Mailing List ArchivesPublic Access |
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesPublic Access |
|
If you just want host-based authentication, you probably want to enable the CLAIMTOBE mode: that allows the client to simply assert an identity, and the server will believe it.
You don't normally have to do this, and probably don't want to; CLAIMTOBE is mostly intended for debugging. What you probably want to do instead is reconfigure HTCondor to not require authentication at all -- host-based authorization at least checks DNS entries against the peer address of incoming connections, but CLAIMTOBE does nothing at all.
The default for SEC_DEFAULT_AUTHENTICATION is OPTIONAL, so you don't normally have to do anything to use host-based authorization. If you've changed that in your configuration, you may have to change it back. (HTCondor can use both host-based authorization and GSI/kerberos/etc authentication simultaneously, but it's trickier to configure.)
- ToddM