For a cluster shared by many users, it is important to prevent errant users from directly ssh into the compute nodes, thus bypassing the scheduler. To implement the pam module, compile the Torque Server based on Installing Torque 2.5 on CentOS 6
Step 1: You should be able to find the pam_pbssimpleauth.so packages at
$TORQUE_HOME/tpackages/pam/lib64/security/pam_pbssimpleauth.a $TORQUE_HOME/tpackages/pam/lib64/security/pam_pbssimpleauth.la $TORQUE_HOME/tpackages/pam/lib64/security/pam_pbssimpleauth.so
Step 2: Copy the pam_pbssimpleauth.so to the compute nodes. Step 2b: DO not put the pam_pbssimpleauth.so in on the Head Node
# scp $TORQUE_HOME/tpackages/pam/lib64/security/pam_pbssimpleauth.so node1:/lib64/security/
Step 3: Verify that the access.so is also present in the /lib64/security/ directory
# ls /lib64/security/access.so
Step 4: Add the access.so and pam_pbssimpleauth.so in the PAM configuration files
# vim /etc/pam.d/sshd
auth required pam_sepermit.so auth include password-auth account required pam_nologin.so account required pam_pbssimpleauth.so account required pam_access.so account include password-auth password include password-auth ..... .....
When a user ssh’s to a node, this module will check the .JB files in $PBS_SERVER_HOME/mom_priv/jobs/ for a matching uid and that the job is running.
You can try the configuration