[gt-user] Queries on GridFtp+RFT over SSH and Derby
John Bresnahan
bresnaha at mcs.anl.gov
Fri Feb 5 12:23:39 CST 2010
> 1) Is it possible to configure GridFTP to authenticate over SSH rather
> than use certificates,
no, unfortunately this is not possible. SSH does not have a notion of delegating security
credentials, so to make this work the RFT client would either have to give RFT their private ssh key
(which is a terrible and unacceptable idea) or complicated out of band protocol would have to be
added to make RFT and the users client machine communicate SSH forwarding bits (like what ssh-agent
does) over an ssh channel. This is quite a complicated issue and it is nearly impossible to glue
those two frameworks together.
> and then use RFT to do transfers over this
> configuration ? I'm mainly intersted in GridFTP user authentications,
> i.e. authentication/encryption of the gftp control channel. The docs
> mention that GridFTP can be configured to do this but not much is
> mentioned about using RFT with this.
GridFTP can be configured to do this, and there are some nice new reliability features in
globus-url-copy that you may find met you needs and could allow you to not need RFT (depending on
what you are doing).
> 2) Is there any benefit to using the default Derby database rather
> than say PostgreSql or MySql ?
The main advantage is that derby is setup for you by default. You have to configure postgres/mysql
on your own. If you are comfortable doing that, then feel good about choosing your own DB.
> I ask this because I am familiar with
> PostgreSql/MySql and these may be more stable and mature products. I
> haven't every done anything with Derby. What are the general
> recommendations ?
>
> Thanks in advance
> ARN
More information about the gt-user
mailing list