|
florin@xxxxxxx wrote:
> But you said that "we don't want the real-servers with ports exposed
> unneccessarily". So, if the agents are clients, the port will be open on the
> director, instead of the real servers.
I didn't know, was just asking.
> Well, that's a problem, too, but anyway...
if all communication (eg to an agent on the real-server)
is run on the director by ssh, then you only have one extra port
(the sshd port) exposed on the real-server. I'm prepared to
defend doing that to someone who it concerned about security.
As long as you're only doing this every 15secs or so,
I would hope it wouldn't put too much load on the director.
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
