Globus Toolkit security depends on servers having valid hostnames. It looks like maverick needs an entry in /etc/hosts for fool, so you can do 'myproxy-retrieve -v -s fool ...' rather than giving fool's IP address on the command-line. Currently the hostname lookup for 192.168.1.2 is failing on maverick.
On 7/6/11 3:39 PM, Amitav Mohanty wrote: > Hello > > I created a certificate for my second machine on my first machine using > myproxy-admin-addservice. However, when I try to retrieve it on my > second machine, I get the following error message. > > [titu@maverick]>myproxy-retrieve -v -s 192.168.1.2 -k Maverick -l titu > MyProxy v5.4 22 Apr 2011 PAM OCSP > Attempting to connect to 192.168.1.2:7512 > Successfully connected to 192.168.1.2:7512 > Error getting name of remote party: Could not get peer hostname > Connection refused > > I checked /var/log/errors.log on the first machine and found the > following lines. > > Jul 7 01:56:32 fool myproxy-server[11920]: Connection from 192.168.1.3 > Jul 7 01:56:32 fool myproxy-server[11920]: using trusted certificates > directory /etc/grid-security/certificates > Jul 7 01:56:33 fool myproxy-server[11920]: Exiting: authentication failed > > I also check if there were services listening on the ports and it seems > fine. > > [root@fool dknight]# netstat -an | grep 7512 > tcp 0 0 0.0.0.0:7512 0.0.0.0:* LISTEN > [root@fool dknight]# netstat -an | grep 2811 > tcp 0 0 0.0.0.0:2811 0.0.0.0:* LISTEN > > Do I need to add some edits in the grid-mapfile after running > myproxy-admin-addservice? > > Regards > Amitav
