[torqueusers] Why does torque require pbs_mom/pbs_server be run as root?

David Beer dbeer at adaptivecomputing.com
Fri Jul 16 15:57:35 MDT 2010




> >
> When you ssh to a friend's box you are trusting root on that box,
> which
> is only *marginally* more secure than joeuser; if it's your friends
> box,
> then your friend has probably got root access in any case and there
> may
> not *be* any other users. Or, unless you have pre-exchanged root keys,
> you are opening yourself to a man-in-the-middle password attack on
> your
> first connection. Given open-source operating systems root and
> low-number IP ports are not what they used to be by way of security.
> 
> Better to send him a copy of your public key for authorized_keys than
> to
> type in your password in any case.
> 
> Jeff
> 

Privileged ports may not be what they used to be, but to echo Garrick's first response, TORQUE is made for cluster building. Root access *must* be well-controlled within a cluster or nothing about the setup is going to be very secure at all. 

David 


More information about the torqueusers mailing list