- Infos im HLRS Wiki sind nicht rechtsverbindlich und ohne Gewähr -
- Information contained in the HLRS Wiki is not legally binding and HLRS is not responsible for any damages that might result from its use -

HPE Hawk access: Difference between revisions

From HLRS Platforms
Jump to navigationJump to search
Line 39: Line 39:
We are currently preparing the optional protection of ssh access with a One-Time-Password (OTP).
We are currently preparing the optional protection of ssh access with a One-Time-Password (OTP).
As soon as the OTP functionality has been set up, we will announce this accordingly. It will then be mandatory for the software installation frontend. For all other login nodes, each user can decide for himself whether access should be secured via OTP.
As soon as the OTP functionality has been set up, we will announce this accordingly. It will then be mandatory for the software installation frontend. For all other login nodes, each user can decide for himself whether access should be secured via OTP.
In order to be able to use OTP, a secret must be created. For this we have provided a tool "'''generate_2fa_otp.sh'''". It prints out a secret QR code which needs to be scanned by your cell phone OTP app. The generated private secret will be activated by the system the following day.
In order to be able to use OTP, a secret must be created. For this we have provided a tool "<tt>generate_2fa_otp.sh</tt>". It prints out a secret QR code which needs to be scanned by your cell phone OTP app. The generated private secret will be activated by the system the following day.

Revision as of 13:40, 13 February 2024

Access

The only way to access the HPE Hawk (frontend/login nodes) from outside HWW net is through ssh.
Information on how to set up ssh can be found on our webserver at Secure Shell (ssh).

The SSH public key fingerprints are:

Type Fingerprint
ECDSA SHA256:e9baVVjIcaztKSdn30R0Gk5xrta/WP9scQ1GsLsrWC4
ED25519 SHA256:832zq3DA5JvYvo39piPXqqt3SA77VjuvF26e8c25d28
RSA SHA256:4u+wl6y+ylXxZHjDYt35S9aRk7SMx8U8xc4Jp+NYonk

Usage

There are several frontend/login nodes available, access is available using:

  • hawk.hww.hlrs.de

or by seelecting one specific server:

  • hawk-login03.hww.hlrs.de
  • hawk-login04.hww.hlrs.de
  • hawk-login05.hww.hlrs.de


Note: It is highly recommended to use the loadbalancer (hawk.hww.hlrs.de) instead of a specific frontend (hawk-loginxx.hww.hlrs.de), as not all frontends are permanently available


The frontend nodes are intended as single point of access to the entire system. Here you can set your environment, move your data, edit and compile your programs and create batch scripts. If doing so might require an increased number of resources (compiling, creating tarballs of dozens of MBs or more, copying a large amount of data, etc.), please prefix "nice -+19" to the respective command in order to keep the login node responsive for other users! Interactive usage like run your program which leads to a high load is NOT allowed on the frontend/login nodes.

The compute nodes:

  • r1?c?t?n?

for running parallel jobs are only available through the Batch system !


OTP

We are currently preparing the optional protection of ssh access with a One-Time-Password (OTP). As soon as the OTP functionality has been set up, we will announce this accordingly. It will then be mandatory for the software installation frontend. For all other login nodes, each user can decide for himself whether access should be secured via OTP. In order to be able to use OTP, a secret must be created. For this we have provided a tool "generate_2fa_otp.sh". It prints out a secret QR code which needs to be scanned by your cell phone OTP app. The generated private secret will be activated by the system the following day.