Recent Changes - Search:

Disclaimer

edit SideBar

Notes

Welcome!

If you have been addressed to this page by the system administrators, is because you have recently obtained a user account on the UJ Research Cluster.

On this page... (hide)

  1. 1. Passwords
  2. 2. Disk space
  3. 3. Network bandwidth
  4. 4. SSH
  5. 5. Remote access

1.  Passwords

Since the UJRC allows remote logins (with some restrictions), it is extremely important that you use a good password and you keep it safe.

  • Do not give your password to anybody.
    This includes your friends, colleagues, supervisor, the system managers, really anybody.
    • If your supervisor or colleagues needs to access data inside your account, this can be arranged with appropriate group permissions on files and directories, or by creating a shared area for the group. Ask the technical contacts if you need help for this.
    • The system managers do not need your password to access your account. If someone asks for your password, pretending to be a system manager, please report immediately to the technical contacts.
    • We will never send an email asking you to provide your account details and password on a web page. If you receive any such mail, please report it immediately.
    • If you keep your UJRC passwords or your key/certificate pairs on your personal computer, make sure they are protected with another password that you enter manually.
      • If your PC is infected by a virus, a trojan or is stolen, please report the incident also to the UJRC system manager, and change your UJRC password immediately.
  • Don't use the same password for everything.
    In particular, do not use your UJRC password for social network, webmail, mailing list registrations.
  • Change your password regularly - at least once a year.
  • Always choose good passwords:
    • at least 8 character long,
    • mix lowercase, uppercase, numbers and other characters (punctuation and special characters),
    • do not use dictionary words, plain or with trivial phonetic substitutions (like 3 for three or tree)
    • but don't make it so complicated that you need to write it on a post-it on your screen
    • Use apg -MCSN -m8 -x12 commands for suggestions of good, random but still "pronounceable" passwords.
      Just run it again to obtain another set of choices.
    • Or choose a password from this page
  • Use passwd to change your Unix shell password.
    The server enforces some rules when you change password, using PasswdQC.
    You can choose either:
    • a password at least 8 characters long, using at least three out of four classes of characters:
      1. lower case letters
      2. upper case letters (does not count if first character, too common)
      3. numbers (does not count if last character, too common)
      4. punctuation and special symbols
    • a password at least 7 characters long using all four classes
    • a password at least 24 characters long using two classes
    • a passphrase at least 12 characters long, made of at least 3 space-separated words
  • If you forget your password, it can not be retrieved; an administrator will instead assign you a new one, which you should change immediately
  • The system will run a password testing code to identify weak user passwords.
  • If you need to login from remote networks, you may request the necessary instructions to the technical contacts.

When you login, the system will print a line indicating your Last login date, time and source host. Please check that it actually corresponds to when you last used the system; if it does not look right, contact immediately the technical contacts: it could be the sign that someone else has used your account.

2.  Disk space

At the moment there is no disk space policy in place; no user quotas are enforced. Please do not abuse it.

There is no backup of the user or data directories on the cluster. The safety of your data is your own responsibility.

3.  Network bandwidth

Network bandwidth is a scarce resource in South Africa; please use it responsibly. Understand that you are sharing the bandwidth available to the UJ Research Cluster with other users.

4.  SSH

The batch system of the cluster, in certain cases, uses SSH to transfer data inside the cluster. In order to do this, each user must have password-less SSH keys installed as default keys. These are normally created together with the user account; please do not delete any of the keys in the ~/.ssh directory. If you delete them by mistake, and you are not sure of how to replace them, please contact the system administrator.

If you are a regular SSH user, please note that these keys do not have a password; because of this, you should not use them to access other hosts outside of the cluster via the authorised_keys mechanism. If necessary you can add other keys, using different names, and then use ssh-agent.

5.  Remote access

Please note that access to the UI nodes of the UJRC is open only from the internal UJ network. If you need to access your account from outside UJ (from a laboratory overseas, from another university, or from home) and you have not already received instructions on how to do so, please contact the system administrators; there is a procedure in place to handle transient authorisations.

If you regularly connect from a remote location (a laboratory, another university) you can contact the system administrators to arrange for a permanent exception. Sorry but exceptions will not be granted for dynamic IPs from Internet Providers (like most ADSL lines or 3G modems).

Edit - History - Print - Recent Changes - Search
Page last modified on May 30, 2009, at 04:35 PM