On Sat, Jul 29, 2006 at 08:16:43PM -0400, Mark Hahn wrote: > >This is all still possible. Globus doesn't require you to surrender > >any control to anyone else. > > but if you don't use the sort of trust-delegation stuff, what's the point? > I'm pretty happy with ssh, which is secure, and requires no configuration. >
I think we need to keep it a little more concrete than 'sort of trust-delegation stuff'. If you've ever had users submit through Globus, I think you'll find that it's as secure as ssh and about as easy to setup (yes, ssh is now universally installed by default, so it's hard to get easier than that.) In the simplest mode of operation, the "trust delegation" that Globus does is identical to that of ssh, albeit with a different protocol and software stack. > >Yes, but the remote users really don't want to learn Yet Another Account > >Name > >and password. Globus lets them use their Globus name, and you as the > >resource > >owner to create whatever accounts you want. Globus does the translating > >between the two, so everyone is happy. > > hmm, I find that users can most often have the same username everywhere, > and identity+agent-based ssh means never needing passwords. > You'll certainly concede that it's not always true that user names are unique, right? As someone who used Globus to submit jobs to clusters different institutions, I can assure you that the underlying accounts did not have the same UNIX username :) Also, not everyone submits jobs via `ssh remote-login-point /usr/bin/batch_submit job.script` - if you run any sort of very complicated workflow you'll quickly at least wrap your ssh command in a script - and for any robust script you'll start writing lots and lots of error handling for the ssh commands (dealing with commands that hang, recovering from network disconnection, etc etc) - eventually your robust script gets to be as complicated as Globus... > but I don't think the choice of auth method really matters to this > discussion: a user authenticates to a login node and submits jobs; Actually, I haven't been paying much attention to the main thread, I just jumped in at the Globus tangent because I think you mis-represented what Globus does. I'd be happy to go into more specifics with you, my impression is that you've never had it installed on your system and had serious users, and may not be familiar with it in detail. I'm perfectly willing to leave this discussion at 'Globus allows you to create complicated authentication schemes, for many clusters there's really no reason to do so.' > the user is trusting that the job system will create the same environment > when the job is run. if either the login or execution nodes are > compromised, the user is pretty much vulnerable... I agree for the way I imagine most members of the list run their clusters, this is absolutely true. -Erik _______________________________________________ Beowulf mailing list, [email protected] To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
