Two Factor Authentication
The Department of Energy (DOE) has mandated that all DOE facilities migrate away from static passwords in favor of two factor authentication methods on all gateways into the facility that provide shell access.
Since September 30th, 2006, the only permitted login methods on BNL gateway machines are SSH keys or CryptoCards.
Gateway Machines
| ATLAS Gateways |
RHIC Gateways |
|---|---|
| aftpexp.bnl.gov (alias) |
rftpexp.rhic.bnl.gov (alias) |
| aftpexp01.bnl.gov | rftpexp01.rhic.bnl.gov |
| atlasgw.bnl.gov (alias) |
rftpexp02.rhic.bnl.gov |
| atlasgw00.bnl.gov | rssh.rhic.bnl.gov (alias) |
| atlasgw01.bnl.gov |
rssh01.rhic.bnl.gov |
| rssh02.rhic.bnl.gov | |
| rssh03.rhic.bnl.gov | |
| rssh04.rhic.bnl.gov |
Gateway Access Methods
SSH Keys
SSH keys are an implementation of a private/public key pair cryptography within SSH. For more information on SSH keys, and their generation and use, please consult the SSH Keys page.
To upload your SSH key, visit the SSH Public Key File Upload Form.
CryptoCards
CryptoCards are an implimentation of a one-time password system in both hardware and software form. Please consult the CryptoCards page for more information on CryptoCards, obtaining one, and their use.
