Automation in the context of multifactor authentication: Difference between revisions

no edit summary
(Marked this version for translation)
No edit summary
Line 5: Line 5:
Automated workflows which connect to the clusters without human intervention cannot make use of a second authentication factor. In order to execute such workflows after MFA becomes a requirement, you must request access to one of our special nodes. These nodes will not require the use of a second factor, but will be otherwise much more limited than regular login nodes in terms of the type of authentication they accept and the type of action that they can be used to perform.
Automated workflows which connect to the clusters without human intervention cannot make use of a second authentication factor. In order to execute such workflows after MFA becomes a requirement, you must request access to one of our special nodes. These nodes will not require the use of a second factor, but will be otherwise much more limited than regular login nodes in terms of the type of authentication they accept and the type of action that they can be used to perform.


= Increased security restrictions = <!--T:2-->
= Increased security constraints = <!--T:2-->
== Available only by request ==
== Available only by request ==
Users who need to make use of automated workflows for their research must first contact our [[technical support]] to be allowed to use these nodes. When contacting us, please explain in detail the type of automation you intend to use as part of your workflow. Tell us what commands will be executed and what tools or libraries you will be using to manage the automation.
Users who need to make use of automated workflows for their research must first contact our [[technical support]] to be allowed to use these nodes. When contacting us, please explain in detail the type of automation you intend to use as part of your workflow. Tell us what commands will be executed and what tools or libraries you will be using to manage the automation.


== Available only through restricted SSH keys == <!--T:3-->
== Available only through constrained SSH keys == <!--T:3-->
The only accepted means of authentication for the automation nodes will be through [[SSH_Keys#Using_CCDB|SSH keys uploaded to the CCDB]]. SSH keys written in your <i>.ssh/authorized_keys</i> file are not accepted. In addition, the SSH keys <b>must</b> obey the following constraints.   
The only accepted means of authentication for the automation nodes will be through [[SSH_Keys#Using_CCDB|SSH keys uploaded to the CCDB]]. SSH keys written in your <i>.ssh/authorized_keys</i> file are not accepted. In addition, the SSH keys <b>must</b> obey the following constraints.   


rsnt_translations
56,420

edits