How To Enable Id Tokens

Not logged in

• Browse
• Help
• Home
• Login
• Reports
• Search
• Timeline
• Wiki

• Contents
• No-Diff
• Text

-{section: How to enable IDTOKENS authentication in HTCondor 8.9.12 and later}
+{section: How to enable IDTOKENS authentication in HTCondor 8.9.12, 9.0.0, and later}
 
 If would like to enable a simple method for authenticating daemon-to-daemon communication, IDTOKENS is relatively straightforward.  Upon setting up IDTOKENS authentication, your HTCondor daemons will only trust other HTCondor daemons that are able to read a secret signing key that is stored on on each machine in a file that is readable only by the system. This will effectively prevent unauthorized machines from joining your pool, and also prevent users from starting their own HTCondor daemons on machines authorized with host-based (IP address) authentication.
 
-(*LINUX NOTE*: you may need to tell HTCondor where to store the signing key.  If you installed from an RPM, =/etc/condor/passwords.d= should already exist.  Otherwise, you can create it as root and set the permissions to 0755.)
-
 (*WINDOWS NOTE*: In the config settings below, change =FS= to =NTSSPI=)
 
 *INSTRUCTIONS FOR ALL PLATFORMS:*

This work is supported by NSF under Cooperative Agreement OAC-2030508 as part of the PATh Project. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF. Site built using CVSTrac.