[Labs-l] password auth
Ryan Lane
rlane at wikimedia.org
Fri Feb 1 19:18:29 UTC 2013
Maybe something was triggering a stat call that was doing an LDAP lookup.
In a situation where LDAP lookups are causing these problems, password auth
will not help. You'd see the exact same problem, except that the password
authentication itself would also fail.
I just checked bots-1. Its keys mount wasn't mounted. I restarted autofs
and the mount came back. This was also due to the ldap issues.
On Fri, Feb 1, 2013 at 8:41 AM, Petr Bena <benapetr at gmail.com> wrote:
> if it's LDAP why any command accessing the gluster on bots-1 freeze? I
> lost last terminal after executing "df" and any attempt to ssh there freeze
> on reading the authorized_keys file, which is on storage, that doesn't
> work... If there was password auth I could ssh there and fix that. Now I
> can only wait... and pray
>
>
> On Fri, Feb 1, 2013 at 5:39 PM, Ryan Lane <rlane at wikimedia.org> wrote:
>
>> It hasn't been storage that's been the problem. It's been LDAP issues.
>> Password auth isn't going to help in this situation.
>>
>> Additionally, password auth is incredibly insecure. We just moved away
>> from sudo with password, why introduce something even less secure?
>>
>>
>> On Fri, Feb 1, 2013 at 8:35 AM, Petr Bena <benapetr at gmail.com> wrote:
>>
>>> It's not possible to login to ssh using password - why?
>>>
>>> Labs are apparently having more than enough of troubles with storage
>>> thus logging in using ssh keys sometimes doesn't work, as the storage
>>> containing them doesn't work.
>>>
>>> Can we have password auth as alternative in this case?
>>>
>>> _______________________________________________
>>> Labs-l mailing list
>>> Labs-l at lists.wikimedia.org
>>> https://lists.wikimedia.org/mailman/listinfo/labs-l
>>>
>>>
>>
>> _______________________________________________
>> Labs-l mailing list
>> Labs-l at lists.wikimedia.org
>> https://lists.wikimedia.org/mailman/listinfo/labs-l
>>
>>
>
> _______________________________________________
> Labs-l mailing list
> Labs-l at lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/labs-l
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wikimedia.org/pipermail/labs-l/attachments/20130201/b5f10929/attachment.html>
More information about the Labs-l
mailing list