Enforcing Two-factor Authentication on NEMO

Enforcing Two-factor Authentication on NEMO

Published: 11 Oct 2023 by NEMO Team

UPDATE 21.11.2023: We will enforce 2FA logins on login2 on 29.11.2023 and on login1 11.12.2023.

UPDATE 13.11.2023: We will inform you in the next few days when this will be the case. We need to fix a problem first.

UPDATE 03.11.2023: We will enforce 2FA logins on login2 on 13.11.2023 and on login1 2 weeks later on 27.11.2023.

As previously announced, we are testing 2FA for logins on NEMO. This feature will be enforced on all login nodes on NEMO in November. We will enforce 2FA logins on login2 on 06.11.2023 and on login1 2 weeks later on 20.11.2023.

If you want to test your login, please use vis1.nemo.uni-freiburg.de and vis2.nemo.uni-freiburg.de. If you need a SSH login without a second factor, please contact us (Support NEMO).

Please visit https://login.bwidm.de/user/twofa.xhtml to create a new token if you don’t already have one. If you have already generated a second factor for bwUniCluster or JUSTUS2 on https://login.bwidm.de, you are good to go. See https://wiki.bwhpc.de/e/Registration/2FA for more information.

NEMO 2FA

Latest Posts

Storage and Milan Partition Delivered

The Weka Storage and Milan partition have been successfully delivered for the new NEMO2 cluster. Testing, benchmarking, and system configuration will take place in the coming weeks. We anticipate starting with limited functionality and gradually expanding it over time. A portion of the old NEMO cluster had to be shut down to accommodate the installation of the Milan partition.

10th bwHPC Symposium

The 10th bwHPC Symposium will take place on September 25th and 26th, 2024 and will be hosted by the University of Freiburg. Registration and call for participation are now open.

FIDO2 and TOTP Token as a Second Factor for bwHPC and NEMO2

The use of a second factor to secure logins to services is becoming increasingly mandatory. bwHPC currently uses time-based one-time passwords (TOTP) or Yubico OTP as a second factor for SSH logins. We have looked at some hardware security tokens for bwIDM/bwHPC that can be used instead of a mobile phone.