CINXE.COM

Two-factor authentication (2FA) — Technical Documentation

<!DOCTYPE html> <html class="writer-html5" lang="en"> <head> <meta charset="utf-8" /> <meta property="article:modified_time" content="2024-07-24T17:12:30+02:00" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Two-factor authentication (2FA) &mdash; Technical Documentation</title> <link rel="stylesheet" type="text/css" href="../_static/pygments.css" /> <link rel="stylesheet" type="text/css" href="../_static/css/theme.css" /> <link rel="stylesheet" type="text/css" href="../_static/copybutton.css" /> <link rel="stylesheet" type="text/css" href="../_static/custom.css" /> <link rel="shortcut icon" href="../_static/favicon.ico"/> <!--[if lt IE 9]> <script src="../_static/js/html5shiv.min.js"></script> <![endif]--> <script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js"></script> <script src="../_static/jquery.js"></script> <script src="../_static/underscore.js"></script> <script src="../_static/_sphinx_javascript_frameworks_compat.js"></script> <script src="../_static/doctools.js"></script> <script src="../_static/sphinx_highlight.js"></script> <script src="../_static/clipboard.min.js"></script> <script src="../_static/copybutton.js"></script> <script src="../_static/js/theme.js"></script> <link rel="index" title="Index" href="../genindex.html" /> <link rel="search" title="Search" href="../search.html" /> <link rel="next" title="HPC Software and Applications" href="hpc_software.html" /> <link rel="prev" title="Connecting" href="connecting.html" /> </head> <body class="wy-body-for-nav"> <div class="wy-grid-for-nav"> <nav data-toggle="wy-nav-shift" class="wy-nav-side"> <div class="wy-side-scroll"> <div class="wy-side-nav-search" style="background: #EEEEEE" > <a href="https://www.mpcdf.mpg.de"> <img src="../_static/mpcdflogo.png" class="logo" alt="Logo"/> </a> <div role="search"> <form id="rtd-search-form" class="wy-form" action="../search.html" method="get"> <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu"> <ul class="current"> <li class="toctree-l1 current"><a class="reference internal" href="index.html">Frequently Asked Questions</a><ul class="current"> <li class="toctree-l2"><a class="reference internal" href="account.html">Account registration</a></li> <li class="toctree-l2"><a class="reference internal" href="connecting.html">Connecting</a><ul> <li class="toctree-l3"><a class="reference internal" href="connecting.html#how-can-i-log-into-the-machines-at-the-mpcdf">How can I log into the machines at the MPCDF?</a><ul> <li class="toctree-l4"><a class="reference internal" href="connecting.html#what-are-the-gateway-machines-for-ssh-login">What are the gateway machines for SSH login?</a></li> <li class="toctree-l4"><a class="reference internal" href="connecting.html#two-factor-authentication-2fa">Two-factor authentication (2FA)</a></li> <li class="toctree-l4"><a class="reference internal" href="connecting.html#are-ssh-keys-supported">Are SSH keys supported?</a></li> <li class="toctree-l4"><a class="reference internal" href="connecting.html#can-ssh-scp-sftp-performance-be-improved">Can ssh/scp/sftp performance be improved?</a></li> <li class="toctree-l4"><a class="reference internal" href="connecting.html#i-get-a-ssh-security-warning-about-a-host-key-change-when-trying-to-log-in-what-does-this-mean-and-what-should-i-do">I get a SSH security warning about a host key change when trying to log in. What does this mean and what should I do?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="connecting.html#how-can-i-run-applications-with-graphical-user-interfaces-on-mpcdf-systems">How can I run applications with graphical user interfaces on MPCDF systems?</a><ul> <li class="toctree-l4"><a class="reference internal" href="connecting.html#x11-forwarding">X11 forwarding</a></li> <li class="toctree-l4"><a class="reference internal" href="connecting.html#vnc">VNC</a></li> <li class="toctree-l4"><a class="reference internal" href="connecting.html#remote-visualization-service">Remote Visualization Service</a></li> </ul> </li> </ul> </li> <li class="toctree-l2 current"><a class="current reference internal" href="#">Two-factor authentication (2FA)</a><ul> <li class="toctree-l3"><a class="reference internal" href="#general-information-about-2fa">General information about 2FA</a><ul> <li class="toctree-l4"><a class="reference internal" href="#do-i-need-to-enable-2fa">Do I need to enable 2FA?</a></li> <li class="toctree-l4"><a class="reference internal" href="#do-i-already-have-2fa-activated">Do I already have 2FA activated?</a></li> <li class="toctree-l4"><a class="reference internal" href="#why-is-2fa-enforced">Why is 2FA enforced?</a></li> <li class="toctree-l4"><a class="reference internal" href="#what-is-a-token-otp-and-seed">What is a token, OTP, and seed?</a></li> <li class="toctree-l4"><a class="reference internal" href="#what-kinds-of-tokens-are-there">What kinds of tokens are there?</a></li> <li class="toctree-l4"><a class="reference internal" href="#why-am-i-asked-for-an-otp">Why am I asked for an OTP?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#activation-of-2fa">Activation of 2FA</a><ul> <li class="toctree-l4"><a class="reference internal" href="#how-do-i-enable-2fa">How do I enable 2FA?</a></li> <li class="toctree-l4"><a class="reference internal" href="#how-do-i-enroll-and-use-an-app-token">How do I enroll and use an app token?</a></li> <li class="toctree-l4"><a class="reference internal" href="#what-app-do-i-need-to-install">What app do I need to install?</a></li> <li class="toctree-l4"><a class="reference internal" href="#how-do-i-register-my-existing-token">How do I register my existing token?</a></li> <li class="toctree-l4"><a class="reference internal" href="#how-do-i-enroll-and-use-a-secondary-backup-token">How do I enroll and use a secondary/backup token?</a></li> <li class="toctree-l4"><a class="reference internal" href="#why-can-t-i-have-both-an-app-token-and-a-hardware-token">Why can’t I have both an app token and a hardware token?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#fa-tips-and-tricks">2FA Tips and Tricks</a><ul> <li class="toctree-l4"><a class="reference internal" href="#do-i-have-to-type-in-an-otp-every-time-i-access-the-secured-systems">Do I have to type in an OTP every time I access the secured systems?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#fa-troubleshooting">2FA Troubleshooting</a><ul> <li class="toctree-l4"><a class="reference internal" href="#i-need-to-factory-reset-my-phone-how-can-i-preserve-my-app-token">I need to factory-reset my phone. How can I preserve my app token?</a></li> <li class="toctree-l4"><a class="reference internal" href="#how-do-i-transfer-my-token-to-a-new-phone">How do I transfer my token to a new phone?</a></li> <li class="toctree-l4"><a class="reference internal" href="#i-can-t-validate-activate-the-token-i-just-scanned-wrong-otp">I can’t validate/activate the token I just scanned (“Wrong OTP”)</a></li> <li class="toctree-l4"><a class="reference internal" href="#i-can-t-log-in-to-the-selfservice-anymore">I can’t log in to the SelfService anymore</a></li> <li class="toctree-l4"><a class="reference internal" href="#i-can-t-log-in-to-a-gate-machine-via-ssh">I can’t log in to a gate machine via SSH</a></li> <li class="toctree-l4"><a class="reference internal" href="#i-can-t-access-the-hpc-clusters-through-vnc-anymore">I can’t access the HPC clusters through VNC anymore</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#hardware-and-client-support">Hardware and client support</a><ul> <li class="toctree-l4"><a class="reference internal" href="#how-can-i-use-my-sshfs-rsync-scp-sftp-gui-with-2fa">How can I use my sshfs/rsync/scp/sftp GUI with 2FA?</a></li> <li class="toctree-l4"><a class="reference internal" href="#how-can-i-use-filezilla-with-2fa">How can I use FileZilla with 2FA?</a></li> <li class="toctree-l4"><a class="reference internal" href="#how-to-use-2fa-on-a-phone-with-a-time-shift">How to use 2FA on a phone with a time shift?</a></li> <li class="toctree-l4"><a class="reference internal" href="#do-you-or-are-you-planning-to-support-fido2-u2f-yubikeys">Do you or are you planning to support FIDO2/U2F/YubiKeys?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#on-security">On security</a><ul> <li class="toctree-l4"><a class="reference internal" href="#if-the-seed-is-stored-on-the-server-how-secure-is-it">If the seed is stored on the server, how secure is it?</a></li> <li class="toctree-l4"><a class="reference internal" href="#where-do-the-hardware-tokens-come-from-does-the-vendor-know-the-seeds">Where do the hardware tokens come from? Does the vendor know the seeds?</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="hpc_software.html">HPC Software and Applications</a><ul> <li class="toctree-l3"><a class="reference internal" href="hpc_software.html#general-questions">General questions</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-and-where-can-i-install-software-myself">How and where can I install software myself?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_software.html#environment-modules">Environment modules</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-can-i-use-environment-modules-interactively">How can I use environment modules interactively?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-can-i-use-environment-modules-in-scripts">How can I use environment modules in scripts?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-can-i-use-environment-modules-to-avoid-absolute-paths-in-my-scripts">How can I use environment modules to avoid absolute paths in my scripts?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#examples">Examples</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-do-the-hierarchical-environment-modules-work">How do the hierarchical environment modules work?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-do-i-quickly-find-a-module">How do I quickly find a module?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-can-i-disable-the-mpcdf-specific-note-for-module-avail">How can I disable the “MPCDF specific note” for <code class="docutils literal notranslate"><span class="pre">module</span> <span class="pre">avail</span></code>?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#why-there-are-no-blas-lapack-modules-available-on-the-clusters">Why there are no BLAS/LAPACK modules available on the clusters?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_software.html#compiled-languages">Compiled Languages</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#cmake">CMake</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#c-c-and-fortran">C/C++ and Fortran</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#debugging-of-c-c-and-fortran-codes">Debugging of C/C++ and Fortran codes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_software.html#interpreted-languages">Interpreted Languages</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#python">Python</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#r">R</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#julia">Julia</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#jupyter-notebooks">Jupyter Notebooks</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#matlab">MATLAB</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_software.html#message-passing-interface-mpi-libraries-and-runtimes">Message Passing Interface (MPI) Libraries and Runtimes</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#which-mpi-implementations-are-supported">Which MPI implementations are supported?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-can-i-compile-and-link-my-mpi-application">How can I compile and link my MPI application?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#cmake-cannot-find-mpi-what-can-i-do">CMake cannot find MPI, what can I do?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#i-cannot-launch-my-mpi-code-using-mpirun-what-am-i-doing-wrong">I cannot launch my MPI code using <code class="docutils literal notranslate"><span class="pre">mpirun</span></code>, what am I doing wrong?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_software.html#visualization">Visualization</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-can-i-combine-many-image-files-jpg-png-into-a-movie-mp4">How can I combine many image files (JPG, PNG) into a movie (MP4)?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#how-can-i-install-additional-packages-for-tex-latex-locally">How can I install additional packages for TeX/LaTeX locally?