Open SSH with GSI Auth

This document covers the installation and configuration required to allow Open SSH with GSI Authentication


Grabbing Epel and OSG Packages

Install the Epel Repo (see OSG site for latest location)

Then install yum priorities,

yum install yum-priorities

Followed by

 rpm -Uvh

and then...

yum install osg-ca-certs

and then...

yum -y install fetch-crl

Install gsissh

This will bring in the ssh related globus packages

 yum install gsissh

Install gsi-openssh-server

 yum -y install gsi-openssh-server


gsi-sshd configuration

cd /etc/gsissh
mv sshd_config sshd_config.old
cp sshd_config.rpmnew sshd_config
/etc/init.d/gsissh reload


It standard RHEL or CentOS? local users accounts have their password set to

this will cause the logins to fail with a message like

User username not allowed because account is locked

The fix is to replace the

in /etc/shadow for those users that are to login via gsissh


-- TerrenceMartin - 2012/08/08 -- TerrenceMartin - 2012/04/04

This topic: UCSDTier2 > OpenSshGsiAuth
Topic revision: r3 - 2012/08/08 - 22:08:47 - TerrenceMartin
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback