Project(s) or EGEE activity presenting the demo or poster (project or activity names only)
There is lack of client tools that allow users to login to systems using X509-based authentication protocols, and it remains a significant barrier to many first-time grid users who are already on a steep learning curve.
KGSI provides the facility for users to use any SSH-enabled client to login - for instance, clients such as Putty, WinSCP and Nautilus all work with KGSI.
KGSI works by providing a server-only solution. The server uses standard SSH mechanisms that allow the user to supply a username and password to a previously uploaded credential on a MyProxy server. This credential is retrieved on behalf of the user and is then used to authenticate the user on the system.
The system is implemented by applying a small patch to GSI-OpenSSH, a specially written LinuxPAM module, and an authentication helper script.
Special requirements other than the set up mentioned in the CfA text.