zonca
commented
7 months ago Never heard about kerberization before. Do you know some documentation you can point me to?
Closed pibion closed 7 months ago
zonca
commented
7 months ago Never heard about kerberization before. Do you know some documentation you can point me to?
pibion
commented
7 months ago The most useful documentation might be the Fermilab instructions: https://computing.fnal.gov/wilsoncluster/kerberos/, https://authentication.fnal.gov/krb5conf/.
This is what it looks like when kerberos is set up: you kerberize (like in https://twiki.nevis.columbia.edu/twiki/bin/view/Main/Kerberos) and then you can ssh like normal.
zonca
commented
7 months ago I think you said now you have a Singularity image with all the SuperCDMS packages, does it have Kerberos as well? in any case it is useful to have another issue that discusses what docker/singularity image we want to use for single user environments.
pibion
commented
7 months ago @zonca okay so I was strongly discouraged from setting up kerberos on our Jetstream instance, apparently it's a big security risk. Kerberos is supposed to be installed on a truly local computer.
I'll open another issue about docker/singularity images, and close this one.
I'm wondering if it would be possible to make it possible to kerberize to the FNAL realm in our terminal - it would be handy for people who need to access/copy data from FNAL servers.