myproxy-server(8) store credentials in an online repository

SYNOPSIS

myproxy-server [ options ]

DESCRIPTION

The myproxy-server is a server that runs on a trusted, secure host and manages a database of security credentials for use from remote sites. The myproxy-init(1) program stores credentials with associated policies that specify credential lifetimes and who is authorized to retrieve credentials. The myproxy-server.config(5) file sets server-wide policies that are used in conjunction with the policies set by myproxy-init(1) to control who is authorized to store and retrieve credentials.

OPTIONS

-h, --help
Displays command usage text and exits.
-u, --usage
Displays command usage text and exits.
-v, --verbose
Enables verbose debugging output to the terminal.
-V, --version
Displays version information and exits.
-d, --debug
Run the server in debug mode. In this mode, the server will run in the foreground, will accept one connection, write log messages to the terminal while processing the incoming request, and exit after completing one request.
-l hostname/ipaddr, --listen hostname/ipaddr
Specifies the hostname or IP address that the myproxy-server should listen (bind) to. Default: all interfaces on the localhost
-p port, --port port
Specifies the TCP port number that the myproxy-server should listen on. Default: 7512
-c file, --config file
Specifies the location of the myproxy-server configuration file. Default: /etc/myproxy-server.config or $GLOBUS_LOCATION/etc/myproxy-server.config
-s dir, --storage dir
Specifies the location of the credential storage directory. The directory must be accessible only by the user running the myproxy-server process for security reasons. Default: /var/lib/myproxy or /var/myproxy or $GLOBUS_LOCATION/var/myproxy

FILES

/etc/myproxy-server.config
Default location of the server configuration file (see myproxy-server.config(5)). If not found, $GLOBUS_LOCATION/etc/myproxy-server.config will be used. An alternate location can be specified by using the -c option.
/var/lib/myproxy
Default location of the credential storage directory. If not found, /var/myproxy or $GLOBUS_LOCATION/var/myproxy will be used. If none of these directories exist, the myproxy-server will first attempt to create /var/lib/myproxy and if that fails will attempt to create $GLOBUS_LOCATION/var/myproxy and use that. The directory must be accessible only by the user running the myproxy-server process for security reasons. An alternate location can be specified by using the -s option.

ENVIRONMENT

GLOBUS_LOCATION
Specifies the root of the MyProxy installation, used to find the default location of the myproxy-server.config file and the credential storage directory.
GLOBUS_USAGE_OPTOUT
Setting this environment variable to "1" will disable the reporting of usage metrics.
LD_LIBRARY_PATH
The MyProxy server is typically linked dynamically with Globus security libraries, which must be present in the dynamic linker's search path. This typically requires $GLOBUS_LOCATION/lib to be included in the list in the LD_LIBRARY_PATH environment variable, which is set by the $GLOBUS_LOCATION/libexec/globus-script-initializer script, which should be called from any myproxy-server startup script. Alternatively, to set LD_LIBRARY_PATH appropriately for the Globus libraries in an interactive shell, source $GLOBUS_LOCATION/etc/globus-user-env.sh (for sh shells) or $GLOBUS_LOCATION/etc/globus-user.env.csh (for csh shells).
MYPROXY_SERVER_PORT
Specifies the port where the myproxy-server(8) is running. This environment variable can be used in place of the -p option.
X509_USER_CERT
Specifies an alternative location for the server's certificate. By default, the server uses /etc/grid-security/hostcert.pem when running as root or ~/.globus/usercert.pem when running as non-root.
X509_USER_KEY
Specifies an alternative location for the server's private key. By default, the server uses /etc/grid-security/hostkey.pem when running as root or ~/.globus/userkey.pem when running as non-root.
X509_USER_PROXY
Specifies an alternative location for the server's certificate and private key (in the same file). Use when running the server with a proxy credential. Note that the proxy will need to be periodically renewed before expiration to allow the myproxy-server to keep functioning. When the myproxy-server runs with a non-host credential, clients must have the MYPROXY_SERVER_DN environment variable set to the distinguished name of the certificate being used by the server.
X509_CERT_DIR
Specifies a non-standard location for the CA certificates directory.
MYPROXY_KEYBITS
Specifies the size for RSA keys generated by MyProxy. By default, MyProxy generates 2048 bit RSA keys. Set this environment variable to "1024" for 1024 bit RSA keys.

AUTHORS

See http://grid.ncsa.illinois.edu/myproxy/about for the list of MyProxy authors.