[slurm-users] Allow SFTP on a specific compute node

Tina Friedrich tina.friedrich at it.ox.ac.uk
Tue Jul 12 08:24:59 UTC 2022


If it's on specific nodes *for specific users*, you could allow them to 
log in to those nodes? As in, add them to the exception list in 
pam_slurm_adopt.

Tina

On 12/07/2022 07:56, Jake Jellinek wrote:
> I cannot think of any way to do this within the Slurm configuration
> 
> I would solve this by having a wrapper run at boot time which started a 
> new sshd process on a different port which you secured (ie only that 
> user could connect) and then start this as part of your boot time scripts
> If your script was started on one of your ‘special’ machines, start the 
> second instance of sshd…..if not, do nothing
> 
> Hope that helps
> 
>> On 12 Jul 2022, at 05:53, Ratnasamy, Fritz 
>> <fritz.ratnasamy at chicagobooth.edu> wrote:
>>
>> 
>> Hello,
>>
>>  Currently, our cluster does not allow ssh to compute nodes for users 
>> unless they have
>> a running job on that compute node. I believe a system admin has set 
>> up a PAM module
>> that does the block. Whn trying ssh, this is the message returned:
>> Access denied by pam_slurm_adopt: you have no active jobs on this node
>> Connection closed by 10.135.242.188 port 22
>>
>> However, we would like to allow sftp on a specific compute node for 
>> specific users.
>> Any idea on how to do that?
>> Thanks,
>>
>>
>> *Fritz Ratnasamy*
>>
>> Data Scientist
>>
>> Information Technology
>>
>> The University of Chicago
>>
>> Booth School of Business
>>
>> 5807 S. Woodlawn
>>
>> Chicago,Illinois60637
>>
>> Phone: +(1) 773-834-4556
>>

-- 
Tina Friedrich, Advanced Research Computing Snr HPC Systems Administrator

Research Computing and Support Services
IT Services, University of Oxford
http://www.arc.ox.ac.uk http://www.it.ox.ac.uk



More information about the slurm-users mailing list