Privileged access using Yubikeys

Privileged access using Yubikeys

yubico-piv-tool is needed initially to setup your yubico device. yubico-piv-tool is available with most Linux distributions. It is included in EPEL on RHEL systems. You can also download it using the below link. 

https://developers.yubico.com/yubico-piv-tool/Releases/

 

        1. Change PIN

The PIN must be between 6 and 8 characters long, and it can be any type of alphanumeric character.

The default PIN code is 123456.It is important that the default PIN code is changed. 
 

pypi server

The Pypi server (pypiserver)

The pypiserver is a minimal Python Package Index (PyPI) compatible server for the package installers (pip or easy_install).     
The Python Package Index (PyPI) is a repository of software for the Python programming language.

 

Instrumentation Division (ID) use case

Goal: pypiserver as a service to distribute ID build software.

 

Accessibility to this repository:

Read packages: 

On BNL Campus only as READ only, not authentication required to read packages.

How to add user to EIC COmanage community

To be able to log in to the https://eic-zenodo.sdcc.bnl.gov the user will need to be enrolled in the EIC COmanage community and group.

Per instructions the user will send a request of enrollment via RT ticket to the accounts queue. The user will specify the institutional email account that the user specs to receive the enrollment invitation.

The following example will show a procedure to enroll the user, Cameron Dean. Institutional account cdean@bnl.gov

About dCache

Overview

The dCache is a sophisticated system that allows transparent access to files on disk or stored on magnetic tape drives in hierarchical storage managers (hsms). dCache is a joint venture between the Deutsches Elektronen-Synchrotron, DESY, the Fermi National Accelerator Laboratory, FNAL and the Nordic e-Infrastructure collaboration, NeIC.

DMARC Policy

Domain-Based Message Authentication, Reporting & Conformance (DMARC) Policy

BNL Cyber Security has implemented an email authentication policy called DMARC, a domain-based message authentication, reporting, and conformance policy that relies on the