nersc multi factor authentication
play

NERSC Multi-Factor Authentication It's easy! Abe Singer - PowerPoint PPT Presentation

Sep 26, 2022 •826 likes •1.07k views

NERSC Multi-Factor Authentication It's easy! Abe Singer 2018-11-01 MFA in Brief MFA will be required starting with new allocation year MFA == Password + One Time Password (OTP) Protects your account against password

  1. NERSC Multi-Factor Authentication It's easy! Abe Singer 2018-11-01

  2. MFA in Brief ● MFA will be required starting with new allocation year ● MFA == Password + One Time Password (OTP) ○ Protects your account against password theft/guessing ● No special hardware required, uses (free) phone/tablet app ● Configure with NIM in just a few minutes ● semi single sign-on (SSO) across NERSC ○ sshproxy: SSO for ssh ○ Shibboleth and NEWT: SSO for websites ● Supported across virtually all of NERSC ○ Coming soon: myProxy, HPSS tokens, Jupyter, NX 2

  3. Using MFA 3

  4. Google Authenticator OTP, changes every 30 seconds Serial Number (identifier) Time remaining 4

  5. Using MFA: ssh DOE6748468:~ abe$ ssh cori.nersc.gov ***************************************************************** * * * NOTICE TO USERS * * --------------- * Password + OTP: NIM.password 157712 Last login: Wed Oct 31 21:02:26 2018 from 71.143.193.229 ----------------------------- Contact Information ---------------- abe@cori07:~> 5

  6. sshproxy ● Entering OTP every time isn't very friendly with scripts/workflows ● sshproxy ○ Service developed by NERSC ○ You use MFA to obtain an ssh key that expires after 24 hours ■ MFA once, run everywhere (at NERSC) ■ Use sshproxy again when key expires ○ Leverages ssh certificates NERSC-supplied bash client script does all the work ○ 6

  7. Using MFA: sshproxy abe$ sshproxy.sh Enter your password+OTP: NIM.password 157712 Successfully obtained ssh key /Users/abe/.ssh/nersc Key is valid: from 2018-11-01T04:36:00 to 2018-11-02T04:37:51 abe$ ls ~/.ssh config id_rsa.pub nersc nersc.pub id_rsa known_hosts nersc-cert.pub abe$ ssh -i ~/.ssh/nersc cori.nersc.gov ***************************************************************** * * * NOTICE TO USERS * abe@cori07:~> 7

  8. Using MFA: ssh config (less typing) ~/.ssh/config Host cori cori.nersc.gov Hostname cori.nersc.gov IdentityFile ~/.ssh/nersc 8

  9. Using MFA: Shibboleth 9

  10. 10

  11. Enabling MFA 11

  12. Enabling MFA 12

  13. Enabling MFA (cont.) 13

  14. Creating a "token" 14

  15. Creating a token (cont.) 15

  16. Creating a token (cont). 16

  17. Creating a token (cont). 17

  18. Creating a token (cont). 18

  19. Creating a token (cont). 19

  20. Additional details ● sshproxy keys >24 hours with justification and authorization ● Desktop app ("authy") for the smartphone-less ● "Backup" OTP passwords for when you leave your mobile at home ● Token "reset" for when you lose/replace your device(s) ● Hardware token (yubikey) supported ○ You have to purchase (~$40) and configure ○ Requires desktop software ○ Kindle Fire is only slightly more ($50) ■ And you can play games on it too! ● Exceptions to MFA available if necessary ○ Tell us why MFA can't work for you 20

  21. Any Questions? ● https://www.nersc.gov/users/connecting-to-nersc/mfa/ ○ Or google "NERSC MFA" ● Any questions? 21

  22. Thank You 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Multi-factor Authentication Coming to a NERSC near you You Have Probably Heard of MFA

Multi-factor Authentication Coming to a NERSC near you You Have Probably Heard of MFA

Multi-factor Authentication Coming to a NERSC near you You Have Probably Heard of MFA Password One-time Password (OTP) Factor == Authentication Method Certificate Hardware Token Biometric password + OTP token + PIN Multi-factor ::= 2+

90 views • 7 slides
Contextual Access and Multi-Factor Authentication Lessons learned on getting past single-factor

Contextual Access and Multi-Factor Authentication Lessons learned on getting past single-factor

