- Infos im HLRS Wiki sind nicht rechtsverbindlich und ohne Gewähr -
- Information contained in the HLRS Wiki is not legally binding and HLRS is not responsible for any damages that might result from its use -

Password change

From HLRS Platforms
Jump to navigationJump to search

Due to a security incident on Hawk within the pre-production timeframe, all users must change their passwords and remove/replace ssh-keys before June 3rd 2020. This page provide more detailed information and help for some problems.

  • If your account is enabled for multiple ressources, you have to do the changing procedure only once.
  • If you get an error while changing the password, check your environment. Passwd is a simple bash script located in ( /opt/system/wrappers/passwd on Vulcan or /opt/passwd on change.hww.hlrs.de).


Todo so following steps are necessary:

Login on an frontend system which is accessable for you.

Vulcan users:

  ssh –l <your login> vulcan.hww.hlrs.de
  Run the passwd command to change your password. Please read information and watch output of this command. On success following text is displayed: Password changed successfully.
  Wait for a minimum of 20 minutes to redistribute the password
  Remove your ssh-keys (see below)

Users with accounts on Hawk only

 A server has been set up to provide a mechanism for the change:
    ssh –l  <your login> change.hww.hlrs.de
 Run the passwd command to change your password. Please read information and watch output of this command. On success following text is displayed: Password changed successfully.
  Remove your ssh-keys (see below)

remove compromised ssh-keys on vulcan / hawk

cd      #  change into your HOME Directory
rm –rf .ssh 
mkdir .ssh
chmod 700 .ssh
chmod og-w ~

Other systems

If Users use the same password or ssh-keys on other systems, this keys / passwords should be replaced as well.


Known problems

If you change your password for hawk using change.hww.hlrs.de, this will currently not updated on change, because some hawk related infrastructure is currently unavailable. As soon as this infrastructure is available passwords on change are updated.