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_software.html#gui-applications">GUI applications</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#visual-studio-code-in-combination-with-the-remote-ssh-extension-does-not-work-any-more-on-certain-hpc-clusters">Visual Studio Code (in combination with the Remote-SSH extension) does not work any more on certain HPC clusters</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_software.html#why-do-certain-gui-applications-not-work-any-more-on-the-login-nodes-of-hpc-clusters-what-are-the-alternatives">Why do certain GUI applications not work (any more) on the login nodes of HPC clusters? What are the alternatives?</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="hpc_systems.html">HPC Systems and Services</a><ul> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#raven">Raven</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#what-are-the-recommended-compiler-optimization-flags-for-raven">What are the recommended compiler optimization flags for Raven?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#slurm-batch-system">Slurm batch system</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-do-i-submit-jobs-to-the-slurm-batch-system">How do I submit jobs to the Slurm batch system?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#can-i-submit-jobs-longer-than-24-hours-why-are-job-run-times-limited-to-24-hours">Can I submit jobs longer than 24 hours? Why are job run times limited to 24 hours?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-do-i-launch-an-mpi-code">How do I launch an MPI code?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#what-is-the-correct-order-of-executable-commands-and-sbatch-directives-in-a-slurm-job-script">What is the correct order of executable commands and ‘#SBATCH’ directives in a Slurm job script?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#can-i-work-interactively-for-debugging-and-development-work">Can I work interactively for debugging and development work?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-query-the-estimated-start-time-of-my-job">How can I query the estimated start time of my job?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-get-information-about-my-job-at-runtime">How can I get information about my job at runtime?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-get-information-about-my-job-after-it-has-finished">How can I get information about my job after it has finished?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#what-happens-when-a-running-job-is-hit-by-a-hardware-failure">What happens when a running job is hit by a hardware failure?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-do-i-do-pinning-correctly">How do I do pinning correctly?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#parallel-file-systems-gpfs">Parallel File Systems (GPFS)</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#which-file-systems-are-available-and-how-should-i-use-them">Which file systems are available and how should I use them?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#i-do-not-get-the-io-performance-i-would-expect-am-i-doing-something-wrong">I do not get the IO performance I would expect. Am I doing something wrong?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-grant-other-users-access-to-my-files-how-do-i-use-acls">How can I grant other users access to my files? How do I use ACLs?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#how-can-i-transfer-files-to-and-from-the-hpc-systems">How can I transfer files to and from the HPC systems?</a></li> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#performance-monitoring">Performance Monitoring</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-find-out-about-the-performance-of-my-runs">How can I find out about the performance of my runs?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-stop-the-background-performance-monitoring">How can I stop the background performance monitoring?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#gpu-computing">GPU Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-launch-the-nvidia-multi-process-service-mps">How can I launch the NVIDIA Multi-Process Service (MPS)?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-profile-my-gpu-code">How can I profile my GPU code?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#are-there-dedicated-gpu-resources-available-for-interactive-gpu-development">Are there dedicated GPU resources available for interactive GPU development?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#containers">Containers</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#which-container-solutions-are-supported-can-i-run-docker-containers">Which container solutions are supported? Can I run Docker containers?</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="hpc_systems.html#remote-visualization">Remote Visualization</a><ul> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-run-visualization-tools-or-any-software-that-uses-opengl-on-mpcdf-systems">How can I run visualization tools or any software that uses OpenGL on MPCDF systems?</a></li> <li class="toctree-l4"><a class="reference internal" href="hpc_systems.html#how-can-i-get-access-to-mpcdf-remote-visualization-services">How can I get access to MPCDF remote visualization services?</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="tricks.html">Hints, Tips, and Tricks</a><ul> <li class="toctree-l3"><a class="reference internal" href="tricks.html#how-can-i-change-my-default-shell">How can I change my default shell?</a></li> <li class="toctree-l3"><a class="reference internal" href="tricks.html#how-can-i-launch-ssh-agent-in-a-terminal-session">How can I launch <code class="docutils literal notranslate"><span class="pre">ssh-agent</span></code> in a terminal session?</a></li> <li class="toctree-l3"><a class="reference internal" href="tricks.html#how-can-i-avoid-having-to-type-my-password-repeatedly-how-can-i-tunnel-through-the-gateway-machines">How can I avoid having to type my password repeatedly? How can I tunnel through the gateway machines?</a></li> <li class="toctree-l3"><a class="reference internal" href="tricks.html#how-can-i-access-the-clusters-using-a-windows-machine">How can I access the clusters using a Windows machine?</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="help.html">Help, Support, and Training</a><ul> <li class="toctree-l3"><a class="reference internal" href="help.html#how-can-i-get-help-and-support">How can I get Help and Support?</a></li> <li class="toctree-l3"><a class="reference internal" href="help.html#are-you-offering-trainings-on-how-to-use-mpcdf-resources">Are you offering trainings on how to use MPCDF resources?</a></li> <li class="toctree-l3"><a class="reference internal" href="help.html#how-to-acknowledge-mpcdf">How to acknowledge MPCDF?</a></li> </ul> </li> </ul> </li> </ul> <ul> <li class="toctree-l1"><a class="reference internal" href="../doc/index.html">Documentation</a><ul> <li class="toctree-l2"><a class="reference internal" href="../doc/computing/index.html">Computing</a><ul> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/overview.html">Introduction</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/overview.html#overview">Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/overview.html#compute-facilities">Compute Facilities</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/application-support.html">Application Support for HPC, AI and HPDA</a></li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/gateways.html">Gateway machines</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/gateways.html#login">Login</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/gateways.html#gssapi-based-logins-to-mpcdf-hosts">GSSAPI-based logins to MPCDF hosts</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/gateways.html#tunneled-access-to-mpcdf-services">Tunneled access to MPCDF services</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/viper-user-guide.html">Viper User Guide</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#system-overview">System overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#access">Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#hardware-configuration">Hardware configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#file-systems">File systems</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#software">Software</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#slurm-batch-system">Slurm batch system</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#slurm-example-batch-scripts">Slurm example batch scripts</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/viper-user-guide.html#migration-guide-for-users-coming-from-intel-based-hpc-systems">Migration guide for users coming from Intel-based HPC systems</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/raven-user-guide.html">Raven User Guide</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/raven-user-guide.html#system-overview">System Overview</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/raven-user-guide.html#access">Access</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/raven-user-guide.html#hardware-configuration">Hardware configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/raven-user-guide.html#file-systems">File systems</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/raven-user-guide.html#software">Software</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/raven-user-guide.html#slurm-batch-system">Slurm batch system</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/raven-user-guide.html#slurm-example-batch-scripts">Slurm example batch scripts</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/clusters/index.html">Dedicated clusters</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Astronomy.html">Astronomy</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Astrophysics.html">Astrophysics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Biochemistry.html">Biochemistry</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Biological_Cybernetics.html">Biological Cybernetics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Biological_Intelligence.html">Biological Intelligence</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Biophysics.html">Biophysics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Brain_Research.html">Brain Research</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Chemical_Physics_Solids.html">Chemical Physics of Solids</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Extraterrestrial_Physics.html">Extraterrestrial Physics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/FHI_MPIE_MPIP_TALOS.html">FHI / MPIE / MPIP</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Gravitational_Physics.html">Gravitational Physics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Gravitational_Physics_ACR.html">Gravitational Physics - ACR</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Gravitational_Physics_CRA.html">Gravitational Physics - CRA</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Iron_Research.html">Iron Research</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/MPSD_PKS_ADA.html">MPSD / PKS</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Neurobiology_of_Behavior.html">Neurobiology of Behavior – caesar</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Physics.html">Physics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Plasma_Physics.html">Plasma Physics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Psychiatry.html">Psychiatry</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Quantum_Optics.html">Quantum Optics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Radioastronomy.html">Radioastronomy</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/clusters/systems/Science_of_Light.html">Science of Light</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/software/index.html">Software</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/environment-modules.html">Environment Modules</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/hpc-application-packages.html">HPC Application Packages</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/compilers_languages.html">Compilers and languages</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/libraries.html">Libraries</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/debugging-tools.html">Debugging tools</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/performance-tools.html">Performance tools</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/mathematical-tools.html">Mathematical tools</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/bioinformatics.html">Bioinformatics</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/containers.html">Containers</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/data_analytics-machine_learning.html">Data