LSF Version 7.3 - Platform LSF Configuration Reference
•
Increasing security through the use of an external encryption key (recommended)
•
Specifying a trusted user account under which the eauth executable runs (UNIX and Linux
only)
You can also choose Kerberos authentication to provide a secure data exchange during LSF
user and daemon authentication and to forward credentials to a remote host for use during
job execution.
Configuration to modify security
File Parameter and syntax Descriptions
lsf.sudoers
LSF_EAUTH_KEY=key
•
The eauth executable uses the external encryption
key that you define to encrypt and decrypt the
credentials.
•
The key must contain at least six characters and must
use only printable characters.
•
For UNIX, you must edit the lsf.sudoers file on all
hosts within the cluster and specify the same
encryption key. You must also configure eauth as
setuid to root so that eauth can read the
lsf.sudoers file and obtain the value of
LSF_EAUTH_KEY.
•
For Windows, you must edit the shared
lsf.sudoers file.
Configuration to specify the eauth user account
On UNIX hosts, the eauth executable runs under the account of the primary LSF
administrator. You can modify this behavior by specifying a different trusted user account.
For Windows hosts, you do not need to modify the default behavior because eauth runs under
the service account, which is always a trusted, secure account.
File
Parameter and syntax Description
lsf.sudoers
LSF_EAUTH_USER=user_name
•
UNIX only
•
The eauth executable runs under the account of the
specified user rather than the account of the LSF
primary administrator
•
You must edit the lsf.sudoers file on all hosts
within the cluster and specify the same user name
Configuration to enable Kerberos authentication
To install and configure Kerberos authentication, refer to the information included with your
Kerberos integration package provided by Platform Computing Inc..
Restriction:
Kerberos authentication is supported only for UNIX and Linux
hosts, and only on the following operating systems:
•
AIX 4
Feature: External authentication
24 Platform LSF Configuration Reference