Conference 2018 Contextual Access and Multi-Factor Authentication Lessons learned on getting past single-factor authentication! Panelists Corey Scholefield - Team Lead, Identity Services Wendy Blake Director, Network and Technical Services

519 views • 33 slides
Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey

Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey

Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey Friedberg Phishing & Identity Theft Historically most online banking done with passwords (single-factor authentication) Password communicated

449 views • 42 slides
Two factor authentication Open, trustworthy and enterprise ready Two factor authentication

Two factor authentication Open, trustworthy and enterprise ready Two factor authentication

Version 1.0 Cornelius Klbel (corny@cornelinux.de) May 2014 (CC BY-NC-SA 4.0) Everybody knows that a password - be it simple or even complex - is a potential vulnerability. Two factor authentication is the way to authenticate a user not only

400 views • 5 slides
DUO 2-Factor Authentication at UNC Charlotte WHATS DUO? Two-Factor Authentication

DUO 2-Factor Authentication at UNC Charlotte WHATS DUO? Two-Factor Authentication

DUO 2-Factor Authentication at UNC Charlotte WHATS DUO? Two-Factor Authentication Using two devices to prove youre you! Why? Breaches! UNC Charlotte has been the victim of more than one data breach, and ITS is attempting to

623 views • 6 slides
Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018

Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018

10.10.18 1 Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018 Boston University Information Services & Technology 10.10.18 2 Recent Password Hacks PlayStation Network (2011) 77 Million

157 views • 13 slides
Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional NCEdCloud Privileged Accounts) - Mark Scheible, MCNC MFA for All NCEdCloud Privileged Users As a part of continuing efforts to enhance the security

479 views • 14 slides
Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional NCEdCloud Privileged Accounts) - Mark Scheible, MCNC MFA for All NCEdCloud Privileged Users - 1 As a part of continuing efforts to enhance the

319 views • 15 slides
T/Key: Second-Factor Authentication Without Server Secrets Dima Kogan 1 , Nathan Manohar 2 , Dan

T/Key: Second-Factor Authentication Without Server Secrets Dima Kogan 1 , Nathan Manohar 2 , Dan

T/Key: Second-Factor Authentication Without Server Secrets Dima Kogan 1 , Nathan Manohar 2 , Dan Boneh 1 1 Stanford, 2 UCLA Passwords have multiple security issues eavesdropping/key logging phishing password reuse Two-factor authentication

779 views • 31 slides
What does MFA mean? Jeffrey Goldberg jeff@1Password.com What does MFA mean? It

What does MFA mean? Jeffrey Goldberg jeff@1Password.com What does MFA mean? It

What does MFA mean? Jeffrey Goldberg jeff@1Password.com What does MFA mean? It means multi-factor authentication. In certain cases it is called 2FA for two-factor authentication. Jeffrey Goldberg What does MFA mean?

471 views • 44 slides
View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert, Florian Farke, and Markus Drmuth Santa Clara, California, USA | WAY 2019 | August 11, 2019 Two-Factor Authentication 1 1 2 1 Gmail 2FA

415 views • 28 slides
Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR

Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR

Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR CONSULTANTS www.XFactorConsultants.com User Authentication (Auth) The methods by which a web app verifies the identity of a user and limits their

334 views • 8 slides
Using Trusted Execution Environments in Two-Factor Authentication Roland van Rijswijk-Deij M.Sc.

Using Trusted Execution Environments in Two-Factor Authentication Roland van Rijswijk-Deij M.Sc.

Introduction Trusted Execution and Two-Factor Authentication User Interaction Discussion Conclusions and Future Work Using Trusted Execution Environments in Two-Factor Authentication Roland van Rijswijk-Deij M.Sc. rijswijk@cs.ru.nl

299 views • 14 slides
Mendel at NERSC: Multiple Workloads on a Single Linux Cluster Larry Pezzaglia NERSC

Mendel at NERSC: Multiple Workloads on a Single Linux Cluster Larry Pezzaglia NERSC

Mendel at NERSC: Multiple Workloads on a Single Linux Cluster Larry Pezzaglia NERSC Computational Systems Group lmpezzaglia@lbl.gov CUG 2013 (May 9, 2013) Snapshot of NERSC Located at LBNL, NERSC is the production computing facility for

481 views • 31 slides
UPDATE ON NERSC PScheD EXPERIENCES, A CONTINUING SUCCESS STORY Tina Butler - NERSC Brent Draney

