LSF_AUTH
Syntax
LSF_AUTH=eauth | ident | noneDescription
Specifies the external client to server authentication method that is used.. This parameter is
required for any cluster that contains Windows hosts, and is optional for UNIX-only clusters. You
must shut down the LSF daemons on all server hosts before defining or changing the value of
LSF_AUTH, then restart the LSF daemons on all server hosts to apply the new
authentication method.
- eauth
- For site-specific customized external client to server authentication. Provides the highest level of security of all LSF authentication methods.
- ident
- For client to server authentication using the RFC 931/1413/1414 protocol to verify the identity of the remote client. If you want to use ident authentication, you must download and install the ident protocol, available from the public domain, and register ident as required by your operating system.
- none
- Disables the triggering of additional authentication. For use in a trusted environment where
more complex authentication methods are not required.
If LSF_AUTH=none is set, the value of LSF_AUTH_DAEMONS is ignored.
For UNIX-only clusters, privileged ports authentication (setuid) can be configured by commenting out or deleting the LSF_AUTH parameter. If you choose privileged ports authentication, LSF commands must be installed as setuid programs owned by root. If the commands are installed in an NFS-mounted shared file system, the file system must be mounted with setuid execution allowed, that is, without the nosuid option.
Restriction: To enable privileged ports authentication, LSF_AUTH must not be defined; setuid is not a valid value for LSF_AUTH.
Default
Set to eauth at time of installation. Otherwise, not defined.
During LSF installation, a default eauth executable is installed in the directory specified by the environment variable LSF_SERVERDIR. The default executable provides an example of how the eauth protocol works. You should write your own eauth executable to meet the security requirements of your cluster.