Name

       condor_store_cred securely - stash a password

Synopsis

       condor_store_cred [-help]

       condor_store_credadd[ -c | -u username] [-p password] [-n machinename] [-f filename]

       condor_store_creddelete[ -c | -u username] [-n machinename]

       condor_store_credquery[ -c | -u username] [-n machinename]

Description

       condor_store_credstores  passwords  in  a  secure  manner.  There are two separate uses of
       condor_store_cred:

          1. A shared pool password is needed in order to  implement  the  PASSWORDauthentication
          method.  condor_store_cred  using  the -coption deals with the password for the implied
          condor_pool@$(UID_DOMAIN) user name.

          On a Unix machine, condor_store_cred  with  the  -foption  is  used  to  set  the  pool
          password, as needed when used with the PASSWORDauthentication method. The pool password
          is placed in a file specified by the SEC_PASSWORD_FILEconfiguration variable.

          2. In order to submit a job from a Windows platform machine, or to execute a job  on  a
          Windows  platform  machine  utilizing  the run_as_ownerfunctionality, condor_store_cred
          stores the password of a user/domain pair securely in the Windows registry. Using  this
          stored  password,  HTCondor  may  act on behalf of the submitting user to access files,
          such as writing output or log files. HTCondor is able to run jobs with the user  ID  of
          the  submitting user. The password is stored in the same manner as the system does when
          setting or changing account passwords.

       Passwords are stashed in a persistent manner; they are maintained across system reboots.

       The addargument on the Windows platform stores the password securely in the registry.  The
       user  is  prompted  to  enter  the password twice for confirmation, and characters are not
       echoed. If there is already a password stashed, the old password will  be  overwritten  by
       the new password.

       The deleteargument deletes the current password, if it exists.

       The queryreports whether the password is stored or not.

Options

       -c

          Operations refer to the pool password, as used in the PASSWORDauthentication method.

       -f filename

          For  Unix  machines only, generates a pool password file named filenamethat may be used
          with the PASSWORDauthentication method.

       -help

          Displays a brief summary of command options.

       -n machinename

          Apply the command on the given machine.

       -p password

          Stores password, rather than prompting the user to enter a password.

       -u username

          Specify the user name.

Exit Status

       condor_store_credwill exit with a status value of 0 (zero) upon success, and it will  exit
       with the value 1 (one) upon failure.

Author

       Center for High Throughput Computing, University of Wisconsin–Madison

Copyright

       Copyright  © 1990-2016 Center for High Throughput Computing, Computer Sciences Department,
       University of Wisconsin-Madison, Madison, WI. All  Rights  Reserved.  Licensed  under  the
       Apache License, Version 2.0.

                                           January 2020                      condor_store_cred(1)