HPC/Network Access: Difference between revisions
mNo edit summary |
|||
Line 5: | Line 5: | ||
== Carbon Login Nodes == | == Carbon Login Nodes == | ||
Connect with a [http://en.wikipedia.org/wiki/Secure_Shell '''Secure Shell'''] client program to | Connect with a [http://en.wikipedia.org/wiki/Secure_Shell '''Secure Shell'''] client program to | ||
:; clogin.cnm.anl.gov: | |||
This will work directly only from '''an Argonne-operated workstation'''. | This will work directly only from '''an Argonne-operated workstation'''. | ||
Line 17: | Line 17: | ||
== Using the SSH gateway == | == Using the SSH gateway == | ||
The CNM SSH gateway is a Unix-style machine at the host name: | The CNM SSH gateway is a Unix-style machine at the host name: | ||
:; mega.cnm.anl.gov: | |||
* You will always have to '''type in your domain password''' to ''establish'' a tunnel. | * You will always have to '''type in your domain password''' to ''establish'' a tunnel. | ||
* You will '''not have a home directory''' on this machine – it is neither strictly required nor needed for the tunneling functionality. | * You will '''not have a home directory''' on this machine – it is neither strictly required nor needed for the tunneling functionality. |
Revision as of 20:39, January 12, 2012
|
Carbon Login Nodes
Connect with a Secure Shell client program to
- clogin.cnm.anl.gov
This will work directly only from an Argonne-operated workstation.
From any other computer employ one of the following mechanisms:
- SSH gateway (available for all users),
- Argonne VPN (available for Argonne employees only).
For either mechanism, authenticate yourself with your Argonne domain login and password. Your domain login will usually remain active for the duration of your proposal. You must renew your password about every 6 months (you will usually receive a reminder by email).
Using the SSH gateway
The CNM SSH gateway is a Unix-style machine at the host name:
- mega.cnm.anl.gov
- You will always have to type in your domain password to establish a tunnel.
- You will not have a home directory on this machine – it is neither strictly required nor needed for the tunneling functionality.
- Do not type any command on this machine - it is only needed to establish a tunnel.
To use the tunnel for interactive operations and file transfer on the end systems, ssh public keys are normally permissible and must be placed at the end machines.
Additional information:
Tunnel Setup
SSH GUI Applications
Note for CNM workstations on the APS network
For users with workstations that are still on the APS networks, there is a conflict of kerberos tickets. Prior to accessing the cluster, the APS ticket must be destroyed, so that the ANL.GOV ticket may be used. To do this, use the kdestroy(8) command or, on Mac OS X, /System/Library/CoreServices/Kerberos.app . (Anthony Avarca)
Password Policies
The methods described above will grant you, the holder of your Argonne domain password and private ssh key, access to your account on Carbon. As with any Argonne computer system, the following rules apply:
- Keep passphrases and passwords private – do not share them with anyone, including administrators that you know or don't know.
- Keep your private key file private - do not share it with anyone.
- Use a strong passphrase following DOE password regulations.