| | 1 | = Omni Credentials = |
| | 2 | |
| | 3 | Before using the Omni tools, the experimenter must: [[BR]] |
| | 4 | 1) Get GENI credentials from Clearinghouse. [[BR]] |
| | 5 | 2) Upload user SSH keys Clearinghouse. [[BR]] |
| | 6 | 3) Download the SSL Certificate to access the resource aggregate to the host running the experiment. [[BR]] |
| | 7 | |
| | 8 | Each of these steps are detailed in this page. |
| | 9 | |
| | 10 | = Get GENI credentials = |
| | 11 | |
| | 12 | GENI Credentials are associated with a project that a full time Professor has created at the Project Request page. Captures in this page use the pgeni.gpolab.bbn.com clearing house. User credentials are associated with a project, a new project approval depends on an initial discussion with [mailto:mberman@bbn.com Mark Berman] of the GENI Project Office. Once the project is approved, you can use the project name at the GPO ProtoGENI Clearing House to submit an [https://www.pgeni.gpolab.bbn.com/joinproject.php3 account request]: [[BR]] |
| | 13 | |
| | 14 | [[Image(requestProject.jpg)]] |
| | 15 | |
| | 16 | If the project already exists, then simply submit an account request at the [https://www.pgeni.gpolab.bbn.com/joinproject.php3 account request] page: [[BR]] |
| | 17 | |
| | 18 | [[Image(requestAccount.jpg)]] |
| | 19 | |
| | 20 | |
| | 21 | = Upload SSH public key = |
| | 22 | |
| | 23 | The Clearing house must have a copy of your ''existing'' or ''newly'' generated SSH public key to place on the allocated resource to allow access. If you do not have SSH keys simply generate them with the ''ssh-keygen'' command, which will place your user public key in your home directory "~/.ssh/id_rsa.pub". |
| | 24 | |
| | 25 | The Omni tools ''automatically'' upload your SSH public key when you create a slice, so if you plan to use Omni tools you can skip the SSH key upload step. |
| | 26 | |
| | 27 | If you are not using Omni tools, then you must manually upload your SSH public keys. You may choose to re-use keys that you already have or simply generate new ones: |
| | 28 | For [https://planet-lab.org PlanatLab], the ssh key is uploaded in the ''My Account'' page in the ''keys'' section. For ProtoGENI [https://www.emulab.net Emulab], the key is uploaded in the ''Profile'' tab's ''Options'' section: |
| | 29 | |
| | 30 | [[Image(pgOptions.jpg)]] |
| | 31 | |
| | 32 | by selecting ''Edit SSH Keys'' and defining the location of your keys to be uploaded: |
| | 33 | |
| | 34 | [[Image(uploadSSHKeys.jpg)]] |
| | 35 | |
| | 36 | = SSL Certificate = |
| | 37 | |
| | 38 | A SSL certificate is required to access GENI resources. For !PlanetLab resources, the user generates his/her own SSL certificate, while for the ProtoGENI clearing houses the experimenter uses the ProtoGENI server to generate the SSL certificate. On the [https://www.pgeni.gpolab.bbn.com GPO ProtoGENI], and [https://www.emulab.net Emulab] servers, the SSL certificate is generated in the ''Profile'' tab's ''Options'' section: |
| | 39 | |
| | 40 | [[Image(pgOptions.jpg)]] |
| | 41 | |
| | 42 | Choose the ''Generate SSL certificate'' to create an encrypted SSL certificate: |
| | 43 | |
| | 44 | [[Image(generateSSL.jpg)]] |
| | 45 | |
| | 46 | and download an the encrypted SSL certificate to the ''~/.ssl'' directory on your system: |
| | 47 | |
| | 48 | |
| | 49 | [[Image(downloadSSL.jpg)]] |
| | 50 | |
| | 51 | |
| | 52 | == Optional Removing of SSL Password Prompt == |
| | 53 | |
| | 54 | This is an optional step and is not required. The encrypted certificate must be passphrase protected and should be downloaded into the ''~/.ssl '' directory. To avoid the SSL certificate passphrase prompt, follow these ''optional'' instructions: |
| | 55 | {{{ |
| | 56 | $ openssl rsa -in ~/.ssl/encrypted.pem -out ~/.ssl/encrypted-cleartext.pem |
| | 57 | $ openssl x509 -in ~/.ssl/encrypted.pem >> ~/.ssl/encrypted-cleartext.pem |
| | 58 | $ chmod 400 ~/.ssl/encrypted-cleartext.pem |
| | 59 | }}} |
| | 60 | |
| | 61 | == Determine your URN == |
| | 62 | |
| | 63 | Your username URN is needed for omni configuration to define the credentials to be used with the clearing house. The URN can be found with the following command: |
| | 64 | {{{ |
| | 65 | $ openssl x509 -noout -text -in ~/.ssl/encrypted.pem | grep 'urn:publicid' |
| | 66 | URI:urn:publicid:IDN+pgeni.gpolab.bbn.com+user+lnevers, email:lnevers@pgeni.gpolab.bbn.com |
| | 67 | |
| | 68 | }}} |
| | 69 | |
| | 70 | Make sure to remove the leading "URI:", with the above example, the urn is ''urn:publicid:IDN+emulab.net+user+lnevers''. |
| | 71 | |
| | 72 | ---- |
| | 73 | {{{ |
| | 74 | #!html |
| | 75 | <a href="mailto:lnevers@bbn.com">Email us</a> with any questions and feedback on this page! |
| | 76 | }}} |
| | 77 | |
| | 78 | |
