Privileged access using Yubikeys

Privileged access using Yubikeys

yubico-piv-tool is needed initially to setup your yubico device. yubico-piv-tool is available with most Linux distributions. It is included in EPEL on RHEL systems. You can also download it using the below link. 

https://developers.yubico.com/yubico-piv-tool/Releases/

 

        1. Change PIN

The PIN must be between 6 and 8 characters long, and it can be any type of alphanumeric character.

pypi server

The Pypi server (pypiserver)

The pypiserver is a minimal Python Package Index (PyPI) compatible server for the package installers (pip or easy_install).     
The Python Package Index (PyPI) is a repository of software for the Python programming language.

 

Instrumentation Division (ID) use case

Goal: pypiserver as a service to distribute ID build software.

 

Accessibility to this repository:

Read packages: 

On BNL Campus only as READ only, not authentication required to read packages.

How to add user to EIC COmanage community

To be able to log in to the https://eic-zenodo.sdcc.bnl.gov the user will need to be enrolled in the EIC COmanage community and group.

Per instructions the user will send a request of enrollment via RT ticket to the accounts queue. The user will specify the institutional email account that the user specs to receive the enrollment invitation.

The following example will show a procedure to enroll the user, Cameron Dean. Institutional account cdean@bnl.gov

Software-defined Storage Solution dCache

The dCache project at Brookhaven Lab provides an open-source storage software solution and is a joint venture involving Deutsches Elektronen-Synchrotron (DESY), Fermi National Accelerator Laboratory (FNAL), and the Nordic e-Infrastructure collaboration (NeIC). 

dCache aggregates multiple storage types (disk or tape, e.g., Mass Storage System/BNL HPSS system) into a single storage system and manages data movement, replication, and integrity. dCache supports several access protocols, including https or posix.

About dCache

Overview

dCache is a sophisticated system that allows transparent access to files on disk or stored on magnetic tape drives in hierarchical storage managers (HSMs). dCache is a joint venture between the Deutsches Elektronen-Synchrotron (DESY), Fermi National Accelerator Laboratory (FNAL), and Nordic e-Infrastructure collaboration (NeIC).

DMARC Policy

Domain-Based Message Authentication, Reporting & Conformance (DMARC) Policy

BNL Cyber Security has implemented an email authentication policy called DMARC, a domain-based message authentication, reporting, and conformance policy that relies on the