Analytics / Machine Learning</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/software/vnc.html">VNC</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/hpc-get-started.html">Quickstart guide to HPC</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/hpc-get-started.html#software-environment-modules">Software environment (modules)</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/hpc-get-started.html#mpi-parallel-hpc-applications">MPI parallel HPC applications</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/hpc-get-started.html#multithreaded-openmp-or-hybrid-mpi-openmp-hpc-applications">Multithreaded (OpenMP) or hybrid (MPI/OpenMP) HPC applications</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/hpc-get-started.html#execution-of-parallel-programs-via-slurm">Execution of (parallel) programs via Slurm</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/performance-monitoring.html">Performance Monitoring</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/performance-monitoring.html#introduction">Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/performance-monitoring.html#pdf-performance-reports-for-users">PDF Performance Reports for Users</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/performance-monitoring.html#suspending-the-performance-monitoring-system-for-specific-jobs">Suspending the Performance Monitoring System for Specific Jobs</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/performance-monitoring.html#technical-background">Technical Background</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/performance-monitoring.html#overhead">Overhead</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/performance-monitoring.html#further-information">Further information</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/computing/training.html">Training</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/training.html#courses-and-workshops-arranged-by-or-in-collaboration-with-the-mpcdf">Courses and workshops arranged by or in collaboration with the MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/computing/training.html#training-programmes-of-other-institutions">Training programmes of other institutions</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../doc/data/index.html">Data</a><ul> <li class="toctree-l3"><a class="reference internal" href="../doc/data/share/index.html">DataShare: Sync and Share Service</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/share/datashare.html">DataShare: An Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/share/domainchange.html">Update the domain of the client</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/share/faq.html">FAQ</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/share/sync-share-clients.html">Desktop and Mobile clients</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/data/globusonline/index.html">Globus Online: Large-Scale data Transfer and Sharing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/globusonline/mpcdf-datahub-and-globus-online.html">MPCDF DataHub and Globus Online</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/globusonline/datahub-file-staging.html">Staging Files to HPC systems via Globus Online</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/globusonline/datahub-staging-flow.html">Staging data via Flows</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/globusonline/go-nexus.html">GO-Nexus</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/globusonline/globus-demo-videos.html">Globus Demo Videos - Demonstrating Globus Functionality for end users</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/data/object-storage/index.html">Nexus-S3: Object Storage for data Transfer and Sharing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/object-storage/nexus-s3.html">Nexus-S3</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/object-storage/publishing-data-via-s3.html">Publishing Data for public access via S3</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/data/data-transfer/index.html">Small to Medium Scale Data Transfers</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/data-transfer/data-transfer.html">Data Transfer: Tools &amp; Tips</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/data-transfer/mpcdf-datahub-and-globus-online.html">MPCDF DataHub and Globus Online</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/data-transfer/sharing-large-files-with-datashare.html">Sharing Large Files with DataShare</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/data/gitlab/index.html">GitLab: Software Development</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/gitlab/gitlab.html">The MPCDF GitLab Instance: an introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/gitlab/devop-tutorial.html">Poetry and GitLab: Devops for Python developers</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/gitlab/gitlabrunners.html">GitLab Runners for CI/CD</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/data/publication/index.html">Data Publication and Metadata Management</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/publication/datapublishing.html">Service: Data Repositories</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/publication/mmd.html">The MPCDF Metadata Tools: User Documentation</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/publication/mmd-dev.html">The MPCDF Metadata Tools: Developer Documentation</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/publication/metastore-documentation.html">MetaStore User Documentation</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/data/backup-archive/index.html">Backup and Archive</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/backup-archive/backup-archive-system.html">Backup &amp; Archive Systems</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/backup-archive/archives.html">How to archive data</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/backup-archive/BA_HPC/index.html">Backup HPC</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/backup-archive/BA_Linux_clusters/index.html">Backup Linux Clusters</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/backup-archive/BA_AFS/index.html">Backup AFS</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/backup-archive/BA_desktops/index.html">Backup Desktops</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/data/store/index.html">Deprecated: The Andrew File System (AFS)</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/data/store/introduction-to-afs.html">Store (AFS)</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/store/introduction/index.html">Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/store/specific-technical/index.html">Specific-Technical</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/store/glossary/index.html">Glossary</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/data/store/troubleshooting/index.html">Troubleshooting</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../doc/cloud/index.html">HPC-Cloud</a><ul> <li class="toctree-l3"><a class="reference internal" href="../doc/cloud/technical/index.html">Technical and User Documentation</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/technical/quickstart.html">Quick Start</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/technical/compute.html">Compute</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/technical/storage.html">Storage</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/technical/network.html">Network</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/technical/clients.html">Command Line Interface and Scripting</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/technical/recipes.html">Recipes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/cloud/renting/index.html">Rental Model</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/renting/index.html#introduction">Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/renting/index.html#cost-components">Cost components</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/renting/index.html#setup-procedure-and-billing-procedure">Setup procedure and billing procedure</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/renting/index.html#available-resources">Available Resources</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/renting/index.html#compute-resources">Compute resources</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/renting/index.html#storage-resources">Storage resources</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html">Terms of Use</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#general">General</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#backup-and-recovery">Backup and Recovery</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#data-privacy-and-sensitive-data">Data Privacy and Sensitive Data</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#proprietary-software">Proprietary Software</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#service-interventions-and-scheduled-down-times">Service Interventions and Scheduled Down times</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#performance">Performance</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#support">Support</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/cloud/terms_of_use/index.html#potential-sanctions">Potential Sanctions</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../doc/visualization/index.html">Visualization</a><ul> <li class="toctree-l3"><a class="reference internal" href="../doc/visualization/index.html#support-for-the-visualization-of-scientific-data">Support for the Visualization of Scientific Data</a></li> <li class="toctree-l3"><a class="reference internal" href="../doc/visualization/index.html#remote-visualization-and-jupyter-notebook-services">Remote Visualization and Jupyter Notebook Services</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/visualization/index.html#web-interface">Web Interface</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/visualization/index.html#command-line-interface">Command line interface</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/visualization/index.html#technical-details">Technical details</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/visualization/index.html#troubleshooting">Troubleshooting</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/visualization/index.html#robin">Robin</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../doc/campus/index.html">Campus</a><ul> <li class="toctree-l3"><a class="reference internal" href="../doc/campus/software/index.html">Software</a></li> <li class="toctree-l3"><a class="reference internal" href="../doc/campus/vpn/index.html">VPN</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/vpn/index.html#vpn-server-gateway">VPN Server (Gateway)</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/vpn/index.html#connection-profile-group">Connection Profile (Group)</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/vpn/index.html#desktop-and-notebook-windows-mac-os-x-linux">Desktop and Notebook (Windows, Mac OS X, Linux)</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/vpn/index.html#linux-clients">Linux Clients</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/vpn/index.html#mobile-devices-android-and-ios">Mobile Devices (Android and iOS)</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/campus/wifi/index.html">Wi-Fi</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/wifi/index.html#guest-networks">Guest networks</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/wifi/index.html#eduroam">Eduroam</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/wifi/index.html#installation-mpcdf-mpq-staff-only">Installation (<em>MPCDF/MPQ staff only</em>)</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../doc/campus/email/index.html">Email Configuration</a><ul> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/email/electronic-mail-at-mpcdf.html">Email Service</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/email/email_client_config/config.html">Email Client configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../doc/campus/email/mailing-lists.html">Mailing Lists</a></li> </ul> </li> </ul> </li> </ul> </li> </ul> <ul> <li class="toctree-l1"><a class="reference internal" href="../bnb/index.html">Bits and Bytes</a><ul> <li class="toctree-l2"><a class="reference internal" href="../bnb/216.html">No.216, August 2024</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#new-hpc-system-viper-phase-1-cpu">New HPC system <em>Viper</em> (Phase-1: