Arkansas High Performace Computing Center [hpcwiki]

User Tools

Site Tools

Trace: facilities non_bioinformatics_catalog slurm_sbatch_srun gromacs2023 optimization federated_identity_login singularity-apptainer
federated_identity_login

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
federated_identity_login [2022/07/27 14:37]
pwolinsk 		federated_identity_login [2022/07/27 15:26] (current)
pwolinsk
Line 1: Line 1:
 ==== Federated Identity with Globus ID ==== ==== Federated Identity with Globus ID ====
-Globus ID ([[https://www.globusid.org/faq|Globus ID]]) is an identity provider operated [[https://www.globus.org|Globus.org]], a cloud based bulk data transfer solution used by AHPCC.  A Globus ID account is required to use the Globus data transfer system, which is the recommended solution for [[moving_data | Moving Data]].  The same Globus ID account can be used to log into AHPCC clusters.  Globus ID's are free to create and can be linked to multiple identities, including those from schools with a membership in [[https://www.incommon.org/federation/|InCommon]] federation.+Globus ID ([[https://www.globusid.org/faq|Globus ID]]) is an identity provider operated [[https://www.globus.org|Globus.org]], a cloud based bulk data transfer solution used by AHPCC.  A Globus ID account is required to use the Globus data transfer system, which is the recommended solution for [[moving_data | Moving Data]] to and from Pinnacle storage.  The same Globus ID account can be used to log into AHPCC clusters.  Globus ID's are free to create and can be linked to multiple identities, including those from schools which are members of [[https://www.incommon.org/federation/|InCommon]] federation.
  
 +**NOTE:** To log into Pinnacle, both a Globus ID and an associated local Pinnacle account have to exist.  Simply having a Globus ID account will not be enough to log into AHPCC clusters.
  
-==== Using Globus ID to log into AHPCC ==== +==== Using Globus ID to log into AHPCC ==== 
-**oauth-ssh** client is needed to authorized a host machine to connect to the AHPCC cluster using a Globus ID. The **oauth-ssh** is a python package that can be installed using pip:+**oauth-ssh** client is needed to authorized a host machine to connect to the AHPCC cluster using a Globus ID. The **oauth-ssh** is a python package that can be installed using **pip** (python package manager):
  
 <code> <code>
Line 30: Line 31:
 </code> </code>
  
-Once **oauth-ssh** client is installed, your client machine (the host from which your are logging into Pinnacle) has to be authorized to connect to Pinnacle login node, **login.hpc.uark.edu**:+Once **oauth-ssh** client is installed, your client machine (the host from which your are logging into Pinnacle) has to be authorized to connect to the Pinnacle login node, **login.hpc.uark.edu**:
  
 <code> <code>
Line 53: Line 54:
 <code> <code>
 [pawel@frontdesk ~]$ oauth-ssh-token authorize login.hpc.uark.edu [pawel@frontdesk ~]$ oauth-ssh-token authorize login.hpc.uark.edu
-/usr/local/lib/python3.6/site-packages/paramiko/transport.py:33: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography and will be removed in a future release. 
-  from cryptography.hazmat.backends import default_backend 
 Please go to this URL and login: https://auth.globus.org/v2/oauth2/authorize?redirect_uri=https%3A%2F%2Fauth.globus.org%2Fv2%2Fweb%2Fauth-code&client_id=b373be16-f444-45f7-a144-e2c99a8ab704&access_type=offline&state=_default&code_challenge=R9N64HSJVhRqt0zesM0rtzpkbg2YHe3bXW3F5S0Q9Ew&code_challenge_method=S256&response_type=code&scope=https%3A%2F%2Fauth.globus.org%2Fscopes%2Flogin.hpc.uark.edu%2Fssh Please go to this URL and login: https://auth.globus.org/v2/oauth2/authorize?redirect_uri=https%3A%2F%2Fauth.globus.org%2Fv2%2Fweb%2Fauth-code&client_id=b373be16-f444-45f7-a144-e2c99a8ab704&access_type=offline&state=_default&code_challenge=R9N64HSJVhRqt0zesM0rtzpkbg2YHe3bXW3F5S0Q9Ew&code_challenge_method=S256&response_type=code&scope=https%3A%2F%2Fauth.globus.org%2Fscopes%2Flogin.hpc.uark.edu%2Fssh
 Please enter the code you get after login here: MZzXX5GhCw7hr7uH80nU4StddODSQV Please enter the code you get after login here: MZzXX5GhCw7hr7uH80nU4StddODSQV
Line 60: Line 59:
 </code> </code>
  
 +Your host is now authorized for logging into login.hpc.uark.edu for 48 hours.  To log in, you can either use **oauth-ssh** client:
  
-To use a Globus ID, try to log into [[https://www.globus.org/|Globus]] using your school's identity provider The drop +<code> 
-If you do not already have a Globus ID, you can create one herehttps://www.globusid.org/create?viewlocale=en_US+[pawel@frontdesk ~]$ oauth-ssh login.hpc.uark.edu 
 + 
 +Last failed loginWed Jul 27 08:14:45 CDT 2022 from 184.180.249.7 on ssh:notty 
 +There were 4 failed login attempts since the last successful login. 
 +Last login: Wed Jul 27 08:12:10 2022 from 184.180.249.7 
 + 
 +     Welcome to login.hpc.uark.edu - Globus Authentication test login VM 
 + 
 +-bash-4.2$  
 +</code> 
 +or your regular ssh client, by copying and pasting the output of **oauth-ssh-token show token login.hpc.uark.edu** at the OAuth token prompt: 
 + 
 +<code> 
 +[pawel@frontdesk ~]$ oauth-ssh-token show token login.hpc.uark.edu 
 +Ay525VXDNakMxKGVJ8dx0B5gl95mlj0ldjkngVdqQOOeaJ3ouVCB1gWOYkQrOKYW0oYnaX52dbOzIW92B1XHQ5mXj 
 +[pawel@frontdesk ~]$ ssh pwolinsk@login.hpc.uark.edu 
 +Enter your OAuth token 
 +Last loginWed Jul 27 09:39:10 2022 from 10.172.0.199 
 + 
 +     Welcome to login.hpc.uark.edu - Globus Authentication test login VM 
 + 
 +-bash-4.2$  
 +</code>
  
federated_identity_login.1658932641.txt.gz · Last modified: 2022/07/27 14:37 by pwolinsk

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki