MyProxy Guidelines for Community Grids Lab
1- Requirements
1.1- MyProxy service is running on gf1.ucs.indiana.edu at port 7512
1.2- Globus users has to have globus credentials which are public and private keys.
1.3- CGL Certificate Authority should be trusted by third parties.
1.4- grid-mapfile should contain user's DN and associated user name on the same machine.
eg. "/C=US/O=Indiana University/OU=Community Grids Lab/CN=Mehmet Nacar" manacar
2- Setup
2.1- Get a globus credential from CGL CA. You'll get two files
| userxxx-key.pem |
| userxxx-cert.pem |
2.2- Change your credential passwd. (Before running grid-change-pass-phrase command, you have to set environment variables as 3.1)
| $ grid-change-pass-phrase |
| Enter pass phrase for /home/manacar/.globus/userkey.pem: writing RSA key Enter PEM pass phrase: Verifying - Enter PEM pass phrase: |
2.3- If your account has already setup, replace the key and the cert with old ones. Otherwise, you need to follow these steps below.
| $ cd | |
| $ pwd | make sure you're at user home. |
| $ mkdir .globus |
.globus directory should contain at least those files below.
| .globus | /cog.properties |
| /userkey.pem | |
| /usercert.pem | |
| /certificates/ |
2.4- Rename userxxx-key.pem and userxxx-cert.pem, and also change access rights as appropriate.
| $ mv userxxx-key.pem userkey.pem |
| $ mv userxxx-cert.pem usercert.pem |
| $ chmod 400 userkey.pem |
| $ chmod 644 usercert.pem |
2.5- Make sure you've copied CGL CA files into ./globus/certificates/
| 84ff0685.0 |
| 84ff0685.signing_policy |
2.6- Edit cog.properties
| cacert=/home/manacar/.globus/certificates/ |
| ip=156.56.104.81 |
3- Get Proxy
3.1- After you setup your account, you can get a proxy. Before you do that, you need to set some environment variables.
| $ export GLOBUS_LOCATION=/home/globus/nmi-8.0-rh9 |
| $ source $GLOBUS_LOCATION/etc/globus-user-env.sh |
| $ export MYPROXY_SERVER=gf1.ucs.indiana.edu |
3.2- Execute myproxy-init command below and enter credential passwd. Then you need to assign an arbitrary passwd for your proxy.
| $ myproxy-init | |
| Your identity: /C=US/O=Indiana University/OU=Community Grids Lab/CN=Mehmet Nacar Enter GRID pass phrase for this identity: Creating proxy .................................................. Done Proxy Verify OK Your proxy is valid until: Tue Feb 7 15:15:24 2006 Enter MyProxy pass phrase: Verifying - Enter MyProxy pass phrase: A proxy valid for 168 hours (7.0 days) for user manacar now exists on gf1. |
4- References
posted by Mehmet Nacar at
11:05 AM
|
0 comments