CPU)</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#hpc-software-news">HPC Software News</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#mpcdf-gitlab-module-image-to-be-discontinued-on-october-31">MPCDF GitLab <code class="docutils literal notranslate"><span class="pre">module-image</span></code> to be discontinued on October 31</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#new-module-images-available-in-mpcdf-gitlab">New module images available in MPCDF GitLab</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#nvidia-hpc-sdk-version-24-3-available-on-raven">Nvidia HPC SDK version 24.3 available on <em>Raven</em></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#major-change-in-the-python-infrastructure-on-the-hpc-clusters">Major Change in the Python Infrastructure on the HPC Clusters</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#introducing-containerized-applications-as-part-of-the-mpcdf-software-stack">Introducing containerized Applications as Part of the MPCDF Software Stack</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#nexus-s3-object-storage-in-the-hpc-cloud-and-beyond">Nexus-S3: Object Storage in the HPC-Cloud and beyond</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#example-use-case">Example use case</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#opt-in-via-selfservice">Opt-in via SelfService</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#object-storage-for-larger-projects">Object storage for larger projects</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#the-metastore-research-data-publication-platform">The MetaStore Research Data Publication Platform</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#managing-data-sets-and-resources-in-metastore">Managing data sets and resources in MetaStore</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#who-can-use-it">Who can use it</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#news">News</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#password-policy">Password policy</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#fa-for-datashare-and-gitlab">2FA for DataShare and GitLab</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/216.html#events">Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#amd-gpu-workshop-hackathon-november-5-7">AMD GPU workshop &amp; hackathon (November 5-7)</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#introduction-to-mpcdf-services-october-24">Introduction to MPCDF services (October 24)</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#meet-mpcdf">Meet MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#mpcdf-at-garching-campus-open-doors-october-3">MPCDF at Garching Campus Open Doors (October 3)</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#hpc-cloud-workshop-september-10-12">HPC-Cloud workshop (September 10-12)</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/216.html#course-on-python-for-hpc-november-26-28">Course on “Python for HPC” (November 26-28)</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/215.html">No.215, April 2024</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/215.html#high-performance-computing">High-performance computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#licensed-software-in-slurm-comsol">Licensed software in Slurm (Comsol)</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/215.html#hpc-software-news">HPC Software News</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#improved-workflow-for-multimer-predictions-with-alphafold2-on-raven">Improved workflow for multimer predictions with AlphaFold2 on <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#new-version-of-intel-oneapi-with-deprecation-of-ifort-compiler">New version of Intel oneAPI with deprecation of ifort compiler</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#cuda-modules-on-raven">CUDA modules on <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#new-amd-gpu-elpa-release">New AMD-GPU ELPA release</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/215.html#kubernetes-in-the-hpc-cloud">Kubernetes in the HPC-Cloud</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#usage">Usage</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#function">Function</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#existing-applications">Existing applications</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/215.html#gitlab-graphs-diagrams">GitLab: Graphs &amp; Diagrams</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#alternatives">Alternatives</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/215.html#llms-meet-mpcdf">LLMs meet MPCDF</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/215.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#introduction-to-mpcdf-services">Introduction to MPCDF services</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/215.html#meet-mpcdf">Meet MPCDF</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/214.html">No.214, December 2023</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/214.html#hpc-software-news">HPC Software News</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#cuda-aware-openmpi-on-raven">CUDA-aware OpenMPI on <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#gpu-accelerated-vasp">GPU-accelerated VASP</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#intel-oneapi-transition-from-ifort-to-ifx">Intel oneAPI: transition from ifort to ifx</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/214.html#module-software-stacks-for-continuous-integration-pipelines-on-mpcdf-gitlab-shared-cloud-runners">Module Software Stacks for Continuous Integration Pipelines on MPCDF GitLab Shared Cloud Runners</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#introducing-a-novel-module-enabled-docker-image-infrastructure">Introducing a novel module-enabled Docker image infrastructure</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#announcing-legacy-status-and-later-discontinuation-of-the-module-image">Announcing legacy status and later discontinuation of the <code class="docutils literal notranslate"><span class="pre">module-image</span></code></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/214.html#compressed-portable-conda-environments-for-hpc-systems">Compressed Portable Conda Environments for HPC Systems</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#introduction-and-motivation">Introduction and Motivation</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#move-conda-environments-into-compressed-image-files">Move Conda environments into compressed image files</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#basic-usage-examples">Basic usage examples</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#limitations">Limitations</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#availability">Availability</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/214.html#new-features-in-the-hpc-cloud">New Features in the HPC-Cloud</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#expanded-menu-of-flavors-and-images">Expanded menu of flavors and images</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#ssd-based-block-volumes">SSD-based block volumes</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#automated-domain-name-service">Automated domain name service</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#shared-filesystem-service">Shared filesystem service</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#the-robin-cluster">The Robin cluster</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/214.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#amd-gpu-development-workshop">AMD-GPU development workshop</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#meet-mpcdf">Meet MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/214.html#rda-deutschland-tagung-2024">RDA Deutschland Tagung 2024</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/213.html">No.213, August 2023</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/213.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#new-gpu-development-partition-on-raven">New GPU development partition on <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#memory-profiling-with-heaptrack">Memory profiling with heaptrack</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#new-compilers-and-libraries-intel-oneapi-2023-1">New compilers and libraries: Intel oneAPI 2023.1</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/213.html#using-linters-to-improve-and-maintain-code-quality">Using linters to improve and maintain code quality</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/213.html#hpc-cloud-object-storage">HPC-Cloud Object Storage</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/213.html#jade-automated-slurm-deployments-in-the-hpc-cloud">JADE - Automated Slurm deployments in the HPC-Cloud</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/213.html#gitlab-tips-tricks">GitLab: Tips &amp; Tricks</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#online-editing-of-source-code-revisited">Online editing of source code revisited</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#custom-badges">Custom badges</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#security-warning">Security warning</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/213.html#new-ibm-tape-library-and-tape-drives-installed-at-mpcdf">New IBM tape library and tape drives installed at MPCDF</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/213.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#open-positions-at-mpcdf">Open positions at MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#meet-mpcdf">Meet MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/213.html#amd-gpu-development-workshop">AMD-GPU development workshop</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/212.html">No.212, April 2023</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/212.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#new-supercomputer-of-the-mpg-cobra-successor">New Supercomputer of the MPG - <em>Cobra</em> successor</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#documentation-of-hpc-hardware-characteristics">Documentation of HPC hardware characteristics</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#cmake-recipes-repository">CMake Recipes Repository</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/212.html#mpcdf-hpc-cloud">MPCDF HPC Cloud</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#introduction">Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#hardware-resources">Hardware Resources</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#project-support">Project Support</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#summary">Summary</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/212.html#news">News</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#mpcdf-selfservice">MPCDF SelfService</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#pushing-fusion-plasma-simulations-towards-exascale">Pushing Fusion-Plasma Simulations Towards Exascale</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#base4nfdi-creating-nfdi-wide-basic-services-in-a-world-of-specific-domains">Base4NFDI: Creating NFDI-wide basic services in a world of specific domains</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/212.html#events">Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#meet-mpcdf">Meet MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#introduction-to-mpcdf-services">Introduction to MPCDF services</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#ai-training-course">AI Training Course</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#course-on-python-for-hpc">Course on “Python for HPC”</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/212.html#rda-deutschland-conference">RDA-Deutschland Conference</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/211.html">No.211, December 2022</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/211.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#anaconda-python-modules">Anaconda Python modules</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#hints-for-architecture-specific-and-optimized-cuda-compilation">Hints for architecture-specific and optimized CUDA compilation</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#new-intel-c-c-compilers-and-associated-mpcdf-software-stack">New Intel C/C++ compilers and associated MPCDF software stack</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#turbomole-license-for-mpg-renewed">Turbomole license for MPG renewed</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#apptainer-on-hpc-clusters-the-linux-foundation-successor-to-singularity">Apptainer on HPC clusters, the Linux Foundation successor to Singularity</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/211.html#gitlab-tips-tricks-use-of-docker-images-in-gitlab-ci">GitLab Tips &amp; Tricks: Use of Docker Images in GitLab CI</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/211.html#go-nexus">GO-Nexus</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/211.