1 / 8

Graphical Access to the NGS for All

Graphical Access to the NGS for All. Java GSI-SSHTerm. Outline. Introduction and Brief History Authentication methods Other Services The Future – Site Single Sign-On Questions Demonstration. Introduction and Brief History.

mauve
Download Presentation

Graphical Access to the NGS for All

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Graphical Access to the NGS for All Java GSI-SSHTerm

  2. Outline • Introduction and Brief History • Authentication methods • Other Services • The Future – Site Single Sign-On • Questions • Demonstration

  3. Introduction and Brief History • There was a need for Windows (+ Linux!) users to have a straightforward way to access Grid resources • SSHTerm is an Open Source (Source forge) project • Jean-Claude Cote at NRC-CNRC developed a GSISSH module • This has been rewritten and expanded by Matthew Viljoen and me at RAL • No need to know username • Many ways to access your certificate • X forwarding • Bugfixes

  4. Authentication methods • Local proxy (i.e. from grid-proxy-init) • Certificate as two PEM files: usercert.pem and userkey.pem • Certificate as a single PKCS#12 file • Proxy downloaded from a MyProxy server • Certificate stored in your browser [new] • Internet Explorer: Windows • Firefox & Mozilla: Windows and Linux

  5. Other Services • Normal SSH port forwarding • X windows display forwarding • GSI-SFTP simple file transfer

  6. The Future – Site Single Sign-On • Currently in development is Site Single Sign On access to grid resources via GSI-SSHTerm • Uses the CCLRC Kerberos/Active Directory infrastructure: tokens are obtained on logon in Windows and by running kinit in UNIXes • Modified terminal passes on Kerberos token to MyProxy server (with built in CA) to retrieve certificate or automatically generate a low-assurance certificate.

  7. Questions?

  8. Demonstration • Normal version: • http://www.grid-support.ac.uk/content/view/81/62 • Kerberos single sign-on version: • http://www.grid-support.ac.uk/content/view/135/76/ • This will not work as no where will accept your certificate!

More Related