Docs - remove documentation related to crypto/openssl.

crypto/openssl is removed in the next release. Remove documentation in the 18.08 release to discourage further use. Bug 5916.

Docs - remove documentation related to crypto/openssl.
crypto/openssl is removed in the next release. Remove documentation in the 18.08 release to discourage further use. Bug 5916.
cd4af713 · Tim Wickberg · 10f1b089 · cd4af713 · cd4af713 · cd4af713
Commit cd4af713 authored 6 years ago by Tim Wickberg
--- a/doc/html/crypto_plugins.shtml
+++ b/doc/html/crypto_plugins.shtml
@@ -28,7 +28,6 @@ cryptographic mechanism.
 We recommend, for example:</p>
 <ul>
 <li><b>munge</b> &mdash; LLNL's Munge system.</li>
-<li><b>openssl</b> &mdash; Open SSL.</li>
 </ul></p>
 <p><span class="commandline">const char plugin_name[]</span><br>
@@ -166,6 +165,6 @@ appropriate value to indicate the reason for failure.</p>
 <p class="footer"><a href="#top">top</a></p>
-<p style="text-align:center;">Last modified 27 March 2015</p>
+<p style="text-align:center;">Last modified 2 November 2018</p>
 <!--#include virtual="footer.txt"-->
--- a/doc/html/download.shtml
+++ b/doc/html/download.shtml
@@ -70,17 +70,6 @@ is a job inspection tool for examining and debugging parallel programs, primaril
 It's an open source, non-interactive, command line, scriptable tool intended for use by programmers and system administrators alike.</li>
 </ul><br>
-<li><b>Digital signatures</b> (Cypto plugin) are used to ensure message are not altered.</li>
-<ul>
-<li><b>MUNGE</b> (recommended)<br>
-MUNGE can be used at an alternative to OpenSSL.
-MUNGE is available under the Gnu General Public License.
-See MUNGE download information above.</li>
-<li><b>OpenSSL</b><br>
-OpenSSL may be used as an alternative to MUNGE for generation of digital signatures.
-Download it from <a href="http://www.openssl.org/">http://www.openssl.org/</a>.</li>
-</ul><br>
 <li><b>DRMAA (Distributed Resource Management Application API)</b><br>
 <a href="http://apps.man.poznan.pl/trac/slurm-drmaa">PSNC DRMAA</a> for Slurm
 is an implementation of <a href="http://www.gridforum.org/">Open Grid Forum</a>

--- a/doc/html/quickstart_admin.shtml
+++ b/doc/html/quickstart_admin.shtml
@@ -123,8 +123,6 @@ present. Build dependencies for various plugins and commands are denoted below:
 		as the default authentication mechanism.</li>
 <li> <b>MySQL</b> MySQL support for accounting will be built if the
 		<i>mysql</i> development library is present.</li>
-<li> <b>OpenSSL</b> The <i>crypto/openssl</i> CryptoType plugin will be built if
-		the <i>openssl</i> development library is present.</li>
 <li> <b>PAM Support</b> PAM support will be added if the <i>PAM</i> development
 		library is installed.</li>
 <li> <b>NUMA Affinity</b> NUMA support in the task/affinity plugin will be
@@ -466,33 +464,6 @@ job step initiation overhead from the <i> slurmctld </i> daemon.
 The digital signature mechanism is specified by the <b>CryptoType</b>
 configuration parameter and the default mechanism is MUNGE. </p>
-<h3>OpenSSL</h3>
-<p>If using <a href="http://www.openssl.org/">OpenSSL</a> digital signatures,
-unique job credential keys must be created for your site using the program
-<a href="http://www.openssl.org/">openssl</a>.
-<b>You must use openssl and not ssh-genkey to construct these keys.</b>
-An example of how to do this is shown below. Specify file names that
-match the values of <b>JobCredentialPrivateKey</b> and
-<b>JobCredentialPublicCertificate</b> in your configuration file.
-The <b>JobCredentialPrivateKey</b> file must be readable only by <b>SlurmUser</b>.
-The <b>JobCredentialPublicCertificate</b> file must be readable by all users.
-Note that you should build the key files on one node and then distribute
-them to all nodes in the cluster.
-This ensures that all nodes have a consistent set of digital signature
-keys.
-These keys are used by <i>slurmctld</i> to construct a job step
-credential, which is sent to <i>srun</i> and then forwarded to
-<i>slurmd</i> to initiate job steps.</p>
-<p class="commandline" style="margin-left:.2in">
-<i>openssl genrsa -out &lt;sysconfdir&gt;/slurm.key 1024</i><br>
-<i>openssl rsa -in &lt;sysconfdir&gt;/slurm.key -pubout -out  &lt;sysconfdir&gt;/slurm.cert</i>
-</p>
-<h3>MUNGE</h3>
-<p>If using MUNGE digital signatures, no Slurm keys are required.
-This will be addressed in the installation and configuration of MUNGE.</p>
 <h3>Authentication</h3>
 <p>Authentication of communications (identifying who generated a particular
 message) between Slurm components can use a different security mechanism

--- a/doc/man/man5/slurm.conf.5
+++ b/doc/man/man5/slurm.conf.5
-.TH "slurm.conf" "5" "Slurm Configuration File" "August 2018" "Slurm Configuration File"
+.TH "slurm.conf" "5" "Slurm Configuration File" "November 2018" "Slurm Configuration File"
 .SH "NAME"
 slurm.conf \- Slurm configuration file
@@ -506,7 +506,7 @@ The cryptographic signature tool to be used in the creation of
 job step credentials.
 The slurmctld daemon must be restarted for a change in \fBCryptoType\fR
 to take effect.
-Acceptable values at present include "crypto/munge" and "crypto/openssl".
+Acceptable values at present include "crypto/munge".
 The default value is "crypto/munge" and is the recommended.
 .TP