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#discontinuation-of-general-vpn">Discontinuation of General VPN</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#meet-mpcdf">Meet MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#python-for-hpc">Python for HPC</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/211.html#advanced-hpc-workshop">Advanced HPC Workshop</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/210.html">No.210, August 2022</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/210.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#cobra-successor-procurement">Cobra successor procurement</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#co-sub-2-sub-footprint-of-mpcdf">CO₂ footprint of MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#software-news">Software news</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/210.html#gitlab-ci-distributed-cache">GitLab CI Distributed Cache</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#introduction">Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#adding-a-cache-to-your-ci-configuration">Adding a cache to your CI configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#ci-of-software-that-depends-on-third-party-packages">CI of software that depends on third-party packages</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#ci-of-a-complex-hpc-code-that-requires-cpu-and-partly-gpu-resources">CI of a complex HPC code that requires CPU and partly GPU resources</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#concluding-remarks">Concluding remarks</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/210.html#globus-flows">Globus Flows</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#id1">Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#flows-in-detail">Flows in detail</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#example">Example</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#summary">Summary</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/210.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#introduction-to-mpcdf-services">Introduction to MPCDF services</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#meet-mpcdf">Meet MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#advanced-hpc-workshop">Advanced HPC workshop</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/210.html#python-for-hpc">Python for HPC</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/209.html">No.209, April 2022</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/209.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#alphafold2-on-the-hpc-system-raven">AlphaFold2 on the HPC system <em>Raven</em></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/209.html#gitlab-ci">GitLab CI</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#gitlab-shared-runners-on-gpus">GitLab shared runners on GPUs</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#continuous-integration-testing-for-hpc-codes-on-mpcdf-gitlab">Continuous integration testing for HPC codes on MPCDF GitLab</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/209.html#globus-online">Globus Online</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#datahub-access-via-the-globus-online-portal">DataHub access via the Globus Online Portal</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#enhanced-functionality">Enhanced functionality</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#more-information">More information</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/209.html#new-selfservice-features-and-improvements">New SelfService Features and Improvements</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#redesign-of-the-login-process">Redesign of the login process</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#viewing-accounting-data">Viewing accounting data</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#additional-improvements">Additional improvements</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/209.html#access-to-afs-restricted-for-local-access-only">Access to AFS restricted for local Access only</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/209.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#ai-bootcamp">AI bootcamp</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#international-hpc-summer-school-2022">International HPC Summer School 2022</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#workshop-introduction-to-mpcdf-services-online">Workshop “Introduction to MPCDF services (online)”</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#meet-mpcdf-new-online-forum-and-lectures-for-mpcdf-users">“Meet MPCDF”: New online forum and lectures for MPCDF users</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/209.html#rda-deutschland-tagung-2022">RDA-Deutschland-Tagung 2022</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/208.html">No.208, December 2021</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/208.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#termination-of-general-user-operation-for-draco-login-nodes">Termination of general user operation for <em>Draco</em> login nodes</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#announcement-of-cuda-no-defaults-on-cobra-and-raven">Announcement of CUDA no-defaults on <em>Cobra</em> and <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#usage-of-tmp-and-dev-shm-on-cobra-and-raven">Usage of /tmp and /dev/shm on <em>Cobra</em> and <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#eigensolver-library-elpa">Eigensolver library ELPA</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#using-python-based-hybrid-parallel-codes-on-hpc-systems">Using Python-based hybrid-parallel codes on HPC systems</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/208.html#python-bindings-for-c-using-pybind11-and-scikit-build">Python bindings for C++ using pybind11 and scikit-build</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#interfacing-python-numpy-with-c-using-pybind11">Interfacing Python/NumPy with C++ using pybind11</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#build-with-scikit-build">Build with scikit-build</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/208.html#the-gitlab-package-registry">The Gitlab Package Registry</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#example-publishing-python-packages">Example: Publishing Python packages</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/208.html#using-application-tokens-instead-of-passwords">Using Application Tokens instead of Passwords</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#datashare">DataShare</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#gitlab">GitLab</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/208.html#software-publishing">Software Publishing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#do-it-yourself">Do it yourself</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#publish-via-a-data-archiving-site">Publish via a data archiving site</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#software-heritage">Software Heritage</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#final-remarks">Final remarks</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/208.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#international-hpc-summer-school-2022">International HPC Summer School 2022</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#advanced-hpc-workshop-2021">Advanced HPC workshop 2021</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/208.html#years-max-planck-computing-centre-in-garching">60 Years Max Planck Computing Centre in Garching</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/207.html">No.207, August 2021</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/207.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#hpc-system-raven-fully-operational">HPC system <em>Raven</em> fully operational</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#gpu-computing-on-raven">GPU Computing on <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#hpc-system-cobra-module-system-to-be-aligned-with-raven">HPC system <em>Cobra</em> - Module system to be aligned with <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#decommissioning-of-draco">Decommissioning of <em>Draco</em></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/207.html#hpc-cloud">HPC Cloud</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/207.html#poetry-packaging-and-dependency-management-for-python">Poetry: Packaging and Dependency Management for Python</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#introduction">Introduction</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#a-poetry-project-and-initial-configuration">A Poetry project and initial configuration</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#dependency-management">Dependency Management</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#running-your-code">Running your code</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#package-creation-and-publishing">Package creation and publishing</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#conclusion">Conclusion</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/207.html#more-functionality-for-the-selfservice-call-to-action-for-2fa-users">More functionality for the SelfService - Call to action for 2FA users</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#migration-of-mympcdf-functionality">Migration of MyMPCDF functionality</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#updated-password-policy">Updated password policy</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#two-factor-authentication-2fa-call-to-action">Two-Factor Authentication (2FA) - Call to action</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/207.html#news-events">News &amp; Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#brochure-high-performance-computing-and-data-science-in-the-mpg">Brochure “High-Performance Computing and Data Science in the MPG”</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#gpu-bootcamp">GPU bootcamp</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#introductory-course-for-new-users-of-mpcdf">Introductory course for new users of MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#advanced-hpc-workshop">Advanced HPC workshop</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/207.html#python-for-hpc">Python for HPC</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/206.html">No.206, April 2021</a><ul> <li class="toctree-l3"><a class="reference internal" href="../bnb/206.html#high-performance-computing">High-performance Computing</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/206.html#hpc-system-raven-deployment-of-the-final-system">HPC System <em>Raven</em>: deployment of the final system</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/206.html#charliecloud-and-singularity-containers-supported-on-cobra-and-raven">Charliecloud and Singularity containers supported on <em>Cobra</em> and <em>Raven</em></a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/206.html#control-and-verification-of-the-cpu-affinity-of-processes-and-threads">Control and verification of the CPU affinity of processes and threads</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../bnb/206.html#high-performance-data-analytics-and-ai-software-stack-at-mpcdf">High-performance data analytics and AI software stack at MPCDF</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/206.html#decommissioning-of-afs">Decommissioning of AFS</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/206.html#relaunch-of-mpcdf-website-and-new-technical-documentation-platform">Relaunch of MPCDF website and new technical documentation platform</a></li> <li class="toctree-l3"><a class="reference internal" href="../bnb/206.html#events">Events</a><ul> <li class="toctree-l4"><a class="reference internal" href="../bnb/206.html#new-online-introductory-course-for-new-users-of-mpcdf">New online introductory course for new users of MPCDF</a></li> <li class="toctree-l4"><a class="reference internal" href="../bnb/206.html#advanced-hpc-workshop-save-the-date">Advanced HPC workshop: save the date</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../bnb/previous.html">Previous Editions</a></li> </ul> </li> </ul> </div> </div> </nav> <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" style="background: #EEEEEE" > <i data-toggle="wy-nav-top" class="fa fa-bars"></i> <a href="../index.html">Technical Documentation</a> </nav> <div class="wy-nav-content"> <div class="rst-content style-external-links"> <div role="navigation" aria-label="Page navigation"> <ul class="wy-breadcrumbs"> <li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li> <li class="breadcrumb-item"><a href="index.html">Frequently Asked Questions</a></li> <li class="breadcrumb-item active">Two-factor authentication (2FA)</li> <li class="wy-breadcrumbs-aside"> </li> </ul> <hr/> </div> <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article"> <div itemprop="articleBody"> <div class="section" id="two-factor-authentication-2fa"> <h1>Two-factor authentication (2FA)<a class="headerlink" href="#two-factor-authentication-2fa" title="Permalink to this heading"></a></h1> <div class="section" id="general-information-about-2fa"> <h2>General information about 2FA<a class="headerlink" href="#general-information-about-2fa" title="Permalink to this heading"></a></h2> <div class="section" id="do-i-need-to-enable-2fa"> <h3>Do I need to enable 2FA?