UPDATE ON NERSC PScheD EXPERIENCES, A CONTINUING SUCCESS STORY Tina Butler - NERSC Brent Draney

N ATIONAL E NERGY R ESEARCH S CIENTIFIC C OMPUTING C ENTE R UPDATE ON NERSC PScheD EXPERIENCES, A CONTINUING SUCCESS STORY Tina Butler - NERSC Brent Draney - NERSC Mike Welcome -NERSC Bryan Hardy - SGI Steve Luzmoor - SGI This work was

622 views • 22 slides
smartmail & smartportal: Introducing Two- Factor Authentication Presented By: Business

smartmail & smartportal: Introducing Two- Factor Authentication Presented By: Business

smartmail & smartportal: Introducing Two- Factor Authentication Presented By: Business Process Team DL-BusinessProcessandAutomation@fnf.com Decision of the Organization to protect our clients and customers further by adding another

202 views • 16 slides
Business Performance 31.12.2018 1 DISCLAIMER This presentation has been prepared by Karur Vysya

Business Performance 31.12.2018 1 DISCLAIMER This presentation has been prepared by Karur Vysya

INVESTOR PRESENTATION 30.09.2019 Business Performance 31.12.2018 1 DISCLAIMER This presentation has been prepared by Karur Vysya Bank Limited (the Bank) solely by the Bank for information purposes only. This presentation is not a complete

1.09k views • 59 slides
Q4FY19 www.repcohome.com Earnings Presentation May 2019 Agenda Repco Home Finance Limited

Q4FY19 www.repcohome.com Earnings Presentation May 2019 Agenda Repco Home Finance Limited

Repco Home Finance Limited Earnings Presentation Q4FY19 www.repcohome.com Earnings Presentation May 2019 Agenda Repco Home Finance Limited Q4FY19 Performance Business summary..

469 views • 28 slides
2Q 2018 Earnings Presentation Forward Looking Statements The foregoing contains forward-looking

2Q 2018 Earnings Presentation Forward Looking Statements The foregoing contains forward-looking

2Q 2018 Earnings Presentation Forward Looking Statements The foregoing contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Such statements are not historical facts and include

400 views • 15 slides
FY 2019 Results Presentation March 10, 2020 1 Disclaimer This presentation contains or

FY 2019 Results Presentation March 10, 2020 1 Disclaimer This presentation contains or

FY 2019 Results Presentation March 10, 2020 1 Disclaimer This presentation contains or incorporates by reference forward -looking statements regarding the belief or current expectations of Union Bank Plc, the Directors and other members

455 views • 44 slides
1 Financial Highlights: FY18 Key financial highlights Strong performance backed by robust

1 Financial Highlights: FY18 Key financial highlights Strong performance backed by robust

FY18 R ESULTS A NALYST P RESENTATION 28 August 2018 1 Agenda 1 Financial Highlights: FY18 Key financial highlights Strong performance backed by robust top-line, strategic cost management and improved efficiencies Opex & CIR Operating

567 views • 28 slides
Paralleliza(on and Performance of the NIM Weather Model on CPU, GPU and MIC Architectures Mark

Paralleliza(on and Performance of the NIM Weather Model on CPU, GPU and MIC Architectures Mark

Paralleliza(on and Performance of the NIM Weather Model on CPU, GPU and MIC Architectures Mark Gove? NOAA Earth System Research Laboratory We Need Be?er Numerical Weather Predic(on Superstorm Sandy Second most destruc(ve in U.S.

326 views • 21 slides
Corporate Presentation - FY19 Disclaimer This presentation has been prepared by and is the sole

Corporate Presentation - FY19 Disclaimer This presentation has been prepared by and is the sole

Corporate Presentation - FY19 Disclaimer This presentation has been prepared by and is the sole responsibility of IDFC FIRST Bank (together with its subsidiaries, referred to as the Company) . By accessing this presentation, you are agreeing

1.08k views • 57 slides
TSB Banking Group - Duncan Funding Platform January 2020 CONFIDENTIAL Disclaimer (1) This

TSB Banking Group - Duncan Funding Platform January 2020 CONFIDENTIAL Disclaimer (1) This

TSB Banking Group - Duncan Funding Platform January 2020 CONFIDENTIAL Disclaimer (1) This presentation, its contents and any related communication (together, the Presentation ) is not intended for distribution to, or use by any person or

506 views • 46 slides

More recommend