getting-started
XSEDE Getting Started
After your first allocation is awarded, you will be emailed your username and password information and will have immediate access to your XSEDE account. XSEDE supports three authentication mechanisms:
-
Single Sign-On (SSO) using your XSEDE-wide password:
- Windows
- Mac/Linux/Unix
- Client Toolkit for Mac/Linux
- SSH2 keypairs
- Site passwords (available on request; supported at some resource provider (RP) sites)
Single Sign-on (SSO) refers to the ability to log in from one location, authenticating yourself so that you will be recognized by all XSEDE resources without having to repeatedly enter your login information for each command or resource. All XSEDE users can log in via Single Sign-on, which is based on Grid Security Infrastructure (GSI), a part of the Globus Toolkit. Authentication on XSEDE resources is implemented through user certificates and recognized certificate authorities (CAs).
Whether you use SSO from inside the Portal or from a terminal application on your laptop, your XSEDE certificate is set up for you on all of your allocated resources.
SSO from the XSEDE User Portal (recommended)
You can start computing from the portal as soon as you get your information packet.
Exceptions:
- TACC: If your allocation includes time on a resource at the Texas Advanced Computing Center (TACC), you won't be able to use SSO until you have activated your TACC account. TACC will send you a welcome email that includes a link to the TACC User Portal and instructions for activating your account.
- NICS: If your allocation includes time on a resource at the National Institute of Computational Sciences (NICS), you won't be able to access the resource using SSO until you activate your NICS account. Additionally, access to Nautilus (NICS) requires the use of an RSA One Time Password (OTP) token, which you will receive in the mail after you have activated your account and verified your user information.
Information about activation comes in a separate email or postal mail communication to users. Do not confuse this login and activation information with your XSEDE account packet or XSEDE-wide login.
From the Portal Accounts Tab
The accounts tab shows all the machines on which you have an allocation. Once you log in to the portal, you may connect with any machine without having to enter your login name again. The portal will bring up a terminal window automatically.
- Log in to the portal using your XSEDE-wide password.
- Go to the My XSEDE tab.
- Select Accounts from the menu bar.
- From the Connect column, click on Log in.
- Click on Run to verify that you wish to run the Java applet.
- From the Portal SSH Terminal
- Log in at the portal >> My XSEDE tab << SSH Terminal.
SSO using a desktop/laptop client
The starting point for this method is a browser window (Windows) or your local Linux/Unix/MacOSX command line using the tgsso application. Like SSO through the portal, you can start computing as soon as you receive your information packet. Exceptions:
- TACC: If your allocation includes time on a resource at the Texas Advanced Computing Center (TACC), you won't be able to use SSO until you have activated your TACC account. TACC will send you a welcome email that includes a link to the TACC User Portal and instructions for activating your account.
- NICS: If your allocation includes time on a resource at the National Institute of Computational Sciences (NICS), you won't be able to access the resource using SSO until you activate your NICS account. Additionally, access to Nautilus (NICS) requires the use of an RSA One Time Password (OTP) token, which you will receive in the mail after you have activated your account and verified your user information.
Information about activation comes in a separate email or postal mail communication to users. Do not confuse this login and activation information with your XSEDE account packet or XSEDE-wide login.
Instructions for Mac OSX/UNIX/Linux
Instructions for Windows (Beta)
SSO using non-default certificates
Using non-XSEDE certificates requires a little extra work because it requires manual set up at each resource where you will be computing. This means that you need to know how to log in to each resource for initial set-up only.
See the instructions for Single Sign-on for non-XSEDE CAs for a list of accepted CAs
Supported Login Methods
The following resource provider sites support the methods discussed above:
| Site | SSO Portal TeraGrid-wide password | SSO command line TeraGrid-wide password | SSH key pairs | Site-specific password | Other |
|---|---|---|---|---|---|
| IU | YES | YES | YES | no | |
| LONI | YES | YES | |||
| NCAR | YES | YES | YES | no | |
| NCSA | YES | YES | YES | YES | |
| NICS | YES* | YES* | no | no | One-time password token |
| ORNL | YES | YES | YES | no | |
| PSC | YES | YES | YES | YES | |
| Purdue | YES | YES | YES | no | |
| SDSC | YES | YES | YES | YES | |
| TACC | YES* | YES* | YES* | YES | |
| |
* See the exceptions explained above