Sshkey policy: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
(hjg) |
||
Line 13: | Line 13: | ||
See the tips on using [[Ssh-agent]] for password-free passage among machines. | See the tips on using [[Ssh-agent]] for password-free passage among machines. | ||
[[Category: | [[Category:Policy]] | ||
[[Category:Internal]] | [[Category:Internal]] |
Revision as of 04:39, 11 June 2015
Our SSH/SSL key policy is as follows. Please make sure all of these are true for all the machines you use:
- all ssh keys must be password protected.
- password on your ssh key must be different from your login password
- do not use the same password on two clusters
- do not use the same password for gmail and any cluster
- do not give your password or sshkey to anyone, even friends, family, or other lab members
- if you need to move files to Cluster 2, copy them from within Cluster 2. e.g. to copy from Fawlty in YYZ:
ssh root@142.150.250.20 "cd /nfs/store/ucsf/users/proust1/in/other_data; tar cf - xyz " | tar xf -
Never copy from cluster 0 or 1 into cluster 2.
See the tips on using Ssh-agent for password-free passage among machines.