COmanage Developers List

["Michael A. Grady" <>]

TeraGrid has a take on SSH also:

 https://www.teragrid.org/web/user-support/login_quickstart

with both a Java Applet SSH or download an SSH to your desktop, with the 
approach of turning your login into short term certs that all the TeraGrid 
providers use. There's the Shib-to-cert bridge that TeraGrid is working on, 
talked about in this paper:

 
http://middleware.internet2.edu/idtrust/2010/papers/02-basney-federated-teragrid.pdf

and the more generalized Shib-to-cert bridge service that the NSF is funding 
called CILogon (referred to in the above paper):

 http://www.cilogon.org/

Of course, as was pointed out, you still need to provision the local account 
on the machine being SSHed into. HUBZero, or at least NanoHub that it is 
based on, I believe has a "community allocation" on the TeraGrid that allows 
jobs submitted from the NanoHub community to run on TeraGrid resources when 
needed. Will the COs similarly have "community allocations", or will 
individual researchers within the CO have their own allocations? Probably 
want to think about both models.

On Aug 20, 2010, at 10:14 AM, Jim Leous wrote:

> Looks like HubZero has a take on this.  They run X through a VNC Java 
> Applet.  You're automatically "logged on" to a VM with a private network 
> interface via an X terminal session .  If I then ssh to another host, I am 
> logged on via userid/password, but I could store RSA keys on my "home" 
> directory in HUB zero and gain access to other machines via ssh ONLY having 
> authenticated to the HubZero Web site.  I think this is akin to what 
> Michael was suggesting.  HubZero needs some work, but we had a pretty good 
> CIC Research Computing Group call 2 weeks ago where we discussed HubZero 
> (Michael McLennan from Purdue) and COmanage (me).  I have one of our guys 
> trying to domesticate HubZero.
> 
> One of the points that I made to Michael McLennen was that he needs to 
> build community for this product, and prompt answers to help requests would 
> be one way to do that. (I was actually much kinder than that, but he 
> probably hates me anyway).  Mike Burns who has been working on this for ITS 
> Emerging Technologies said that questions rarely get answered on the 
> HubZero forums and when they do, it's usually by someone who is not part of 
> the HubZero development team, rather someone else like Mike Burns who is 
> plugging away.  I suggested to Michael McLennen that he should put one of 
> the developers on a "hot seat" and try to guarantee a half day turnaround 
> on responses.  That doesn't appear to be happening yet.  This could also be 
> a lesson for us when we get there.
> 
> Jim
> -- 
> Jim Leous
> Emerging Technologies Group
> Information Technology Services
> 


--
Michael A. Grady                      
Executive Program Officer for Cyberinfrastructure
Office of the CIO, University of Illinois at Urbana-Champaign
2222 DCL, MC 256, 1304 W. Springfield Ave., Urbana, IL 61801
217.244.1253 phone, 217.244.4780 fax