Bright Cluster Manager generates the SSH keys for cluster users using ECDSA instead of RSA algorithm. However, this might cause X11-Forwarding through srun to fail to work in some versions of Slurm (due to a known bug reported here).
This problem might be reproduced as follows:
- Enable X11-Forwarding in Slurm by adding the option PrologFlags=X11 to the Slurm configuration file (slurm.conf).
- Run an X application using srun. For example: srun –x11 xclock
- You will get an error message similar to:
Error: Can’t open display: localhost:10.0
srun: error: node001: task 0: Exited with exit code 1
This problem can be solved by generating RSA keys alongwith the ECDSA keys for all users. For bash/sh users, this can be accomplished by creating the file /etc/profile.d/rsa_ssh.sh as root, with the following contents:
if [ "$(id -u 2>/dev/null)" != "0" ]; then
if [ ! -f ~/.ssh/id_rsa ]; then
if [ -w ~ ]; then
echo Creating RSA key for ssh
ssh-keygen -t rsa -f ~/.ssh/id_rsa -q -N ""
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys ~/.ssh/id_rsa ~/.ssh/id_rsa.pub
fi
fi
fi
Make sure this file has the correct permissions: chmod 644 /etc/profile.d/rsa_ssh.sh
Similarly, for csh users, create the file /etc/profile.d/rsa_ssh.csh
with these contents:
if ( "'id -u'" != "0" ) then
if ( ! -e ~/.ssh/id_rsa ) then
if ( -w ~/ ) then
echo Creating RSA key for ssh
ssh-keygen -t rsa -f ~/.ssh/id_rsa -q -N ""
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys ~/.ssh/id_rsa ~/.ssh/id_rsa.pub
endif
endif
endif
And apply the correct permissions: chmod 644 /etc/profile.d/rsa_ssh.csh