MAiN
 
  BAcK to Session
 
  BAcK to Curriculum
 
:: Instructions for MyProxy creation and check


BEFORE using these commands YOU SHOULD HAVE READ help-certificate and you should have a window open in the secure shell client, onto grid-demo.ct.infn.it, the User Interface (UI) of the GILDA testbed. You already must have public and private keys on your account on this UI machine.

For more information on MyProxy refer to this.

Before you can run jobs, you need to create a proxy from your certificate; this proxy is used to authorise actions on all Grid elements (SE, CE, RB....), and avoids the need for sending your key over the network. When using the command line interface, the proxy is created directly from the certificate (grid-proxy-init).

However GENIUS is an example of using a Grid without a window on the UI, and so without the ability to directly create a proxy from grid-proxy-init. The proxy is created by an intermediate element, the MyProxy server. The MyProxy server is used to issue a short-lifetime proxy on your behalf. The following steps give authority to the MyProxy server to do this.

1) cd
Go to your home directory on grid-demo.ct.infn.it

2) myproxy-init -s grid001.ct.infn.it
This creates the delegator that will issue proxies on your behalf. (There is a hidden grid-proxy-init in this command: it first creates a proxy to allow the MyProxy server to create the delegator.) To create the delegator your certificate is used. The delegator has a lifetime of 1 week by default. (After that, you need to re-run this step.) You are asked for the password of your certificate. You are asked to enter a new password to be associated with your MyProxy delegation. IT IS RECOMMENDED THAT THIS SHOULD BE DIFFERENT to that in your certificate. IT IS ALSO RECOMMENDED THAT YOU REMEMBER IT.

3) myproxy-info -s grid001.ct.infn.it
Display information - e.g. remaining lifetime - about the delegator

4) grid-proxy-info
Shows the proxy created in the myproxy-init command

5) grid-proxy-destroy
Destroys the proxy created in the myproxy-init command at step 1

6) grid-proxy-info
Check no proxy exists

7) myproxy-get-delegation -s grid001.ct.infn.it
Get a new proxy from the MyProxy server. It has a default lifetime of 12 hours THIS REQUIRES THE PASSWORD SET IN STEP 1. It is this step that GENIUS will perform when a user requests a Grid service.

8) grid-proxy-info
Shows the proxy retrieved from the MyProxy server.