Changes between Version 3 and Version 4 of GENIMetaOps/SiteCredentials


Ignore:
Timestamp:
01/05/12 14:27:47 (7 years ago)
Author:
mrmccrac@grnoc.iu.edu
Comment:

re-doing access request procedures

Legend:

Unmodified
Added
Removed
Modified
  • GENIMetaOps/SiteCredentials

    v3 v4  
    1 Follow this procedure to generate a site password for submission of monitoring data, and send that password in encrypted form to Camilo Viecco at GMOC for use with your monitoring data.
    2 
    3  1. Install GPG on you machine.
    4    a. For debian users: `apt-get install gpg`
    5    b. For ubuntu users: `apt-get install gnupg`
    6    c. For redhat users: `yum install gpg`
    7    d. For Mac Users get it from:  `http://macgpg.sourceforge.net/`
    8    e. For windows users: `http://www.gpg4win.org/download.html`
    9 
    10  2. Now get Camilo Viecco's public gpg keys.
    11 {{{
    12 gpg --keyserver pgp.mit.edu --recv-keys 0x3EC5EA42
    13 }}}
    14  3. Now validate the key:
    15 {{{
    16 gpg --fingerprint 0x3EC5EA42
    17 }}}
    18    The return value should be something like:
    19 {{{
    20    pub   1024D/3EC5EA42 2003-04-02
    21        Key fingerprint = 0781 10A0 44CC C441 594F  E5A9 858A 173E
    22 3EC5 EA42
    23    uid                  Camilo Viecco <cviecco@indiana.edu>
    24    sub   3072g/D63BFA6B 2003-04-02
    25 }}}
    26  The value to check is the fingerprint: it should match:
    27 {{{
    28 0781 10A0 44CC C441 594F  E5A9 858A 173E 3EC5 EA42
    29 }}}
    30  4. Now generate a password file: Generate a new password for your organization, and save it on a single line as a text file.  Password requirements: at least 12 characters (no unicode) , no spaces(or tabs) or ':'.
    31 
    32  5. Now we encrypt the file
    33 {{{
    34 gpg -ea -r cviecco@indiana.edu $PASSWORD_FILE
    35 }}}
    36  You are most likely going to get a warning  like this:
    37 {{{
    38 gpg: D63BFA6B: There is no assurance this key belongs to the named user
    39 pub  3072g/D63BFA6B 2003-04-02 Camilo Viecco <cviecco@indiana.edu>
    40  Primary key fingerprint: 0781 10A0 44CC C441 594F  E5A9 858A 173E
    41 3EC5 EA42
    42       Subkey fingerprint: 4543 9514 0EDD F4E8 08A0  9D95 A879 45D5
    43 D63B FA6B
    44 It is NOT certain that the key belongs to the person named
    45 in the user ID.  If you *really* know what you are doing,
    46 you may answer the next question with yes.
    47 Use this key anyway? (y/N)
    48 }}}
    49  Say yes. A file named with the same name as the password file but with an appended '.asc' extension should have been created. 
    50  
    51  6. Send the encrypted file (the one ending in .asc) to cviecco@grnoc.iu.edu. Please:
    52    * Use 'measurement api secret' as the subject of your message.
    53    * Include the exact name which you would like GMOC to use for your site in the body of the message.  (If you have previously been submitting data to the GMOC dev site, this is the `<site>` name, including spelling and capitalization, which you used to identify yourself there.)
    54 
    55  7. Camilo Viecco will send you the production url. This is the url that should be placed on as the DestURL on the measumernt exporter config.
    56 
     1We are currently in the process of revising the procedure of setting up site credentials to use for the submission of monitoring data.  In the mean time, please email [mailto:gmoc@grnoc.iu.edu gmoc@grnoc.iu.edu] to initiate the access request.