Sshkey policy

From DISI
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Our SSH/SSL key policy is as follows. Please make sure all of these are true for all the machines you use:

  • all ssh keys must be password protected.
  • password on your ssh key must be different from your login password
  • do not use the same password on two clusters
  • do not use the same password for gmail and any cluster
  • do not give your password or sshkey to anyone, even friends, family, or other lab members
  • if you need to move files to Cluster 2, copy them from within Cluster 2. e.g. to copy from Fawlty in YYZ:
ssh root@142.150.250.20 "cd /nfs/store/ucsf/users/proust1/in/other_data; tar cf - xyz " | tar xf -

Never copy from cluster 0 or 1 into cluster 2.

See the tips on using Ssh-agent for password-free passage among machines.

Retrieved from "http://wiki.docking.org/index.php?title=Sshkey_policy&oldid=8716"