Difference between revisions of "Logging into the Hall C cluster"
(remove obsolete MobilePass MP1 info) |
|||
| Line 1: | Line 1: | ||
| + | NOTE: If instructions this page become out of date, please update it yourself and/or let a Hall C Staff Member know. | ||
| + | |||
== General Instructions == | == General Instructions == | ||
The Hall C DAQ and online analysis machines are now behind a 2-factor controlled gateway called ''hallgw.jlab.org''. | The Hall C DAQ and online analysis machines are now behind a 2-factor controlled gateway called ''hallgw.jlab.org''. | ||
Revision as of 10:30, 22 July 2019
NOTE: If instructions this page become out of date, please update it yourself and/or let a Hall C Staff Member know.
General Instructions
The Hall C DAQ and online analysis machines are now behind a 2-factor controlled gateway called hallgw.jlab.org.
If you are logging in from a machine located outside the Accelerator fence, or via a wifi connection, you will need to ssh to <username>@hallgw.jlab.org using a 2-factor token first. You can connect to the cdaq hosts from there.
You will need a 2-factor token in order to ssh to hallgw.jlab.org. If you do not have one, you can ask for one at the Help Desk. There are two types of tokens:
- a physical 'CrypoCard' key fob device, and
- a software token + application (SafeNet MobilePASS) that can be installed on your smartphone.
How to use the 2-factor token to log in
The procedure to ssh into a Hall C machine inside the accelerator fence is now:
- ssh <user>@hallgw.jlab.org
- Use your CUE username at the prompt
- Use the 2-factor token to generate your password as indicated below:
- CryptoCard (the physical keychain-style token):
- Press the button and it will display a number. Type in your PIN immediately followed by the digits on the Cryptocard as your password (no spaces, no dashes).
- Note that the first time you log in to hallgw.jlab.org you may be prompted to select a new PIN. Don't forget it (and FTLOATIH, do not write the PIN on the hardware token).
- SafeNet MobilePASS Software token (ie. Android, iPhone, Blackberry):
- Run the MobilePASS app and enter your pin followed immediately by the displayed number all on the same password line and hit return. Enter only digits, no dashes or spaces at the hallgw.jlab.org password prompt ie: 'PINXXXXXXX'
- CryptoCard (the physical keychain-style token):
- If this is the first time you have logged in to hallgw.jlab.org you may be prompted to set up a new shell. Just accept the defaults (keep selecting 'y') and you'll be fine. You can change them later in the unlikely event you care.
- ssh <user>@cdaqlX.jlab.org from hallgw prompt.
Smartphone 2-Factor Applications
Enrollment process
1) Contact the Help desk and request a 2-factor token for your smartphone.
- NOTE! : If you are off-site then you should mention this in your request. Your phone will need to be connected to a wifi network and you will need to tell the Help desk what that network is.
- One easy way to do this is to connect to the wifi network you will use, then point your browser at What is my IP.
- Tell the help desk you will be connecting from the network associated with the IP address shown.
- If you are connected via the JLab wifi network then you do not have to do anything special.
2) You should receive an enrollment email from JLab. Follow the instructions in the email to complete the enrollment.
