To use the CSP-secured system, the user must have access to a user-specific certificate and private key. The most convenient method of gaining access is to create a text file identifying the users.
On the master host, create and save a text file that identifies users.
Use the format of the file myusers.txt shown in the following example. The fields of the file are UNIX_username:Gecos_field:email_address.
eddy:Eddy Smith:eddy@my.org sarah:Sarah Miller:sarah@my.org leo:Leo Lion:leo@my.org |
As root on the master host, type the following command:
# sge-root/util/sgeCA/sge_ca -usercert myusers.txt |
Confirm by typing the following command:
# ls -l /var/sgeCA/port536/default/userkeys |
This directory listing produces output similar to the following example.
dr-x------ 2 eddy staff 512 Mar 5 16:13 eddy dr-x------ 2 sarah staff 512 Mar 5 16:13 sarah dr-x------ 2 leo staff 512 Mar 5 16:13 leo |
Tell each user listed in the file (myusers.txt in the example) to install the security-related files in their $HOME/.sge directories by typing the following commands.
% source sge-root/default/common/settings.csh % sge-root/util/sgeCA/sge_ca -copy |
Users should see the following confirmation (user eddy in the example).
Certificate and private key for user eddy have been installed |
For every grid engine software installation, a subdirectory for the corresponding SGE_QMASTER_PORT number is installed. The following example, based on the myusers.txt file, results from issuing the command preceding the output.
% ls -lR $HOME/.sge /home/eddy/.sge: total 2 drwxr-xr-x 3 eddy staff 512 Mar 5 16:20 port536 /home/eddy/.sge/port536: total 2 drwxr-xr-x 4 eddy staff 512 Mar 5 16:20 default /home/eddy/.sge/port536/default: total 4 drwxr-xr-x 2 eddy staff 512 Mar 5 16:20 certs drwx------ 2 eddy staff 512 Mar 5 16:20 private /home/eddy/.sge/port536/default/certs: total 8 -r--r--r-- 1 eddy staff 3859 Mar 5 16:20 cert.pem /home/eddy/.sge/port536/default/private: total 6 -r-------- 1 eddy staff 887 Mar 5 16:20 key.pem -r-------- 1 eddy staff 2048 Mar 5 16:20 rand.seed |