<a class="headerlink" href="#do-i-need-to-enable-2fa" title="Permalink to this heading"></a></h3> <p>You only need to enable 2FA if you are using one of the following systems:</p> <ul class="simple"> <li><p>The SSH gateway machines (gate1, gate2)</p></li> <li><p>The HPC systems via SSH or VNC</p></li> <li><p>The remote visualization service</p></li> </ul> <p>You do not need to enable 2FA if you don’t recognize or use the systems mentioned above. However, additional systems may follow in the future.</p> </div> <div class="section" id="do-i-already-have-2fa-activated"> <h3>Do I already have 2FA activated?<a class="headerlink" href="#do-i-already-have-2fa-activated" title="Permalink to this heading"></a></h3> <p>If you have 2FA activated, the SelfService <a class="reference external" href="https://selfservice.mpcdf.mpg.de">https://selfservice.mpcdf.mpg.de</a> will ask you for an OTP upon login.</p> <p>If you are already logged in, you can tell by clicking on “My Account &gt; Security &gt; Configure 2FA” in the menu bar at the top of the page. If you see a list with at least one token then you have 2FA enabled.</p> </div> <div class="section" id="why-is-2fa-enforced"> <h3>Why is 2FA enforced?<a class="headerlink" href="#why-is-2fa-enforced" title="Permalink to this heading"></a></h3> <p>Cyber criminality is on the rise and among other incidents there has been a large-scale attack on European research institutes and computing centers in early 2020 that exploited leaked credentials.</p> <p>Even if you don’t have sensitive information associated with your account (e.g. in our DataShare service), your account can still be used to cause disruption of our services and pose a threat to other users if taken over by an attacker.</p> <p>2FA provides protection against such attacks through more unambiguous user identification since you need to provide something you know (your password) combined with something you have (your token). If an attacker knows your password they still can’t access the protected systems since they don’t have your token.</p> </div> <div class="section" id="what-is-a-token-otp-and-seed"> <h3>What is a token, OTP, and seed?<a class="headerlink" href="#what-is-a-token-otp-and-seed" title="Permalink to this heading"></a></h3> <p><strong>OTP stands for “One-Time Password”</strong>. As the name suggests, this is a password that can only be used once. You primary token will be a “Time-based One-Time Password” (TOTP) which means that the OTP will automatically change every 30 seconds.</p> <p>The <strong>token seed</strong> (or OTP seed) is a secret key that only the OTP server and the token know. Based on the seed all future OTPs can be calculated. That’s why it is important to treat the seed as carefully as a password.</p> <p>A <strong>token</strong> is an entity that generates OTPs by running an algorithm on the seed. This may be a piece of software, an entry in an OTP app or a dedicated hardware device.</p> </div> <div class="section" id="what-kinds-of-tokens-are-there"> <h3>What kinds of tokens are there?<a class="headerlink" href="#what-kinds-of-tokens-are-there" title="Permalink to this heading"></a></h3> <p>We internally distinguish between two categories of tokens:</p> <ul class="simple"> <li><p><strong>Primary tokens</strong> - You can only have one of these at a time. You can choose between:</p> <ul> <li><p>An app token for your smartphone (see <a class="reference external" href="#how-do-i-enroll-and-use-an-app-token">“How do I enroll and use an app token”</a>)</p></li> <li><p>A hardware token you already own (see <a class="reference external" href="#how-do-i-register-my-existing-token">“How do I register my existing token”</a>)</p></li> </ul> </li> <li><p><strong>Secondary tokens</strong> - You can have a combination of the following tokens enrolled but only one per type (see <a class="reference external" href="#how-do-i-enroll-and-use-a-secondary-backup-token">How do I enroll and use a secondary/backup token?</a>):</p> <ul> <li><p>TAN list</p></li> <li><p>E-mail</p></li> <li><p>SMS</p></li> </ul> </li> </ul> <p><strong>Since E-mail and SMS tokens don’t provide the most secure method of receiving OTPs, these tokens are only meant to be used as a backup method if you don’t have access to your primary token.</strong></p> </div> <div class="section" id="why-am-i-asked-for-an-otp"> <h3>Why am I asked for an OTP?<a class="headerlink" href="#why-am-i-asked-for-an-otp" title="Permalink to this heading"></a></h3> <p><strong>The SelfService</strong> will ask you for an OTP if you have a 2FA token assigned to your account. If you don’t have a hardware token you should find your app token in an OTP app on your phone. See our <a class="reference external" href="#what-app-do-i-need-to-install">FAQs</a> for a non-exhaustive list of possible OTP apps.</p> <p>Look for an entry in the app that says your account name and a serial number starting with “TOTP…” in its title. Note that you may have to tap the entry to reveal the current OTP depending on what app you use.</p> <p>If you have uninstalled the app or got a new phone since enrolling the token then your token is lost and you won’t be able to log in. Use our token recovery to regain access to your account in this case.</p> <p><strong>Our SSH servers</strong> will ask you for an OTP regardless of whether your account has a token assigned or not since 2FA is mandatory for those machines. You’ll need to enroll a token via the SelfService.</p> </div> </div> <div class="section" id="activation-of-2fa"> <h2>Activation of 2FA<a class="headerlink" href="#activation-of-2fa" title="Permalink to this heading"></a></h2> <div class="section" id="how-do-i-enable-2fa"> <h3>How do I enable 2FA?<a class="headerlink" href="#how-do-i-enable-2fa" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>Visit <a class="reference external" href="https://selfservice.mpcdf.mpg.de">https://selfservice.mpcdf.mpg.de</a> and log in</p></li> <li><p>In the menu bar at the top of the page, click “My account &gt; Security”</p></li> <li><p>Select “Configure 2FA” and provide your password</p></li> <li><p>Choose a primary token type</p></li> <li><p><strong>Validate the token by providing a valid OTP</strong></p></li> <li><p>Choose a secondary token type</p></li> </ul> <p><strong>Important:</strong> if you don’t validate your primary token you will not be able to use it for authentication.</p> </div> <div class="section" id="how-do-i-enroll-and-use-an-app-token"> <h3>How do I enroll and use an app token?<a class="headerlink" href="#how-do-i-enroll-and-use-an-app-token" title="Permalink to this heading"></a></h3> <p>This method works with any device on which you can install an OTP app (see <a class="reference external" href="#what-app-do-i-need-to-install">“What app do I need to install?”</a>). Hence, you can also use your tablet instead of your smartphone. We recommend to use a smartphone because of the form factor.</p> <p><strong>Important</strong>: The algorithm for OTP generation depends on the current time. Make sure the clock on your device has the correct time set. If you like to keep your clock set to a different time see “<a class="reference external" href="#how-to-use-2fa-on-a-phone-with-a-time-shift">How to use 2FA on a phone with a time shift</a>”.</p> <ul class="simple"> <li><p>Log in to <a class="reference external" href="https://selfservice.mpcdf.mpg.de">https://selfservice.mpcdf.mpg.de</a></p></li> <li><p>In the menu bar at the top of the page, click on “My account &gt; Security”</p></li> <li><p>Select “Configure 2FA” and provide your password</p></li> <li><p>If you already have a token: click on “Replace existing or enroll additional token”</p></li> <li><p>Click on “App token” (you will only see this option <a class="reference external" href="#why-can-t-i-have-both-an-app-token-and-a-hardware-token">if you dont have a hardware token yet</a>)</p></li> <li><p>Scan the QR code with the OTP app you installed on your phone. Depending on the app you usually need to tap on a round button with a “+”.</p></li> <li><p>In case your app asks: it is important to set the following parameters:</p> <ul> <li><p>type: TOTP</p></li> <li><p>hashlib: SHA-1</p></li> <li><p>timestep: 30 seconds</p></li> <li><p>digits: 6 Depending on the app you may have to provide these details and click “Add” or “Ok”</p></li> </ul> </li> <li><p>Your new token should now be visible as an entry in the app. It has your username and its serial starting with “TOTP” for a name.</p></li> <li><p>The token generates a new 6-digit numeric OTP every 30 seconds. Depending on the app you may have to tap on the token entry to reveal the OTP.</p></li> <li><p><strong>Activate the token</strong> by clicking on the large blue button above the QR code and providing the OTP that the token is currently presenting to you. You will not be able to use the token without this step.</p></li> </ul> </div> <div class="section" id="what-app-do-i-need-to-install"> <h3>What app do I need to install?<a class="headerlink" href="#what-app-do-i-need-to-install" title="Permalink to this heading"></a></h3> <p>You can choose from a plethora of different OTP apps. We recommend using an app that’s open-source to ensure the app doesn’t do anything shady. Unfortunately, there are not many open-source options for iOS users.</p> <p>If the open-source solutions mentioned below are not to your taste or you already have one of these closed-source apps installed you can also use Google Authenticator, Microsoft Authenticator, Authy, etc.</p> <table border="1" class="docutils"> <thead> <tr> <th>App</th> <th>OS</th> <th>Source</th> <th>Features</th> </tr> </thead> <tbody> <tr> <td>Aegis Authenticator</td> <td><a href="https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&amp;hl=en_US">Android</a></td> <td><a href="https://github.com/beemdevelopment/Aegis">Github</a></td> <td>Backup, Encryption, Authentication with fingerprint</td> </tr> <tr> <td>andOTP</td> <td><a href="https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp&amp;hl=en_US">Android</a></td> <td><a href="https://github.com/andOTP/andOTP">Github</a></td> <td>Backup, Encryption</td> </tr> <tr> <td>FreeOTP+</td> <td><a href="https://play.google.com/store/apps/details?id=org.liberty.android.freeotpplus&amp;hl=en_US">Android</a></td> <td><a href="https://github.com/helloworld1/FreeOTPPlus">Github</a></td> <td>Backup, Encryption</td> </tr> <tr> <td>PrivacyIDEA Authenticator</td> <td><a href="https://play.google.com/store/apps/details?id=it.netknights.piauthenticator&amp;hl=en_US">Android</a>, <a href="https://apps.apple.com/us/app/privacyidea-authenticator/id1445401301">iOS</a></td> <td><a href="https://github.com/privacyidea/privacyidea-authenticator">Github</a></td> <td>Push tokens (not yet supported by us)</td> </tr> </tbody> </table><p>If you can’t or don’t want to use the Google Play Store to install apps you can use the <a class="reference external" href="https://f-droid.org">F-Droid</a> repository to install most of the aforementioned apps. F-Droid is a platform for android that provides open-source apps exclusively.</p> </div> <div class="section" id="how-do-i-register-my-existing-token"> <h3>How do I register my existing token?