Differences between revisions 4 and 5
Revision 4 as of 2016-09-13 10:51:45
Size: 2753
Revision 5 as of 2016-09-13 12:46:34
Size: 2752
Deletions are marked like this. Additions are marked like this.
Line 10: Line 10:
{{attachment:warp-concept1.jpg}} {{attachment:warp-concept.jpg}}

Remote Login Service

WARP - The Concept for Remote Login Service with more Safety

  • ssh warp.zeuthen.desy.de

The concept


  • a cluster of access nodes will be used for an automatic and transparent forwarding to a suitable work group server of your group.
  • the deciding factor is your primary login group
  • choose the wgs with the lowest load
  • the user has possibilities to choose another destination or another group
  • users of groups which haven't an own wgs will be forwarded to a public wgs


  • the access systems need only an ssh and kerberos clearance in the firewall
  • backdoors are not possible
  • local root exploits on the access systems pose not longer a serious risk (except for the sshd )
  • Users of different groups will be distributed across different machines

Problems in the past

  • Whenever cases of local root exploits came to light, we had have to act immediately. (multiple in the year, one compromized user account is sufficient)

  • Although all available security updates are rolling out quickly the login hosts are threatened by zero-day exploits
  • All users used the same login hosts. Several times the pubs could not used by other users because of overload (misusage for job processing, mathematica process or similar).

Further information and usage suggestions you can find here: Warp_Login_Usage.

Remote login with SSH

Web based Client

  • Only for the cases that you don't have a chance to use a local client this service is offered. Be aware that the terminal emulation is limited, so special character support, ECS sequences and menu driven software may not work a aspected. The link will open a new browser window. You get a terminal session on the pal cluster in DESY Hamburg.

Remote Login Service (last edited 2019-09-09 15:56:57 by StephanWiesand)