CCS security policy
Users of the CCS supercomputer systems should follow the following security policies;
-
A private key for the SSH public-key authentication to log in to the supercomputer systems should be securely stored and managed at a location where the corresponding user can only access.
-
The private key should be protected by a passphrase.
-
The private key should not be stored at the supercomputer systems.
Even when a multi-stage SSH login is required, the above policies should be followed by using a SSH agent forwarding. When there are several private keys to log in to the supercomputer systems, the above policies should be applied to all private keys.