[slurm-users] Allow SFTP on a specific compute node

Ratnasamy, Fritz fritz.ratnasamy at chicagobooth.edu
Thu Jul 14 05:22:47 UTC 2022 

Hi Tina,

Do you know how I would do what you suggested?

*Fritz Ratnasamy*

Data Scientist

Information Technology

The University of Chicago

Booth School of Business

5807 S. Woodlawn

Chicago, Illinois 60637

Phone: +(1) 773-834-4556


On Tue, Jul 12, 2022 at 3:27 AM Tina Friedrich <tina.friedrich at it.ox.ac.uk>
wrote:

> If it's on specific nodes *for specific users*, you could allow them to
> log in to those nodes? As in, add them to the exception list in
> pam_slurm_adopt.
>
> Tina
>
> On 12/07/2022 07:56, Jake Jellinek wrote:
> > I cannot think of any way to do this within the Slurm configuration
> >
> > I would solve this by having a wrapper run at boot time which started a
> > new sshd process on a different port which you secured (ie only that
> > user could connect) and then start this as part of your boot time scripts
> > If your script was started on one of your ‘special’ machines, start the
> > second instance of sshd…..if not, do nothing
> >
> > Hope that helps
> >
> >> On 12 Jul 2022, at 05:53, Ratnasamy, Fritz
> >> <fritz.ratnasamy at chicagobooth.edu> wrote:
> >>
> >> 
> >> Hello,
> >>
> >>  Currently, our cluster does not allow ssh to compute nodes for users
> >> unless they have
> >> a running job on that compute node. I believe a system admin has set
> >> up a PAM module
> >> that does the block. Whn trying ssh, this is the message returned:
> >> Access denied by pam_slurm_adopt: you have no active jobs on this node
> >> Connection closed by 10.135.242.188 port 22
> >>
> >> However, we would like to allow sftp on a specific compute node for
> >> specific users.
> >> Any idea on how to do that?
> >> Thanks,
> >>
> >>
> >> *Fritz Ratnasamy*
> >>
> >> Data Scientist
> >>
> >> Information Technology
> >>
> >> The University of Chicago
> >>
> >> Booth School of Business
> >>
> >> 5807 S. Woodlawn
> >>
> >> Chicago,Illinois60637
> >>
> >> Phone: +(1) 773-834-4556
> >>
>
> --
> Tina Friedrich, Advanced Research Computing Snr HPC Systems Administrator
>
> Research Computing and Support Services
> IT Services, University of Oxford
> http://www.arc.ox.ac.uk http://www.it.ox.ac.uk
>
> CAUTION: This email has originated outside of University email systems.
> Please do not click links or open attachments unless you recognize the
> sender and trust the contents as safe.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schedmd.com/pipermail/slurm-users/attachments/20220714/12b88840/attachment.htm>

More information about the slurm-users mailing list