4.7. Enabling RSH on Compute Nodes

The default Rocks configuration does not enable rsh commands or login to compute nodes. Instead, Rocks uses ssh as a drop in replacement for rsh. There may be some circustances where ssh does not have exactly the same semantics of rsh. Further, there may be some users that cannot modify their application to switch from rsh to ssh. If you are one of these users you may wish to enable rsh on your cluster.

Warning

Enabling rsh on your cluster has serious security implicatations. While it is true rsh is limited to the private-side network this does not mean it is as secure as ssh.

Enabling rsh is done by modifying the default kickstart graph. First copy the default rsh.xml into the site customization directory:

# cp /export/rocks/install/rocks-dist/arch/build/graphs/default/base-rsh.xml \
	/export/rocks/install/site-profiles/5.1/graphs/default/

Where arch is your architecture ("i386" or "x86_64").

Now edit /export/rocks/install/site-profiles/5.1/graphs/default/base-rsh.xml and change the following:

        <!-- Uncomment to enable RSH on your cluster

        <edge from="client">
                <to>xinetd</to>
                <to>rsh</to>
        </edge>

        -->

Follow the instruction and uncomment this block. This will force all appliance types that reference the client class (compute nodes, NAS nodes, ...) to enable an rsh service that trusts all hosts on the private side network. This uncommented block should look like this:

        <edge from="client">
                <to>xinetd</to>
                <to>rsh</to>
        </edge>

To apply this configuration to the compute nodes, rebuild the distribution:

# cd /export/rocks/install
# rocks create distro

Then, reinstall your compute nodes.