OAuth SSH with Globus Auth

The Secure Shell (SSH) protocol and its OpenSSH implementation are a cornerstone of modern scientific computing, enabling users to access remote computers, transfer data, and execute programs. We describe here extensions to the OpenSSH software that enable an additional authentication method, namely OAuth tokens from Globus Auth. Integration with Globus Auth allows users to authenticate using one of hundreds of supported identity providers, and makes it possible for external applications and services to use short-term tokens to access remote computers securely on behalf of users.

[1]  Vipin Samar,et al.  Unified login with pluggable authentication modules (PAM) , 1996, CCS '96.

[2]  Jim Basney,et al.  CILogon: A federated X.509 certification authority for cyberinfrastructure logon , 2014, Concurr. Comput. Pract. Exp..

[3]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[4]  Ian T. Foster,et al.  Efficient and Secure Transfer, Synchronization, and Sharing of Big Data , 2014, IEEE Cloud Computing.

[5]  Ian Foster,et al.  funcX: A Federated Function Serving Fabric for Science , 2020, HPDC.

[6]  Brian Bockelman,et al.  SciTokens: Demonstrating Capability-Based Access to Remote Scientific Data using HTCondor , 2019, PEARC.

[7]  Wilkins-DiehrNancy Special Issue: Science GatewaysCommon Community Interfaces to Grid Resources , 2007 .

[8]  Miron Livny,et al.  Pegasus, a workflow management system for science automation , 2015, Future Gener. Comput. Syst..

[9]  Ian T. Foster,et al.  Globus Nexus: A Platform-as-a-Service provider of research identity, profile, and group management , 2016, Future Gener. Comput. Syst..

[10]  Ian Foster,et al.  Parsl: Pervasive Parallel Programming in Python , 2019, HPDC.

[11]  Blesson Varghese,et al.  Cloud Futurology , 2019, Computer.

[12]  Benjamin Bennett,et al.  High speed bulk data transfer using the SSH protocol , 2008, Mardi Gras Conference.

[13]  Steven Tuecke,et al.  An online credential repository for the Grid: MyProxy , 2001, Proceedings 10th IEEE International Symposium on High Performance Distributed Computing.

[14]  Tatu Ylönen,et al.  The Secure Shell (SSH) Protocol Architecture , 2006, RFC.

[15]  Girish Venkatachalam The OpenSSH protocol under the hood , 2007 .