[Gt-eos] gct and gsissh
Mischa Salle
msalle at nikhef.nl
Fri Sep 7 14:31:11 CEST 2018
Hi Frank, others,
I think it's probably good to focus on the version maintained by
Mattias, but that's probably for Mattias to answer (-;
What we could do is host that version under https://github.com/gridcf or
alternatively adapt the current gridcf/gct version to the one maintained
by Mattias.
Concerning GSI-OpenSSH itself, I think it's use is not really in the
same situations as GridFTP clients are typically used: although you can
run quite some commands over GridFTP, it's not the same as SSH.
When transferring realâ„¢ data I would use GridFTP and certainly not
gsis{cp,ftp}. AFAIK (some) of the German supers use gsissh for
kickstarting access.
For the further future (don't remember whether I mentioned this before),
one could probably make a different patch based on the adapted OpenSSH
versions as shipped by RedHat and Debian, which have proper GSSAPI
support (i.e. not just Kerberos, those patches were pushed by the
Moonshot people which also requires a proper GSSAPI, and I think were
based on the GSI-OpenSSH patch). It probably still requires a patched
server, but might be able to use a stock client with just some extra
modules installed (if I'm not mistaken).
Cheers,
Mischa
On Thu, Sep 06, 2018 at 05:56:33PM +0200, Frank Scheiner wrote:
> Hi all,
>
> ...and Christmas came in between...
>
> I think we never really finished this discussion.
>
> And recently the question about the status of GSI-OpenSSH came up in PRACE.
> The GSI-OpenSSH repo on Github ([1]) is still based on OpenSSH 7.5p1 and no
> commit has been made there since September 2017. Consequently the current
> GCT still builds a source package for GSI-OpenSSH based on OpenSSH 7.5.p1
> where OpenSSH 7.8p1 is already out.
>
> [1]: https://github.com/globus/gsi-openssh
>
> I'll try to summarize the points so far - please correct me if I'm wrong
> somewhere:
>
> * Trying to get the GSI patch upstream into OpenSSH is a lost cause. Same
> for the other patches.
>
> * The current version of GSI-OpenSSH "available from" the Globus Toolkit and
> the current GCT is based on OpenSSH 7.5p1 and includes (1) the HPN patches,
> (2) the iSSHD patches on top of the HPN patches, (3) the GSI patches on top
> of the iSSHD patches and (4) the Fedora OpenSSL 1.1 support patch on top of
> it all.
>
> * The EPEL/Fedora versions of GSI-OpenSSH that Mattias maintains are based
> on the OpenSSH versions used in the respective EPEL/Fedora release and
> contain all of the above minus the HPN and iSSHD patches and minus the parts
> of the GSI patch that are already included in the EPEL/Fedora versions of
> OpenSSH.
>
> * Jim proposed to focus on the EPEL/Fedora version(s) of Mattias
>
> ****
>
> So what are the next steps?
>
> Should we remove GSI-OpenSSH from the GCT? Although I personally consider
> gsiscp and gsisftp (even with HPN patches) inferior to GridFTP clients, they
> are certainly useful and users are usually already familiar with the non-GSI
> versions.
>
> Should we switch to Mattias' version(s)? But how can we include this, as the
> development happens in Fedora I assume?
>
> Where should we point users for the GSI-OpenSSH source and for support in
> the future?
>
> Cheers,
> Frank
>
> --
> Frank Scheiner
>
> High Performance Computing Center Stuttgart (HLRS)
> Department Project User Management & Accounting
>
> Email: scheiner at hlrs.de
> Phone: +49 711 685 68039
>
> _______________________________________________
> Gt-eos mailing list
> Gt-eos at mailman.egi.eu
> http://mailman.egi.eu/mailman/listinfo/gt-eos
--
Nikhef Room H155
Science Park 105 Tel. +31-20-592 5102
1098 XG Amsterdam Fax +31-20-592 5155
The Netherlands Email msalle at nikhef.nl
__ .. ... _._. .... ._ ... ._ ._.. ._.. .._..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3402 bytes
Desc: not available
URL: <http://mailman.egi.eu/pipermail/discuss/attachments/20180907/f722a750/attachment.p7s>
More information about the discuss
mailing list