Prev Part . GT 4.1.2: GSI-OpenSSH Next

GT 4.1.2 Release Notes: GSI-OpenSSH

Table of Contents

1. Component Overview
2. Feature Summary
3. Changes Summary
4. Bug Fixes
5. Known Problems
5.1. Limitations
5.2. Known Bugs
6. Technology Dependencies
7. Tested Platforms
8. Backward Compatibility Summary
9. Associated Standards
10. For More Information

1. Component Overview

GSI-OpenSSH is a modified version of OpenSSH that adds support for X.509 proxy certificate authentication and delegation, providing a single sign-on remote login and file transfer service. GSI-OpenSSH can be used to login to remote systems and transfer files between systems without entering a password, relying instead on a valid proxy credential for authentication. GSI-OpenSSH forwards proxy credentials to the remote system on login, so commands requiring proxy credentials (including GSI-OpenSSH commands) can be used on the remote system without the need to manually create a new proxy credential on that system.

2. Feature Summary

Features new in GT 4.1.2

  • This is the first Globus Toolkit release that includes GSI-enabled OpenSSH.

Other Supported Features

  • The gsissh command provides a secure remote login service with forwarding of X.509 proxy credentials.
  • The gsiscp and gsisftp commands provide a secure file transfer service authenticated with X.509 proxy credentials, mimicking the rcp/scp and ftp/sftp commands.
  • All standard OpenSSH features are supported, excluding Kerberos authentication. Kerberos authentication is not compatible with GSI-enabled OpenSSH.
  • The GSI-OpenSSH server can replace the standard system SSH server in typical environments.
  • If no username is given on the command-line, GSI-OpenSSH automatically determines the username that corresponds to the X.509 proxy certificate subject in the server's grid-mapfile.

Deprecated Features

  • None

3. Changes Summary

The following changes have occurred for GSI-OpenSSH since the last stable release, 4.0:

[summarize changes]

4. Bug Fixes

This is the first release of the Globus Toolkit that includes GSI-enabled OpenSSH.

5. Known Problems

The following problems and limitations are known to exist for GSI-OpenSSH at the time of the 4.1.2 release:

5.1. Limitations

  • No known limitations exist.

5.2. Known Bugs

No bugs are known to exist for GSI-OpenSSH.

6. Technology Dependencies

GSI-enabled OpenSSH depends on the following GT components:

  • Pre-WS Authentication and Authorization

GSI-enabled OpenSSH depends on the following 3rd party software:

7. Tested Platforms

Tested Platforms for GSI-OpenSSH

  • Mac OS X 10.3
  • i686 GNU/Linux
  • ia64 GNU/Linux

8. Backward Compatibility Summary

Protocol changes since GT 4.0

  • GSI-enabled OpenSSH was not included in GT 3.2.

API changes since GT 4.0

  • GSI-enabled OpenSSH was not included in GT 3.2.

Exception changes since GT 4.0

  • Not applicable

Schema changes since GT 4.0

  • Not applicable

9. Associated Standards

Associated standards for GSI-OpenSSH:

10. For More Information

See GSI-OpenSSH more information about this component.

Prev Up Next
Part . GT 4.1.2: GSI-OpenSSH Home GT 4.1.2 GSI-OpenSSH: System Administrator's Guide