[lustre-discuss] Lustre secure shared key setup
Ger Strikwerda
g.j.c.strikwerda at rug.nl
Wed Feb 28 06:07:07 PST 2024
Hello,
We, (University of Groningen) are still struggling to get ssk (secret shared key) setup to work with our Lustre infrastructure. Our usecase is that we want certain clients (only with a valid key) can mount a given filesystem
Questions we have:
Are there people out here using this ssk functionality in Lustre? And what are your experiences?
We followed the ssk steps in the Lustre Admin Guide but failed to get a stable system. Biggest errors on the client are
‘lgss_keyring[1766]: [1766]:ERROR:lgssc_negotiation_manual(): negotiation gss error d0000’.
The msg, mdt and ost mount without problems using keys.
This could be more of a lgss error than a Lustre error. But perhaps somebody can give us some pointers.
We did run test on Rocky 8 Lustre 2.15, but next run we will test on Rocky 9 (newer kernel and perhaps newer version lgss)
--
Vriendelijke groet,
Ger Strikwerda
senior expert multidisciplinary enabler
simple solution architect
Rijksuniversiteit Groningen
CIT/RDMS/HPC
Smitsborg
Nettelbosje 1
9747 AJ Groningen
Tel. 050 363 9276
"God is hard, God is fair
some men he gave brains, others he gave hair"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lustre.org/pipermail/lustre-discuss-lustre.org/attachments/20240228/45a816f1/attachment.htm>
More information about the lustre-discuss
mailing list