<a class="headerlink" href="#how-do-i-register-my-existing-token" title="Permalink to this heading"></a></h3> <p>If you already own a hardware TOTP token you can register it so that it works with our services. <strong>We only support TOTP tokens (OTP changes every 30 or 60 seconds). HOTP is not supported.</strong></p> <ul class="simple"> <li><p>Log in to <a class="reference external" href="https://selfservice.mpcdf.mpg.de">https://selfservice.mpcdf.mpg.de</a></p></li> <li><p>In the menu bar at the top of the page, click on “My account &gt; Security”</p></li> <li><p>Select “Configure 2FA” and provide your password</p></li> <li><p>If you already have a token: click on “Replace existing or enroll additional token”</p></li> <li><p>Click on “Register token”</p></li> <li><p>Provide the details for your token. <strong>All the information must match your token properties exactly</strong> except the serial which only serves for easier identification of the token in your token list.</p></li> <li><p>If you don’t know your seed please refer to your token supplier</p></li> <li><p>After form submission you’ll need to confirm the token by entering a valid OTP</p></li> </ul> </div> <div class="section" id="how-do-i-enroll-and-use-a-secondary-backup-token"> <h3>How do I enroll and use a secondary/backup token?<a class="headerlink" href="#how-do-i-enroll-and-use-a-secondary-backup-token" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>Log in to <a class="reference external" href="https://selfservice.mpcdf.mpg.de">https://selfservice.mpcdf.mpg.de</a></p></li> <li><p>In the menu bar at the top of the page, click on “My account &gt; Security”</p></li> <li><p>Select “Configure 2FA” and provide your password</p></li> <li><p>If you don’t see a list with existing tokens you need to enroll a primary token first (app or hardware)</p></li> <li><p>Click on “Replace existing or enroll additional token” below the token list</p></li> <li><p>Choose your preferred token type from the secondary methods (TAN list, SMS, or email)</p></li> </ul> <p>The following is only relevant for SMS and email tokens:</p> <ul class="simple"> <li><p>If we don’t have an external email address or mobile phone number from you yet you will be asked to provide it.</p></li> <li><p>You should be redirected to the token list where you should see your new backup token</p></li> <li><p>Whenever you don’t have your primary token available you can now request an OTP to be sent via your backup method:</p> <ul> <li><p>On the SelfService: Click the according button below the OTP prompt</p></li> <li><p>On an SSH machine: Leave the OTP field empty and press “Enter” to trigger an OTP to be sent to you</p></li> </ul> </li> </ul> <p>The following is only relevant for TAN lists:</p> <ul class="simple"> <li><p>Store the list in a secure place like a lockable cabinet or an encrypted file</p></li> <li><p>Do not store the OTPs in your password manager since this would create a single point of failure</p></li> <li><p>You can use each OTP once in an arbitrary order</p></li> </ul> </div> <div class="section" id="why-can-t-i-have-both-an-app-token-and-a-hardware-token"> <h3>Why can’t I have both an app token and a hardware token?<a class="headerlink" href="#why-can-t-i-have-both-an-app-token-and-a-hardware-token" title="Permalink to this heading"></a></h3> <p>This is both a technical limitation and a policy decision. Since both app and hardware tokens are of the same type (“totp”) and only one token per type is possible you will need to choose between one of those options.</p> </div> </div> <div class="section" id="fa-tips-and-tricks"> <h2>2FA Tips and Tricks<a class="headerlink" href="#fa-tips-and-tricks" title="Permalink to this heading"></a></h2> <div class="section" id="do-i-have-to-type-in-an-otp-every-time-i-access-the-secured-systems"> <h3>Do I have to type in an OTP every time I access the secured systems?<a class="headerlink" href="#do-i-have-to-type-in-an-otp-every-time-i-access-the-secured-systems" title="Permalink to this heading"></a></h3> <p>For the systems you access via SSH you can configure a ControlMaster setup. Allowing you to conveniently type in your password and OTP only once a day. After that an SSH tunnel will be kept open for the day that can be used without having to retype your credentials.</p> <div class="section" id="linux-and-macos"> <h4>Linux and MacOS<a class="headerlink" href="#linux-and-macos" title="Permalink to this heading"></a></h4> <p>Please find an example of a ControlMaster setup for Linux and MacOS <a class="reference external" href="tricks.html#how-can-i-avoid-having-to-type-my-password-repeatedly-how-can-i-tunnel-through-the-gateway-machines">here</a>.</p> <!-- FIXME The previous link should be on the markdown level! --></div> <div class="section" id="windows"> <h4>Windows<a class="headerlink" href="#windows" title="Permalink to this heading"></a></h4> <div class="section" id="windows-subsystem-for-linux"> <h5>Windows Subsystem for Linux<a class="headerlink" href="#windows-subsystem-for-linux" title="Permalink to this heading"></a></h5> <p>Unfortunately, the Windows SSH client doesn’t support ControlMaster setups. You’ll need to use one of the graphical clients to avoid having to retype your password and OTP.</p> </div> <div class="section" id="putty"> <h5>PuTTY<a class="headerlink" href="#putty" title="Permalink to this heading"></a></h5> <p>We assume here that you already know how to work with PuTTY. If not, please refer to <a class="reference external" href="https://the.earth.li/~sgtatham/putty/0.74/htmldoc/">its user manual</a>. Alternatively, you can check our <a class="reference internal" href="steps/putty.html"><span class="doc">step-by-step guide</span></a>.</p> <p>To directly connect to a destination server via a gateway machine follow these steps:</p> <ul class="simple"> <li><p>Create and save a connection to the gateway machine (e.g. gate1.mpcdf.mpg.de) as you would any other. Choose the name of the target server (e.g. raven.mpcdf.mpg.de) as the connection’s name.</p></li> <li><p>Select this connection from the list and click “Load”</p></li> <li><p>In the left-hand tree menu choose “Connection &gt; SSH &gt; Tunnels”</p></li> <li><p>Enter 22 as the source port</p></li> <li><p>Enter the name and port of the destination host (e.g. raven.mpcdf.mpg.de:22) as the destination</p></li> <li><p>Click “Add”</p></li> <li><p>In the tree menu go back to “Session”, choose the gateway connection, and click “Save”</p></li> <li><p>Click “Open”</p></li> </ul> <p>To avoid having to retype your password and OTP do the following:</p> <ul class="simple"> <li><p>In the tree menu on the left of the window go to “Connection &gt; SSH”</p></li> <li><p>Check the box “Share SSH connections if possible” under “Sharing an SSH connection between PuTTY tools”</p></li> <li><p>As long as you keep the initial SSH window open you’ll be able to reuse that connection in other windows</p></li> </ul> </div> <div class="section" id="mobaxterm"> <h5>MobaXterm<a class="headerlink" href="#mobaxterm" title="Permalink to this heading"></a></h5> <p>We assume here that you already know how to work with MobaXterm. If not, please refer to <a class="reference external" href="https://mobaxterm.mobatek.net/documentation.html">its documentation</a>.</p> <p>Go to “Settings &gt; SSH” and activate the checkbox “Use 2-factor authentication for SSH gateways”.</p> <p>You’ll need to configure a session the first time you want to connect to a given destination host and can use it in the future without doing the following steps over again:</p> <ul class="simple"> <li><p>Create a new session by clicking on “Session &gt; SSH”</p></li> <li><p>Enter the name of the remote host you want to access (e.g. raven.mpcdf.mpg.de) and optionally your username</p></li> <li><p>Go to the “Network settings” tab below and click “SSH gateway (jump host)”</p></li> <li><p>Under “Gateway host” enter the gate machine you’d like to use (e.g. gate1.mpcdf.mpg.de) and your username</p></li> <li><p>Click “Ok” twice and enter your password</p></li> <li><p>You should be directly connected to your target server via the gate machine</p></li> </ul> <p>MobaXterm reuses existing SSH connections by default so no additional setup is required to avoid typing OTPs multiple times.</p> </div> </div> <div class="section" id="weekly-reboots"> <h4>Weekly reboots<a class="headerlink" href="#weekly-reboots" title="Permalink to this heading"></a></h4> <p>Our SSH gateway machines are rebooted weekly to avoid long-standing SSH tunnels for security reasons.</p> </div> </div> </div> <div class="section" id="fa-troubleshooting"> <h2>2FA Troubleshooting<a class="headerlink" href="#fa-troubleshooting" title="Permalink to this heading"></a></h2> <div class="section" id="i-need-to-factory-reset-my-phone-how-can-i-preserve-my-app-token"> <h3>I need to factory-reset my phone. How can I preserve my app token?<a class="headerlink" href="#i-need-to-factory-reset-my-phone-how-can-i-preserve-my-app-token" title="Permalink to this heading"></a></h3> <p>After the factory reset you can still log in to the SelfService with one of your secondary tokens. If you don’t have one yet please see the <a class="reference external" href="#how-do-i-enroll-and-use-a-secondary-backup-token">according FAQ</a>.</p> <p>You can then safely reset your phone and afterwards follow these steps:</p> <ol class="simple"> <li><p>Log in to <a class="reference external" href="https://selfservice.mpcdf.mpg.de">https://selfservice.mpcdf.mpg.de</a> using one of your secondary tokens</p></li> <li><p>Navigate to “My Account &gt; Security &gt; Configure 2FA &gt; Replace existing or enroll additional token”</p></li> <li><p>Create a new app token by clicking “App token”</p></li> <li><p>Scan the QR code with an OTP app on you new phone</p></li> <li><p>Enter a valid OTP in the next step</p></li> </ol> <p>This will delete your old token from our server and register the one on your new phone.</p> <p>Alternatively, some apps (e.g. Aegis Authenticator) offer a backup and restore option. Just create a backup before the reset, store it on the SD card in your phone (NOT the internal storage!), and restore it after the reset using the same app you used to create the backup.</p> </div> <div class="section" id="how-do-i-transfer-my-token-to-a-new-phone"> <h3>How do I transfer my token to a new phone?<a class="headerlink" href="#how-do-i-transfer-my-token-to-a-new-phone" title="Permalink to this heading"></a></h3> <p>You will need the token on your old phone for this. If you don’t have it anymore, please use one of your secondary tokens for login or contact our helpdesk if you don’t have any.</p> <ol class="simple"> <li><p>Log in to <a class="reference external" href="https://selfservice.mpcdf.mpg.de">https://selfservice.mpcdf.mpg.de</a> using the token on your old phone or one of your secondary tokens</p></li> <li><p>Navigate to “My Account &gt; Security &gt; Configure 2FA &gt; Replace existing or enroll additional token”</p></li> <li><p>Create a new app token by clicking “App token”</p></li> <li><p>Scan the QR code with an OTP app on you new phone</p></li> <li><p>Enter a valid OTP in the next step</p></li> </ol> <p>This will delete your old token from our server and register the one on your new phone. You can then safely delete the old token from the old phone.</p> <p>Alternatively, some apps (e.g. Aegis Authenticator) offer a backup and restore option. Just create a backup, copy it to your new phone, and restore it using the same app you used to create the backup.</p> </div> <div class="section" id="i-can-t-validate-activate-the-token-i-just-scanned-wrong-otp"> <h3>I can’t validate/activate the token I just scanned (“Wrong OTP”)<a class="headerlink" href="#i-can-t-validate-activate-the-token-i-just-scanned-wrong-otp" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>Please make sure you’re entering the 6-digit numeric code that changes every 30 seconds and is shown by your token (you may have to tap your app token once to reveal the OTP)</p></li> <li><p>Make sure you’re entering and submitting the OTP while it is visible. It expires as soon as it is not visible anymore.</p></li> <li><p>App token only: the algorithm for OTP generation depends on the current time. Make sure the clock on your device has the correct time set.</p></li> <li><p>App token only: try using a different device</p></li> <li><p>If you still can’t validate your token contact <a class="reference internal" href="help.html"><span class="doc">support</span></a>. 2FA won’t be enabled for your account as long as you have no active token.