Testing Two-factor Authentication on NEMO

Published: 8 Aug 2023 by NEMO Team

UPDATE: 09.08.2023: OTP is now enabled for password and SSH key logins.

We are currently testing two-factor authentication for NEMO logins. Currently, this security feature can be tested on our vis1/2 visualization nodes for password logins.

Please visit https://login.bwidm.de/user/twofa.xhtml to generate a new token if you do not already have one. If you have already generated a second factor on https://login.bwidm.de for bwUniCluster or JUSTUS2, you are good to go. See https://wiki.bwhpc.de/e/Registration/2FA for more information.

In the coming weeks and months, we will extend this to NEMO login nodes. We hope to be able to secure SSH keys with OTPs as well, but currently the SSH server version is too old to support some of the needed functionality.

The 10th bwHPC Symposium will take place on September 25th and 26th, 2024 and will be hosted by the University of Freiburg. Registration and call for participation are now open.

The use of a second factor to secure logins to services is becoming increasingly mandatory. bwHPC currently uses time-based one-time passwords (TOTP) or Yubico OTP as a second factor for SSH logins. We have looked at some hardware security tokens for bwIDM/bwHPC that can be used instead of a mobile phone.

The initial partition of NEMO2, consisting of around 140 Milan nodes and 1000 terabytes (one petabyte) of high-speed storage space, has been ordered. A tender for a GPU partition and a second CPU partition will be opened in early 2024.