In the grid-environment, it may not be possible to directly log into grid-nodes. The usual practise is to firewall login-sessions to grid-nodes, but give the user an account on a different machine to bounce off. This method is a bit long winded, because it requires the user to connect to two machines, eventually entering the password each time. For using interactive applications on the grid this is a hardly feasible way to establish the communication, a direct connection to the grid-node is necessary: it is required to contact the gatekeeper in order to submit jobs. Consequently the gatekeeper is used to start up a login-shell or any other kind of application whose in- and output gets transferred. This can for example be used to stream the output of a visualisation application using GVid over glogin.

Once the remote glogin program has been started on the grid-node by the gatekeeper, it will take care of communication itself. The following diagram shows how interactive communication is established trough the globus-gatekeeper:

• In (1), the requesting client contacts the gatekeeper
• In (2), the gatekeeper starts the requested service
• In (3), the requested service creates a listener socket
• In (4), the requesting client directly contacts the requested service

A direct connection (= no globus-gatekeeper) between the client and the service has now been established. Interactive data exchange between the peers can now take place. Since this connection is a globus-connection, data can be transmitted in a secure way.

For more information please refer to http://www.gup.jku.at/research/projects/glogin