wiki:GENIUserWorkspace/ConfigCredentials

Version 2 (modified by Jeanne Ohren, 7 years ago) (diff)

--

Configuring Credentials

You will need three sets of credentials (two optional) when using the user workspace:

  1. A GENI certificate. You can obtain a GENI certificate by submitting a request at http://www.emulab.net or http://pgeni.gpolab.bbn.com Once your request is approved, you can download an SSL certificate (with .pem extension) from this slice authority.
  1. (Optional) An iRODS account. This is only needed if you want to access an iRODS server from the user workspace. You must have the following information in an irods configuration file.
    irodsHost
    irodsPort
    irodsDefResource
    irodsHome
    irodsCwd
    irodsUserName
    irodsZone

Make sure you remember the password for your iRODS account. You will need this when you run credconfig.sh below.

  1. (Optional) A Java Keystore file created from your GENI certificate. This is only needed if you want to use Flukes. See https://geni-orca.renci.org/trac/wiki/flukes/#Userauthorization for instructions on how to generate the keystore file.

Make sure you remember the alias and password that you used when creating the keystore file. You will need this when you run Flukes.

Transfer these files to a location in your home directory. You can do this with ftp, scp, or shared folders.

With these 1-3 files, you can configure your credentials with the credconfig.sh tool.

   $ credconfig.sh -g <path-to-geni-credential> -i <path-to-irods-config> -f <path-to-jks-file>

The -g parameter is required and the -i and -f parameters are optional.

Example:

   $ credconfig.sh -g /home/geniuser/gpo_ctcert.pem -f /home/geniuser/pgeni.jks -i /home/geniuser/irods.config

The results of running this script:

  • A pair of SSH keys (geni_key and geni_key.pub) will be generated for you using the private key from your GENI certificate. These keys will be placed in /home/geniuser/.ssh.
  • Your certificate will be placed in /home/geniuser/.ssl.
  • An omni_config file will be generated for you and placed in /home/geniuser/.gcf.
  • If the -f option is used, /home/.flukes.properties will be configured to point to your keystore and ssh keys.
  • If the -i option is used, /home/.irods/.irodsEnv will be configured according to your supplied irods config file.