|
|
|
# 1. Set up the Two Factor Authentication
|
|
|
|
|
|
|
|
*TODO*
|
|
|
|
The first step to be able to connect to Cineca HPC systems is to have a [second authentication factor](https://en.wikipedia.org/wiki/Multi-factor_authentication) (or *2FA*) properly set up. This boils down to having an application that generates short-lived temporary passwords to be used in conjunction with your regular password or SSH key in order to decrease the chance of having some malevolent individual claim to be you while connecting to our systems.
|
|
|
|
|
|
|
|
<p>
|
|
|
|
<details>
|
|
|
|
<summary>2FA Apps</summary>
|
|
|
|
|
|
|
|
When it comes to generating and managing 2FA codes, several (both free and paid) options are available. While you can use any TOTP-enabled app, we can suggest some options we tried ourselves:
|
|
|
|
|
|
|
|
* Google Authenticator
|
|
|
|
* Microsoft Authenticator
|
|
|
|
* Authy
|
|
|
|
|
|
|
|
Note that major password managers (e.g.: LastPass, 1Password, etc...) provide their own TOTP generators, so if you're already using one of those solutions you can just stick to it also for Cineca 2FA.
|
|
|
|
|
|
|
|
Since some of those apps can be used directly from the same machine you're going to be using to connect to Cineca systems: **we strongly suggest you run the TOTP generator app of your choice on a different device (e.g.: your mobile phone): having both the SSH client and the TOTP generator on the same device, while doable, it kinda defeats the Two Factor Authentication purpose.**
|
|
|
|
|
|
|
|
</details>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
In order to have it properly set up:
|
|
|
|
|
|
|
|
1. install and configure your favorite 2FA app;
|
|
|
|
2. go to https://jump.hpc.cineca.it and log in with your credentials;
|
|
|
|
3. click on the "Two Factor Authentication" link on the left menu;
|
|
|
|
4. follow the step-by-step instructions.
|
|
|
|
|
|
|
|
# 2. Set up your SSH client
|
|
|
|
|
| ... | ... | |
