I have a question regarding the OOD_SSHHOST_ALLOWLIST regex syntax, specifically is there a type of regex which would help me format it? We have a cluster which has the following naming convention: node1,node2… node19,node20… and I’m having problems formatting the allow list for those hosts.
I was able to find Rubular: a Ruby regular expression editor which helped with the host_regex , so I’m wondering if there might be something similar if I understood what it was looking for.
I’m not sure what you mean here. Format the regex you need for your hosts? What does the hostnames look like? I see you mention they have
node# in their names so are you asking how to write a regex to capture those numbers? Can you send the rest of what the pattern would need to catch?
Sure the pattern is this:
I tried node[1-30] but that didn’t work and I tried node[1-9][0-9] which also didn’t work. Since this cluster is set to retire in the next 6 months I’d be up for something less secure like node?? or node* if that is the proper syntax. Although we are planning on not using padding zeros so a good solution is prefered.
Is this for ssh from the compute hosts to the OnDemand server, or from the OnDemand server to the compute hosts?
I think for the latter, configuring the /etc/ssh/sshd_config on the compute hosts is desired, no?
Wouldn’t the OnDemand AllowHosts be for incoming connections?
They’re globs not regular expressions. You can have several globs and they’re
So you’d probably need something like
node[0-9]:node[0-9][0-9], one for 1 digit and another for 2. You can use stars,
* but it is less secure - or at least could grab nodes you don’t want folks shelling into.
Thanks for the clarification. That makes sense.
@bennet This was from the OOD host to the nodes, specifically clicking on the node name in the interactive sessions tab. I thought it was a networking problem, but when one of the abnormally nodes worked I realized it was this entry not matching.
And thank you for the clarification, as well. This is an outbound list from OnDemand, I now see. Sorry for the noise.