GSI: User's Guide

Overview
>Using grid-proxy-init

Using grid-proxy-init

This client creates a proxy with the default expiration of 12 hours.

Proxies are certificates signed by the user, or by another proxy, that do not require a password to submit a job. They are intended for short-term use, when the user is submitting many jobs and cannot be troubled to repeat his password for every job.

The subject of a proxy certificate is the same as the subject of the certificate that signed it, with /CN=proxy added to the name. The gatekeeper will accept any job requests submitted by the user, as well as any proxies he has created.

Proxies provide a convenient alternative to constantly entering passwords, but are also less secure than the user's normal security credential. Therefore, they should always be user-readable only, and should be deleted after they are no longer needed (or after they expire).

Contents:

Syntax
Command line options
Deleting a proxy

Syntax

The basic syntax is:

% grid-proxy-init [optional command line switches]

Command line options

The grid-proxy-init program can also take arguments to specify the expiration and proxy key length.

-hours

Specifies the expiration of the proxy certificate

The default is 12 hours.

-bits

Specifies the maximum number of characters allowed for the proxy key.

The default is ??.

For example:

% grid-proxy-init -hours 8 -bits 512

Deleting a proxy

To delete a proxy that was previously created with grid-proxy-init, run:

% grid-proxy-destroy