Tutorial:
Logging in to a running Legion system

Table of Contents

About login & security About AuthenticationObjects Logging in Checking your log in status Logging out Other on-line tutorials & documentation

Click on the to move to the selected text.

Legion comes with security features that can be enabled or not, as appropriate to your system. If your system adminstrator chooses to use them, they will be enabled when the system is first initialized. In a secured system all users must have a user id and must log in before starting to work. Your system's log in procedure may differ from what is described here: please see your system administrator for exact instructions. The default system requires that all users have user ids and passwords. This allows Legion to keep track of your objects and to know what kind of user privileges you have. It also prevents malicious users from interfering with your objects or gaining illicit access to your system.

About AuthenticationObjects

altering the AuthenticationObject

When you log in to a Legion system you are identified by a special object called the AuthenticationObject: this object contains your password, initial implicit parameters (the Legion equivalent of a the Unix "environment"), and other information. AuthenticationObjects are created when you create a user id. When an authenticated user runs a Legion process a certificate confirming his or her identify is passed along to verify that this person has permission to run the process. This certificate is created and signed by your AuthenticationObject.

Logging in

creating new user ids

You need a user id before you can log in. Ask your system administrator to create one for you, if necessary. You log in with the legion_login command. The system will request your password and verify your identity and your security privileges.

To login, run legion_login with just your user id or with no arguments at all. Usage is:

legion_login [-l <user LOID> | <user id>]

Notice that if you give the user id as a parameter you need to use the full path name (/users/<user id>):

$ legion_login /users/bob
Password: xxxx
$

Or:

$ legion_login 
Legion login: /users/bob
Password: xxxx
$

Objects created while logged in will be owned by you and only you will be able to use them. Any processes that you start after you log in will be accompanied by a copy of your AuthenticationObject's certificate.

If you can't remember whether or not you are logged in or which user id you are using, run the legion_whoami command. Your output will look something like this:

$ legion_whoami
/users/nemo
$

This means that you are logged in as user nemo. If you are not logged in or your system administrator has not enabled security there will be no output.

While logged in, you can change your password and other parameters of your environment. The password may be changed with the legion_passwd command. Note that you must include your user name:

$ legion_passwd /users/nemo
New Legion password: xxxx
Retype new password: xxxx
Password changed.
$

To log out, run legion_logout.

$ legion_logout

This will remove your credentials file. (Note that you are not in a separate shell, so if you type exit you will close your window.)

Last modified: Tue Jun 29 13:30:10 1999

[Home] [General] [Documentation] [Software] [Testbeds] [Et Cetera] [Map/Search] legion@Virginia.edu http://legion.virginia.edu/