|
To improve security for SCD's supercomputing systems,
Telnet and FTP access from outside networks will be turned off
1 August 2001.
In conjunction, also on 1 August 2001, there will be a
cleartext
password ban that prohibits the use of cleartext passwords for any inbound
authenticated connection.
SSH is the most widely available method of encrypted remote access
to SCD computers. SCD has installed SSH on all its systems except the
Crays. Please begin using SSH to connect to UCAR systems as soon as possible
before 1 August.
For more information about SSH, see:
Getting started with SSH at NCAR
How to Use Secure SHell (SSH):
End-to-End Encryption to Access SCD Supercomputers
User Access Changes (from August 2000)
How does this affect users?
- Network logins from remote hosts (hosts outside the NCAR security
perimeter) will have to use the SSH secure copy command (scp).
- Users needing to access the Crays from outside after 1 August will
have to log in to another machine first (another supercomputer, meeker,
longs, the gatekeeper, or a divisional exposed host).
- Data transfers from remote hosts to SCD systems will have to
use scp (secure copy) or sftp.
- Dialup logins via the Remote Access Server (RAS) will still be
able to use Telnet and FTP. See
Remote Computing at NCAR.
- Telnet and FTP within the UCAR security perimeter will still be
supported.
- FTP of data to a remote host while logged on to an SCD supercomputer
will be allowed by going through the NCAR gate computer. See
FTP change for
NCAR supercomputers.
If you have questions about SSH and scp usage, please
contact the SCD Consulting Office
(consult1@ucar.edu, 303-497-1278).
|
