Cannot log in to Kraken using default simfactory configuration

Create issue
Issue #381 closed
Ian Hinder created an issue

SimFactory uses the gsissh method to connect to Kraken. This requires a "proxy" to be created locally via the myproxy-logon command. There is currently logic in Perl simfactory's mdb.pm file to automatically run myproxy-logon and prompt for the passphrase.

This does not work for me. I get the error

Failed to receive credentials. ERROR from myproxy-server (myproxy.teragrid.org): PAM authentication failed: Permission denied

(see below for the full output). If I remove the localsshsetup key, I can run the myproxy-logon command manually and then connect using simfactory.

Looking at the full output below, it seems that it is trying to run myproxy-logon with my local username (ian) instead of the remote one (hinder). If I replace the @USER@ in the myproxy-logon command with my Kraken username, everything works as expected.

MacBook:etrelease ian$ sim login kraken
Simulation Factory:
Executing: {
mkdir -p /Users/ian/Cactus/etrelease/.globus &&
>> /Users/ian/Cactus/etrelease/.globus/proxy-teragrid &&
chmod go-rwx /Users/ian/Cactus/etrelease/.globus/proxy-teragrid &&
export X509_USER_PROXY=/Users/ian/Cactus/etrelease/.globus/proxy-teragrid &&
mkdir -p /Users/ian/Cactus/etrelease/.globus/certificates-teragrid &&
export X509_CERT_DIR=/Users/ian/Cactus/etrelease/.globus/certificates-teragrid && { { grid-proxy-info -issuer -file /Users/ian/Cactus/etrelease/.globus/proxy-teragrid 2>/dev/null | grep "^/C=US/O=National Center for Supercomputing Applications/" >/dev/null 2>/dev/null && test $(grid-proxy-info -timeleft -file /Users/ian/Cactus/etrelease/.globus/proxy-teragrid 2>/dev/null) -gt 0 2>/dev/null } || { { grid-proxy-destroy 2>/dev/null || true; } && myproxy-logon -p 7514 -s myproxy.teragrid.org -T -l ian -o /Users/ian/Cactus/etrelease/.globus/proxy-teragrid } } && { globus-update-certificate-dir > /dev/null 2>&1 || true; }; } && gsissh -t hinder@kraken-gsi2.nics.teragrid.org '{ source /etc/profile; } && cd /nics/b/home/hinder/Cactus/etrelease && $SHELL -l' Enter MyProxy pass phrase: Failed to receive credentials. ERROR from myproxy-server (myproxy.teragrid.org): PAM authentication failed: Permission denied

Keyword:

Comments (4)

  1. Erik Schnetter
    • removed comment

    The underlying reason is that SimFactory is confused about the difference between the two user names that the user has locally and remotely. A work-around is to copy this MDB entry to the UDB, and to hard-code the user name there.

  2. Ian Hinder reporter
    • changed status to resolved
    • removed comment

    This seems to have been fixed now in SimFactory 2 (r1369), so I'm closing this ticket. Please re-open if necessary.

  3. Log in to comment