Skip to content

Experimental System Access

Introduction

A pair of redundant SSH Gateways were built to replace the aging Hydra-VPN Service. This service replicates the requirements of Hydra-VPn, while implementing much higher security standards, with greater ease of use.

In order to access these gateways, you need to be a member of a project which uses them, for example a NextGenIO Project. If you're unsure if you need access, speak to your EPCC Project Contact.

These gateways act as a jump host only, you can't SSH to them directly. See the Using the Gateway section for more information.

Gaining Access

  1. Access SAFE
  2. Select 'Projects' and 'Request Access'
  3. Search for your project code, e.g. nx04
  4. Select 'Request machine account' then 'Apply'
  5. Under the 'Select a machine for the login account' select 'gateways'
  6. Select 'Next'
  7. Specify the username you'd like. This can't be the same as an account name in another project
  8. Upload an SSH public key. This is required to access these gateways.
  9. Select 'Request'
  10. You'll get an email when your account has been accepted.

Set MFA Token

Once your account has been added, you need to enable MFA. Like the SSH key, this is required to use these gateways.

  1. Access SAFE
  2. Select 'Login Accounts' and select the username you just made
  3. Select 'Set MFA-Token'
  4. Scan the QR Code into the authenticator of your choice, and verify the code displayed in your app in the 'Verification Code' box.
  5. MFA has now been enabled.

Using the Gateway

See the EIDF-Gateway docs for instructions on how to use the gateways from Linux/MacOS or Windows.

Substitute all mentions of eidf-gateway.epcc.ed.ac.uk to be gateway.epcc.ed.ac.uk in your config. These are two seperate services and you cannot access experimental services through eidf-gateway.epcc.ed.ac.uk