to authenticate (recall: anyone with the signing key can create their own valid token).  The idea was to create a "graceful fallback" to PASSWD-like authentication and ease the transition for folks coming from that mechanism.

Brian

Follow-Ups:
- Re: [HTCondor-users] Moving CM to new host
  - From: Michael Thomas

References:
- [HTCondor-users] Moving CM to new host
  - From: Michael Thomas
- Re: [HTCondor-users] Moving CM to new host
  - From: Bockelman, Brian
- Re: [HTCondor-users] Moving CM to new host
  - From: Michael Thomas

Prev by Date: Re: [HTCondor-users] Moving CM to new host
Next by Date: Re: [HTCondor-users] Moving CM to new host
Previous by thread: Re: [HTCondor-users] Moving CM to new host
Next by thread: Re: [HTCondor-users] Moving CM to new host
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [HTCondor-users] Moving CM to new host