USQCD: US Lattice Quantum Chromodynamics

USQCD home
Physics program
Software
- download
- ILDG
Hardware
- Installations
- QCDOC
- Clusters
- LQCD Project
USQCD Collaboration
Links and resources

FNAL - LQCD Documentation

New Users

User Authentication

Building your code - The Runtime Environment

Submitting jobs to the TORQUE Batch System

Project Allocations

Software Documentation Details

Hardware Details

Filesystem Details

Mass/Tape Storage Details

Transferring Files

Compilers

FAQs

Obtaining a New User Account

Kerberos authentication is required in order to access the lattice QCD computing facilities at Fermilab. For remote users, the following are required:

Fermilab Visitor ID
Fermilab Kerberos Principal
Unix accounts on the LQCD cluster machines

Step 1. Fermilab Visitor ID and Kerberos Principal

If you have previously used computers at Fermilab, you may already have a Visitor ID. Use the Fermilab telephone directory search pages to look for your name. If an entry exists for you and that entry lists a Visitor ID number, record that number for filling out the application form. The details regarding the Visitor ID application process for a Non-Employee Off-Site Fermilab User can be found at this link (please see the section for off-site visitors).

You will need to submit the online application form for a Visitor ID and/or Kerberos principal using this link. In the pulldown menu for "Fermilab Experiment, Division or Section affiliation", select "Lattice QCD". You should check the boxes for a Kerberos Principal and for a CRYTPOCard. We can ship your CRYPTOCard to you.

Step 2. Unix accounts on the LQCD cluster machines

After you have received mail with information about your Kerberos principal, send mail to lqcd-admin@fnal.gov to request an account on the LQCD clusters. If you requested a CRYPTOCard please do mention that in the mail and your mailing address where we can send your card to.

Strong Authentication at Fermilab

Strong authentication is a form of computer security in which the identities of networked users, clients and servers are verified without transmitting passwords over the network.

The Kerberos Network Authentication Service V5 is the network authentication program that implements strong authentication. In addition to establishing identity (authentication), it supports encrypted network connections, thereby providing confidentiality.

Fermilab employs Kerberos to authenticate users who want to access computer systems at the lab. A user must have a valid kerberos ticket before he can login to a machine. Tickets can be obtained by using the kinit client application on the user's workstation, or the user may obtain a ticket during the login process by using a cryptocard. Tickets expire in 24 hours, but generally can be renewed before expiration for a period of 7 days. Only users who have current (unexpired) kerberos principals issued by Fermilab can obtain kerberos tickets.

Kerberos clients include telnet, ftp, rsh, rcp, rlogin, and, if specially built, ssh and slogin. All of these clients can encrypt communications.

All computer users at Fermilab have the responsibility to understand the broad outlines of Fermilab's Policy on Computing, and to comply with the policy.

Please refer to the following web page for more technical details: Introduction to Strong Authentication

usqcd-webmaster@usqcd.org