:: Instructions for MyProxy
creation and check
BEFORE using these commands YOU SHOULD HAVE READ
help-certificate
and you should have a window open in the secure shell client,
onto
grid-demo.ct.infn.it, the User Interface
(UI) of the GILDA testbed. You already must have public and private
keys on your account on this UI machine.
For more information on MyProxy refer to this.
Before you can run jobs, you need to create a proxy from your
certificate; this proxy is used to authorise actions on all
Grid elements (SE, CE, RB....), and avoids the need for sending
your key over the network. When using the command line interface,
the proxy is created directly from the certificate (grid-proxy-init).
However GENIUS is an example of using a Grid without a window
on the UI, and so without the ability to directly create a proxy
from grid-proxy-init. The proxy is created by an intermediate
element, the MyProxy server. The MyProxy server is used to issue
a short-lifetime proxy on your behalf. The following steps give
authority to the MyProxy server to do this.
1) cd
Go to your home directory on grid-demo.ct.infn.it
2) myproxy-init -s grid001.ct.infn.it
This creates the delegator that will issue proxies on your behalf.
(There is a hidden grid-proxy-init in this command: it first
creates a proxy to allow the MyProxy server to create the delegator.)
To create the delegator your certificate is used. The delegator
has a lifetime of 1 week by default. (After that, you need to
re-run this step.) You are asked for the password of your certificate.
You are asked to enter a new password to be associated with
your MyProxy delegation. IT IS RECOMMENDED THAT THIS SHOULD
BE DIFFERENT to that in your certificate. IT IS ALSO RECOMMENDED
THAT YOU REMEMBER IT.
3) myproxy-info -s grid001.ct.infn.it
Display information - e.g. remaining lifetime - about the delegator
4) grid-proxy-info
Shows the proxy created in the myproxy-init command
5) grid-proxy-destroy
Destroys the proxy created in the myproxy-init command at step
1
6) grid-proxy-info
Check no proxy exists
7) myproxy-get-delegation -s grid001.ct.infn.it
Get a new proxy from the MyProxy server. It has a default lifetime
of 12 hours THIS REQUIRES THE PASSWORD SET IN STEP 1. It is
this step that GENIUS will perform when a user requests a Grid
service.
8) grid-proxy-info
Shows the proxy retrieved from the MyProxy server.