Securing your account: Difference between revisions

Jump to navigation Jump to search

Securing your account (view source)

Revision as of 20:20, 10 October 2023

No change in size ,  1 year ago
no edit summary
No edit summary
No edit summary
Line 34: Line 34:


<!--T:10-->
<!--T:10-->
Security issues often start on the outside, by a third party getting access to a user's password or (passwordless) ssh key. To help prevent this, please:
Security issues often start on the outside, by a third party getting access to a user's password or (passwordless) SSH key. To help prevent this, please:
* Log in from trusted computers only;
* Log in from trusted computers only;
* On Windows computers, make sure to regularly run a virus scanner and malware scanner;
* On Windows computers, make sure to regularly run a virus scanner and malware scanner;
Line 42: Line 42:


== For the system you log in to == <!--T:11-->
== For the system you log in to == <!--T:11-->
One important advantage of using ssh keys is that the remote system only needs your public key.  This value is not sensitive, so there is no risk of disclosure.  If someone gets your public key, all they can do is give you additional access.
One important advantage of using SSH keys is that the remote system only needs your public key.  This value is not sensitive, so there is no risk of disclosure.  If someone gets your public key, all they can do is give you additional access.
* Avoid placing any private keys on remote machines, even encrypted ones.  An unencrypted key is equivalent to a password, and may be stolen or exposed inadvertantly.  An encrypted key is, by itself, not sensitive - except if you ever use it on that machine (at which point you are effectively trusting the machine.)
* Avoid placing any private keys on remote machines, even encrypted ones.  An unencrypted key is equivalent to a password, and may be stolen or exposed inadvertently.  An encrypted key is, by itself, not sensitive - except if you ever use it on that machine (at which point you are effectively trusting the machine.)
* If you use ssh-agent, avoid forwarding it to remote machines.  Our clusters use host-based trust within the cluster, so you do not need to re-authenticate if you connect to an internal node.
* If you use ssh-agent, avoid forwarding it to remote machines.  Our clusters use host-based trust within the cluster, so you do not need to re-authenticate if you connect to an internal node.


</translate>
</translate>
Diane27
rsnt_translations
56,420

edits

Retrieved from "https://docs.alliancecan.ca/wiki/Special:MobileDiff/145321"

Navigation menu