Cybersecurity – Passwords, SSH Keys and Personal accounts
There have been media reports recently of cyberattacks on European Supercomputing centres. One of the contributing factors of the attacks is stolen passwords and SSH keys.
This is therefore a timely reminder to all users that you are not to share your password, SSH keys or personal NSCC supercomputer accounts with anyone else.
Apart from breaching the Acceptable Use Policy (a copy of which can be found in https://help.nscc.sg/aup/), which all users had acknowledged, sharing of passwords, SSH keys and personal accounts is a security risk that can lead to user information being stolen for unauthorised or undesirable activities. Such actions jeopardise both the users’ projects and compromises the security of the NSCC system, which affects all other users.
All users are to stop sharing passwords, SSH keys or accounts. If you have been doing so, please stop immediately. In addition we strongly recommend that you change your password and SSH key as soon as possible.
All research staff and students in stakeholder organisations (i.e. A*STAR, NUS, NTU, SUTD, TCOMS and NEA) are entitled to an account and may apply for one. Principal Investigators (PIs) should not share accounts with their students and should get students to sign up for individual accounts instead. PIs with collaborators who are not from a stakeholder organisation can also sponsor their collaborators for an individual account to gain access to the system for the duration of the project. Do take note that we do not differentiate computational jobs from staff or student accounts and that all jobs run with similar levels of priorities.
Please note the severity for the misuse of the resource which may result in civil penalties as stated in Section 1 of the AUP.
Your cooperation in this matter will help us greatly enhance the cybersecurity of the NSCC system and to ensure a safe and secure supercomputing environment for all users.
Do not hesitate to contact us at [email protected] if you have any queries.
From the NSCC Team