Difference between revisions of "Logging into the Hall C cluster"
From HallCWiki
Jump to navigationJump to search| Line 2: | Line 2: | ||
== General Instructions == | == General Instructions == | ||
| − | The Hall C DAQ and online analysis machines are | + | The Hall C DAQ and online analysis machines are behind a 2-factor controlled gateway (computer) called ''hallgw.jlab.org''. |
| − | If you are logging in from a machine located outside the Accelerator fence, or via a wifi connection, you will need to ssh to <username>@hallgw.jlab.org using a 2-factor token first. You can connect to the cdaq hosts from there. | + | If you are logging in from a machine located outside the Accelerator fence (including off-site), or via a wifi connection, you will need to ssh to <username>@hallgw.jlab.org using a 2-factor token first. You can connect to the cdaq hosts from there. |
[[Image:cc.jpg|CryptoCard Key Chain|100 px|thumb]] | [[Image:cc.jpg|CryptoCard Key Chain|100 px|thumb]] | ||
Latest revision as of 09:20, 12 October 2022
NOTE: If instructions on this page fall out of date, please update it yourself and/or let a Hall C Staff Member know.
General Instructions
The Hall C DAQ and online analysis machines are behind a 2-factor controlled gateway (computer) called hallgw.jlab.org.
If you are logging in from a machine located outside the Accelerator fence (including off-site), or via a wifi connection, you will need to ssh to <username>@hallgw.jlab.org using a 2-factor token first. You can connect to the cdaq hosts from there.
You will need a 2-factor token in order to ssh to hallgw.jlab.org. If you do not have one, you can ask for one at the Help Desk. There are two types of tokens:
- a physical 'CrypoCard' key fob device, and
- a software token + application (SafeNet MobilePASS) that can be installed on your smartphone.
How to use the 2-factor token to log in
The procedure to ssh into a Hall C machine inside the accelerator fence is now:
- ssh <user>@hallgw.jlab.org
- Use your CUE username at the prompt
- Use the 2-factor token to generate your password as indicated below:
- CryptoCard (the physical keychain-style token):
- Press the button and it will display a number. Type in your PIN immediately followed by the digits on the Cryptocard as your password (no spaces, no dashes).
- Note that the first time you log in to hallgw.jlab.org you may be prompted to select a new PIN. Don't forget it (and FTLOATIH, do not write the PIN on the hardware token).
- SafeNet MobilePASS Software token (ie. Android, iPhone, Blackberry):
- Run the MobilePASS app and enter your pin followed immediately by the displayed number all on the same password line and hit return. Enter only digits, no dashes or spaces at the hallgw.jlab.org password prompt ie: 'PINXXXXXXX'
- CryptoCard (the physical keychain-style token):
- If this is the first time you have logged in to hallgw.jlab.org you may be prompted to set up a new shell. Just accept the defaults (keep selecting 'y') and you'll be fine. You can change them later in the unlikely event you care.
- ssh <user>@cdaqlX.jlab.org from hallgw prompt.
Smartphone 2-Factor Applications
Enrollment process
- Contact the Help desk and request a 2-factor token for your smartphone. They may require your JLab sponsor to acknowledge the request.
- You should receive an enrollment email from JLab. Follow the instructions in the email to complete the enrollment.
- This will require you to download the MobilePASS phone app as noted above, then read and follow the instructions in the enrollment email while on your phone.
