[jira] [Commented] (HADOOP-13295) Possible Vulnerability in DataNodes via SSH
[ https://issues.apache.org/jira/browse/HADOOP-13295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15349596#comment-15349596 ] Vinayakumar B commented on HADOOP-13295: bq. But start-dfs.sh and start-yarn.sh uses SSH to trigger the services in another nodes. these requires that SSH to these nodes should be made password less using public-private authentication from where these scripts invoked. > Possible Vulnerability in DataNodes via SSH > --- > > Key: HADOOP-13295 > URL: https://issues.apache.org/jira/browse/HADOOP-13295 > Project: Hadoop Common > Issue Type: Bug > Components: security >Reporter: Mobin Ranjbar > > I suspected something weird in my Hadoop cluster. When I run datanodes, after > a while my servers(except namenode) will be down for SSH Max Attempts. When I > checked the 'systemctl status ssh', I figured out there are some invalid > username/password attempts via SSH and the SSH daemon blocked all incoming > connections and I got connection refused. > I have no problem when my datanodes are not running. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-13295) Possible Vulnerability in DataNodes via SSH
[ https://issues.apache.org/jira/browse/HADOOP-13295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15348538#comment-15348538 ] Ravi Prakash commented on HADOOP-13295: --- Mobin! Could you please answer Steve's original question? bq. How are you deploying it? I'm inclined to close this JIRA as invalid. We haven't seen this issue anywhere else, and is probably an error in deployment. > Possible Vulnerability in DataNodes via SSH > --- > > Key: HADOOP-13295 > URL: https://issues.apache.org/jira/browse/HADOOP-13295 > Project: Hadoop Common > Issue Type: Bug > Components: security >Reporter: Mobin Ranjbar > > I suspected something weird in my Hadoop cluster. When I run datanodes, after > a while my servers(except namenode) will be down for SSH Max Attempts. When I > checked the 'systemctl status ssh', I figured out there are some invalid > username/password attempts via SSH and the SSH daemon blocked all incoming > connections and I got connection refused. > I have no problem when my datanodes are not running. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-13295) Possible Vulnerability in DataNodes via SSH
[ https://issues.apache.org/jira/browse/HADOOP-13295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15346293#comment-15346293 ] Mobin Ranjbar commented on HADOOP-13295: I know that hadoop uses RPC to request a service from a program located in another nodes. But start-dfs.sh and start-yarn.sh uses SSH to trigger the services in another nodes. The fact is my SSH Daemon will die/block after running one or two mapreduce program and it affects only datanodes. > Possible Vulnerability in DataNodes via SSH > --- > > Key: HADOOP-13295 > URL: https://issues.apache.org/jira/browse/HADOOP-13295 > Project: Hadoop Common > Issue Type: Bug > Components: security >Reporter: Mobin Ranjbar > > I suspected something weird in my Hadoop cluster. When I run datanodes, after > a while my servers(except namenode) will be down for SSH Max Attempts. When I > checked the 'systemctl status ssh', I figured out there are some invalid > username/password attempts via SSH and the SSH daemon blocked all incoming > connections and I got connection refused. > I have no problem when my datanodes are not running. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-13295) Possible Vulnerability in DataNodes via SSH
[ https://issues.apache.org/jira/browse/HADOOP-13295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15345083#comment-15345083 ] Ravi Prakash commented on HADOOP-13295: --- Or using the start-dfs.sh , start-*.sh scripts. Right? > Possible Vulnerability in DataNodes via SSH > --- > > Key: HADOOP-13295 > URL: https://issues.apache.org/jira/browse/HADOOP-13295 > Project: Hadoop Common > Issue Type: Bug > Components: security >Reporter: Mobin Ranjbar > > I suspected something weird in my Hadoop cluster. When I run datanodes, after > a while my servers(except namenode) will be down for SSH Max Attempts. When I > checked the 'systemctl status ssh', I figured out there are some invalid > username/password attempts via SSH and the SSH daemon blocked all incoming > connections and I got connection refused. > I have no problem when my datanodes are not running. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-13295) Possible Vulnerability in DataNodes via SSH
[ https://issues.apache.org/jira/browse/HADOOP-13295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15343032#comment-15343032 ] Joep Rottinghuis commented on HADOOP-13295: --- b.q. I don't think is is directly related to Hadoop at all: it doesn't use SSH at all. agreed, probably not Hadoop. SSH isn't used on DN side. Only place I can imagine SSH is used is in possible fencing script used to fence a NN HA pair with the failover controller setup. > Possible Vulnerability in DataNodes via SSH > --- > > Key: HADOOP-13295 > URL: https://issues.apache.org/jira/browse/HADOOP-13295 > Project: Hadoop Common > Issue Type: Bug > Components: security >Reporter: Mobin Ranjbar > > I suspected something weird in my Hadoop cluster. When I run datanodes, after > a while my servers(except namenode) will be down for SSH Max Attempts. When I > checked the 'systemctl status ssh', I figured out there are some invalid > username/password attempts via SSH and the SSH daemon blocked all incoming > connections and I got connection refused. > I have no problem when my datanodes are not running. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-13295) Possible Vulnerability in DataNodes via SSH
[ https://issues.apache.org/jira/browse/HADOOP-13295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15341425#comment-15341425 ] Steve Loughran commented on HADOOP-13295: - I don't think is is directly related to Hadoop at all: it doesn't use SSH at all. How are you deploying it? > Possible Vulnerability in DataNodes via SSH > --- > > Key: HADOOP-13295 > URL: https://issues.apache.org/jira/browse/HADOOP-13295 > Project: Hadoop Common > Issue Type: Bug > Components: security >Reporter: Mobin Ranjbar > > I suspected something weird in my Hadoop cluster. When I run datanodes, after > a while my servers(except namenode) will be down for SSH Max Attempts. When I > checked the 'systemctl status ssh', I figured out there are some invalid > username/password attempts via SSH and the SSH daemon blocked all incoming > connections and I got connection refused. > I have no problem when my datanodes are not running. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org