</p></li> </ul> </div> <div class="section" id="i-can-t-log-in-to-the-selfservice-anymore"> <h3>I can’t log in to the SelfService anymore<a class="headerlink" href="#i-can-t-log-in-to-the-selfservice-anymore" title="Permalink to this heading"></a></h3> <div class="section" id="if-your-password-gets-rejected"> <h4>If your password gets rejected<a class="headerlink" href="#if-your-password-gets-rejected" title="Permalink to this heading"></a></h4> <ul class="simple"> <li><p>Check if you can still log into other MPCDF services</p></li> <li><p>If not, your account may be locked temporarily because of too many failed attempts. Try again after 10 Minutes.</p></li> <li><p>If you still can’t log in your account may be suspended or your password expired. Please contact <a class="reference internal" href="help.html"><span class="doc">support</span></a>.</p></li> </ul> </div> <div class="section" id="if-your-otp-gets-rejected-wrong-otp"> <h4>If your OTP gets rejected (“Wrong OTP”)<a class="headerlink" href="#if-your-otp-gets-rejected-wrong-otp" title="Permalink to this heading"></a></h4> <ul class="simple"> <li><p>Please make sure you’re entering the 6-digit numeric code that changes every 30 seconds and is shown by your token (you may have to tap your app token once to reveal the OTP)</p></li> <li><p>Make sure you’re entering and submitting the OTP while it is visible. It expires as soon as it is not visible anymore.</p></li> <li><p>App token only: make sure you’re entering the OTPs that are generated by the token you can also find in your token list on the SelfService (“My account &gt; Security &gt; Configure 2FA”). Compare the serial in the list to the name of the token in your app. If the name does not match you’ll need to <a class="reference external" href="#how-do-i-enroll-and-use-an-app-token">enroll a new one</a>.</p></li> <li><p>App token only: the algorithm for OTP generation depends on the current time. Make sure the clock on your device has the correct time set.</p></li> <li><p>You may try resyncing your token’s clock with that of our server by clicking on “Resync token”</p></li> <li><p>If your OTP still gets rejected try logging in using one of your backup tokens. Click one of the buttons below the OTP prompt to trigger an OTP to be sent to you.</p></li> <li><p>If you don’t see any buttons to trigger OTPs you don’t have any backup tokens enabled. Please contact <a class="reference internal" href="help.html"><span class="doc">support</span></a> using your institute email address.</p></li> </ul> </div> <div class="section" id="if-you-lost-your-token"> <h4>If you lost your token<a class="headerlink" href="#if-you-lost-your-token" title="Permalink to this heading"></a></h4> <ul class="simple"> <li><p>Notify <a class="reference internal" href="help.html"><span class="doc">support</span></a> about the lost token so we can disable it</p></li> <li><p>Below the OTP prompt, click one of the buttons to trigger an OTP to be sent to you.</p></li> <li><p>If you don’t see any buttons to trigger OTPs you don’t have any backup tokens enabled. Please contact <a class="reference internal" href="help.html"><span class="doc">support</span></a> using your institute email address.</p></li> </ul> </div> </div> <div class="section" id="i-can-t-log-in-to-a-gate-machine-via-ssh"> <h3>I can’t log in to a gate machine via SSH<a class="headerlink" href="#i-can-t-log-in-to-a-gate-machine-via-ssh" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>Try logging in without any local extra configuration</p></li> <li><p>Try logging in to a different MPCDF service to see if your password is correct</p></li> <li><p>Make sure you’ve actually enrolled and activated a token by checking if the SelfService asks you for an OTP at login. You need to activate all tokens after enrollment by entering a valid OTP.</p></li> <li><p>Try logging in to the SelfService or other gate machines to see if the issue is specific to one machine</p></li> <li><p>If you are sure it must be the OTP that’s getting rejected see the steps above under <a class="reference external" href="#if-your-otp-gets-rejected-wrong-otp">I can’t log in to the SelfService anymore &gt; If your OTP gets rejected</a></p></li> </ul> </div> <div class="section" id="i-can-t-access-the-hpc-clusters-through-vnc-anymore"> <h3>I can’t access the HPC clusters through VNC anymore<a class="headerlink" href="#i-can-t-access-the-hpc-clusters-through-vnc-anymore" title="Permalink to this heading"></a></h3> <p>If you are using <code class="docutils literal notranslate"><span class="pre">vncviewer</span></code> with the <code class="docutils literal notranslate"><span class="pre">-via</span></code> option to connect to an HPC machine via a gate machine you will also need to obtain a 2FA token and provide an OTP. See <a class="reference external" href="#how-do-i-enable-2fa">“How do I enable 2FA?”</a>.</p> <p>To avoid having to type in OTPs each time you connect please refer to the <a class="reference external" href="tricks.html#how-can-i-avoid-having-to-type-my-password-repeatedly-how-can-i-tunnel-through-the-gateway-machines">ControlMaster setup documentation</a>.</p> </div> </div> <div class="section" id="hardware-and-client-support"> <h2>Hardware and client support<a class="headerlink" href="#hardware-and-client-support" title="Permalink to this heading"></a></h2> <div class="section" id="how-can-i-use-my-sshfs-rsync-scp-sftp-gui-with-2fa"> <h3>How can I use my sshfs/rsync/scp/sftp GUI with 2FA?<a class="headerlink" href="#how-can-i-use-my-sshfs-rsync-scp-sftp-gui-with-2fa" title="Permalink to this heading"></a></h3> <p>Your client may natively support interactive or multi-factor authentication methods. However, many GUI programs do not have this functionality built in.</p> <p>Known GUI applications that support 2FA natively:</p> <ul class="simple"> <li><p>FileZilla (see <a class="reference external" href="#how-can-i-use-filezilla-with-2fa">How can I use FileZilla with 2FA?</a>)</p></li> <li><p>WinSCP (see our <a class="reference internal" href="steps/winscp.html"><span class="doc">step-by-step guide</span></a>)</p></li> </ul> <p>Known GUI applications that do <strong>not</strong> support 2FA natively:</p> <ul class="simple"> <li><p>KDE Dolphin file browser</p></li> <li><p>Gnome Nautilus file browser</p></li> </ul> <p>If your client software does not support 2FA natively you have three options:</p> <ol class="simple"> <li><p>Use one of the applications that do support 2FA</p></li> <li><p>Switch to <a class="reference external" href="https://datashare.mpcdf.mpg.de">MPCDF DataShare</a> for storing your data</p></li> <li><p>Create an SSH tunnel before using the GUI program as described below</p></li> </ol> <p>If you want to go with the latter option you can create an SSH tunnel and forward the remote port to localhost as described <a class="reference internal" href="../doc/data/data-transfer/data-transfer.html"><span class="doc">here</span></a>:</p> <div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>ssh<span class="w"> </span>-L<span class="w"> </span><span class="m">2002</span>:raven.mpcdf.mpg.de:22<span class="w"> </span>USER@gate1.mpcdf.mpg.de </pre></div> </div> <p>You’ll then be able to connect to localhost on port 2002 with your client software while this tunnel is open using something like this as the path:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sftp</span><span class="p">:</span><span class="o">//</span><span class="n">USER</span><span class="nd">@localhost</span><span class="p">:</span><span class="mi">2002</span><span class="o">/</span><span class="n">u</span><span class="o">/</span><span class="n">USER</span> </pre></div> </div> <p>If paired with a <a class="reference external" href="tricks.html#how-can-i-avoid-having-to-type-my-password-repeatedly-how-can-i-tunnel-through-the-gateway-machines">ControlMaster setup</a> you don’t even need to keep the terminal in which you ran the command open.</p> </div> <div class="section" id="how-can-i-use-filezilla-with-2fa"> <h3>How can I use FileZilla with 2FA?<a class="headerlink" href="#how-can-i-use-filezilla-with-2fa" title="Permalink to this heading"></a></h3> <p>Choose the Logon Type “interactive” and it will ask you for your password and OTP. Also make sure to check “Limit number of simultaneous connections” under “Transfer Settings” and leave the default value of 1.</p> </div> <div class="section" id="how-to-use-2fa-on-a-phone-with-a-time-shift"> <h3>How to use 2FA on a phone with a time shift?<a class="headerlink" href="#how-to-use-2fa-on-a-phone-with-a-time-shift" title="Permalink to this heading"></a></h3> <p><em>Note that this section does not talk about time zone related time shifts since they don’t influence the OTP algorithm and don’t require extra configuration.</em></p> <p>Some people like having their phone’s clock set to some minutes in the future. You can still use our app tokens in such a scenario. During token validation after scanning the QR code you will see a button that lets you synchronize the clocks of your phone and our server. Click that button and provide two <strong>consecutive</strong> OTPs. If the OTPs were correct the time shift of your phone will get corrected on the server and your token will automatically be activated.</p> </div> <div class="section" id="do-you-or-are-you-planning-to-support-fido2-u2f-yubikeys"> <h3>Do you or are you planning to support FIDO2/U2F/YubiKeys?<a class="headerlink" href="#do-you-or-are-you-planning-to-support-fido2-u2f-yubikeys" title="Permalink to this heading"></a></h3> <p>You can already use your YubiKey (NEO, 4, 5, and FIPS series) with our 2FA system by enrolling an app token and scanning the QR code with the <a class="reference external" href="https://www.yubico.com/products/yubico-authenticator/">Yubico Authenticator</a> app. The device will then generate an OTP when touched or NFC-tapped and shows it on the screen of your mobile phone or automatically saves it to the system clipboard if plugged in to your computer. You then only need to paste the OTP into the input field. To further enhance the security of your YubiKey, we recommend adding a password to its OATH application. You can find more information on using the Yubico Authenticator on the <a class="reference external" href="https://support.yubico.com/hc/en-us/articles/360013789259-Using-Your-YubiKey-with-Authenticator-Codes">Yubico website</a>.</p> <p>Other FIDO/U2F mechanisms are envisioned for the future but no date has been set for implementing them yet.</p> </div> </div> <div class="section" id="on-security"> <h2>On security<a class="headerlink" href="#on-security" title="Permalink to this heading"></a></h2> <div class="section" id="if-the-seed-is-stored-on-the-server-how-secure-is-it"> <h3>If the seed is stored on the server, how secure is it?<a class="headerlink" href="#if-the-seed-is-stored-on-the-server-how-secure-is-it" title="Permalink to this heading"></a></h3> <p>The seeds are stored along with the token definitions in a database and are AES encrypted. Access to this server is strictly limited to the system administrators which need to use a separate 2FA-system and dedicated administrator accounts for authentication. Even if the database were leaked the secrets would still be encrypted and unreadable.</p> </div> <div class="section" id="where-do-the-hardware-tokens-come-from-does-the-vendor-know-the-seeds"> <h3>Where do the hardware tokens come from? Does the vendor know the seeds?<a class="headerlink" href="#where-do-the-hardware-tokens-come-from-does-the-vendor-know-the-seeds" title="Permalink to this heading"></a></h3> <p>We obtain the hardware tokens directly from the manufacturer <a class="reference external" href="https://www.ftsafe.com/">Feitian Technologies</a>. For each token we generate the seed ourselves and program it onto the token via NFC. Only we know the seeds.</p> </div> </div> </div> </div> </div> <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer"> <a href="connecting.html" class="btn btn-neutral float-left" title="Connecting" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a> <a href="hpc_software.html" class="btn btn-neutral float-right" title="HPC Software and Applications" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a> </div> <hr/> <div role="contentinfo"> <p> <span class="lastupdated">Last updated on Jul 24, 2024. </span></p> </div> <p> &copy; Copyright <a href="https://www.mpcdf.mpg.de/">Max Planck Computing and Data Facility</a> | <a href="https://www.mpcdf.mpg.de/imprint">Imprint</a> | <a href="https://www.mpcdf.mpg.de/privacy-policy">Privacy Policy</a> </p> <p> Built with <a href="https://www.sphinx-doc.org">Sphinx</a> using a <a href="https://github.com/rtfd/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. </p> </footer> </div> </div> </section> </div> <script> jQuery(function () { SphinxRtdTheme.Navigation.enable(true); }); </script> </body> </html>

Pages： 1 2 3 4 5 6 7 8 9 10