Follow these steps to add to SLC5 a standalone gridftp (both server and client) installation allowing access to the IPV6 testbed VO:

1. Install these packages, available from the EPEL repository, available by default on SLC5:

   yum install globus-gridftp-server.x86_64
   yum install globus-gridftp-server-progs.x86_64
   yum install globus-gridmap-callout-error.x86_64
   yum install voms-clients.x86_64
   yum install globus-gass-copy-progs.x86_64
   yum install fetch-crl.noarch
   

2. Create /etc/gridftp.conf

   cp /etc/gridftp.conf.default /etc/gridftp.conf
   

3. Add The following to /etc/gridftp.conf to enable logging:

   log_level ERROR,WARN,INFO
   log_single /var/log/gridftp/gridftp-auth.log
   log_transfer /var/log/gridftp/gridftp.log
   log_module stdio_ng
   

4.  mkdir /var/log/gridftp 

5. Add a logrotate.d entry for the gridftp logs (e.g. /etc/logrotate.d/gridftp):

   /var/log/gridftp/*log {
       missingok
       compress
       weekly
       delaycompress
       rotate 40
   }
   

6. Make sure the griftp server can be contacted through your firewalls. Add file /etc/sysconfig/globus-gridftp-server with the allowed port range for the control connections. E.g., for ports 20000-21000:

   export GLOBUS_TCP_PORT_RANGE=20000,21000
   

7. Then open on all relevant firewalls TCP ports 2811, plus the port range above. For standard firewall installations on SL or RedHat-based systems add the following lines in /etc/sysconfig/iptables and /etc/sysconfig/ip6tables (before last line):

   -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2811 -j ACCEPT
   -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 20000:21000 -j ACCEPT
   
   Reload the firewall:
   
   /etc/init.d/iptables restart
   /etc/init.d/ip6tables restart
   

8. Check that the system hostname(s) does not appear on neither of the lines starting with 127.0.0.1 or ::1 in the /etc/hosts file
9. Add file egi-trustanchors.repo to /etc/yum.repos.d with the following contents:

   [EGI-trustanchors]
   name=EGI-trustanchors
   baseurl=http://repository.egi.eu/sw/production/cas/1/current/
   gpgkey=http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3
   gpgcheck=1
   enabled=1
   

10. Install the CA certificates, and start the CRL update processes:

    yum update
    yum install ca_policy_igtf-classic
    chkconfig --level 2345 fetch-crl-boot on
    chkconfig --level 2345 fetch-crl-cron on
    service fetch-crl-cron start
    

11. Confirm that the signed host certificate and key are installed as: /etc/grid-security/host(cert|key).pem. Make sure the key file has mode 0400.
12. Install our VOMS server certificate (new certificate valid until October 15, 2013):

    cd /etc/grid-security/vomsdir
    wget http://www.mi.infn.it/ipv6/voms2.cnaf.infn.it.pem
    

13. Download this RPM for VOMS-based GSI authorisation:

    cd /tmp
    wget http://www.mi.infn.it/ipv6/ipv6-user-map-plugin-0.1-4.x86_64.rpm
    rpm -ihv ipv6-user-map-plugin-0.1-4.x86_64.rpm
    

14. Start the gridftp server:

    chkconfig --level 2345 globus-gridftp-server on
    service globus-gridftp-server start
    

15. To get a VOMS certificate for testing:
    1. register yourself at https://voms2.cnaf.infn.it:8443/voms/ipv6.hepix.org
    2. on a UI node, create a file vomses (default location: ~/.glite/vomses) containing the following line:

       "ipv6.hepix.org" "voms2.cnaf.infn.it" "15013" "/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it" "ipv6.hepix.org" 

       Put your personal usercert.pem and userkey/pem in ~/.globus (your homedirectory, not root).

    3. use command voms-proxy-init -userconf /path/to/vomses -voms ipv6.hepix.org