Sshkey policy: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 6: | Line 6: | ||
* do not use the same password for gmail and any cluster | * do not use the same password for gmail and any cluster | ||
* do not give your password or sshkey to anyone, even friends, family, or other lab members | * do not give your password or sshkey to anyone, even friends, family, or other lab members | ||
* if you need to move files to Cluster 2, copy them from within Cluster 2. e.g. to copy from Fawlty in YYZ: | |||
ssh root@142.150.250.20 "cd /nfs/store/ucsf/users/proust1/in/other_data; tar cf - xyz " | tar xf - | |||
Never copy from cluster 0 or 1 into cluster 2. | |||
See the tips on using [[Ssh-agent]] for password-free passage among machines. | See the tips on using [[Ssh-agent]] for password-free passage among machines. | ||
Revision as of 18:47, 12 May 2014
Our SSH/SSL key policy is as follows. Please make sure all of these are true for all the machines you use:
- all ssh keys must be password protected.
- password on your ssh key must be different from your login password
- do not use the same password on two clusters
- do not use the same password for gmail and any cluster
- do not give your password or sshkey to anyone, even friends, family, or other lab members
- if you need to move files to Cluster 2, copy them from within Cluster 2. e.g. to copy from Fawlty in YYZ:
ssh root@142.150.250.20 "cd /nfs/store/ucsf/users/proust1/in/other_data; tar cf - xyz " | tar xf -
Never copy from cluster 0 or 1 into cluster 2.
See the tips on using Ssh-agent for password-free passage among machines.