NERSC Computer Security

NERSC computer security efforts are aimed at protecting NERSC systems and its users' intellectual property from unauthorized access or modification.

Among NERSC's security goal are:

1. To protect NERSC systems from unauthorized access.

2. To prevent the interruption of services to its users.

3. To prevent misuse or abuse of NERSC resources.

Security Incidents

If you think there has been a computer security incident you should contact NERSC Security as soon as possible at security@nersc.gov.  You may also call the NERSC consultants (or NERSC Operations during non-business hours) at 1-800-66-NERSC.

 Please save any evidence of the break-in and include as many details as possible in your communication with us.

NERSC Computer Security Tutorial

You can help to keep NERSC more secure by understanding cyber security risks and taking precautions against them.  Please take the Computer Security Tutorial.

Accessing NERSC

NERSC has instituted a number of policies to help achieve these security goals.

NERSC requires all users to protect their user passwords by only transmitting them over the network in encrypted form.  Network connections for logins are allowed only through the Secure Shell (SSH) protocol.  NERSC runs a specialized version of the SSH server that assists in intrusion detection.

File transfers can be accomplished by using the scp or sftp utilities, both of which use SSH protocols. Secure access to the HPSS storage system is also available via ftp and hsi, using "hpss tokens".  See HPSS Paswords.

See Connecting to NERSC and Transferring Data.