Encrypt transmission of Platform LSF commands for remote execution and login

By default, certain LSF commands use rsh for remote execution and rlogin for remote login, both of which are not encrypted. To secure these LSF commands, enable the use of ssh for remote execution, because ssh provides encryption when transmitting LSF commands.

The following LSF commands are covered by this change:

  • badmin hstartup

  • bpeek

  • lsadmin limstartup

  • lsadmin resstartup

  • lsfrestart

  • lsfshutdown

  • lsfstartup

  • lslogin

  • lsrcp

  1. Edit the lsf.conf file.
  2. Change the remote execution shell from rsh to ssh by specifying the LSF_RSH parameter.

    For example,

    LSF_RSH="ssh ‑o ’PasswordAuthentication no’ ‑o ’StrictHostKeyChecking no’"

  3. Change the remote login shell by specifying the LSF_LSLOGIN_SSH parameter.

    LSF_LSLOGIN_SSH=yes

  4. Reconfigure LIM and restart mbatchd on the master host to activate these changes.

    lsadmin reconfig

    badmin mdbrestart

The affected LSF commands now use ssh for remote execution and remote login.