User Tools

Site Tools


tutorial:off_campus_access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
tutorial:off_campus_access [2017/04/12 15:53]
sertalpbilal
tutorial:off_campus_access [2021/05/13 09:54] (current)
mjm519
Line 1: Line 1:
 ====== Off-campus access to Cor@l network ====== ====== Off-campus access to Cor@l network ======
 +
 +===== Security =====
 +
 +The Jumphost (ssh.lehigh.edu) is now protected by dual factor authentication ( [[https://confluence.cc.lehigh.edu/display/LKB/Two-factor+Authentication+with+Duo+-+FAQ|Duo Two Factor Authentication]] ) when logging in directly. As an alternative passwordless ssh can be configured. Please review the Security section when setting up passwordless ssh access to Lehigh IT resources through the jumphost.
 +
 +**We are recommending that a password protected key be used when accessing ssh.lehigh.edu from off campus to protect the integrity of internal IT resources.**
 +
 +__Please review the best practices from the website:__
 +
 +**Best Security Practices**
 +  * **Always protect your key pair with a passphrase.**
 +  * Use a strong passphrase just as you would for your password.
 +  * **Do not use your password as your passphrase.**
 +  * Do not write your password/passphrase and store at a place that anyone can access for e.g. post-it note on your monitor.
 +  * Verify only your account has access to ssh keys by running chmod 700 ~/.ssh.
 +  * Never share your private key and/or your passphrase/password.
 +  * Always store your credentials in ssh-agent with a definite lifetime.
 +  * Change your passphrase as regularly as you change your password.
 +  * Do not use reuse your password and passphrase.
 +  * Limit the number of systems that you log in from.
 +
 +
 +[[https://confluence.cc.lehigh.edu/display/hpc/SSH+public-key+authentication|For more information please review this link.]]
  
 ===== SSH ===== ===== SSH =====
Line 7: Line 30:
  
   - Connect to [[tutorial:vpn|VPN]] and ssh to [[info:coral|server you want]] (coral.ie.lehigh.edu, polyps.ie.lehigh.edu, etc..)   - Connect to [[tutorial:vpn|VPN]] and ssh to [[info:coral|server you want]] (coral.ie.lehigh.edu, polyps.ie.lehigh.edu, etc..)
-  - Connect to ssh server of Lehigh (ssh.lehigh.eduwith your Lehigh username and **Lehigh password**. \\ Then type\\ ''ssh coral.ie.lehigh.edu'' and enter your **[[coral:password|COR@L password]]**.+  - Connect to ssh server of Lehigh <code>ssh username@ssh.lehigh.edu</code> with your Lehigh username and **Lehigh password**. \\ Then ssh into COR@L<code>ssh username@coral.ie.lehigh.edu</code> and enter your **[[coral:password|COR@L password]]**.
  
 ===== SCP ===== ===== SCP =====
Line 19: Line 42:
   * Enable "Connect through SSH Tunnel" and enter ''ssh.lehigh.edu'' as the host name and enter your username \\ {{ :tutorial:2.png?nolink |}}   * Enable "Connect through SSH Tunnel" and enter ''ssh.lehigh.edu'' as the host name and enter your username \\ {{ :tutorial:2.png?nolink |}}
   * Save and try to connect. You will be asked two passwords, the first one is your **Lehigh password** and second one is your **COR@L password**.   * Save and try to connect. You will be asked two passwords, the first one is your **Lehigh password** and second one is your **COR@L password**.
 +
tutorial/off_campus_access.1492026810.txt.gz ยท Last modified: 2017/04/12 15:53 by sertalpbilal