Any views expressed within media held on this service are those of the contributors, should not be taken as approved or endorsed by the University, and do not necessarily reflect the views of the University in respect of any particular issue.

Computing Systems

Computing Systems

Informatics Computing Staff jottings

Changes to the SSH service

The way in which SSH login services are provided for the School of Informatics will soon be changing.

Currently, we provide 2 services – a general access server for all members of the School (ssh.inf and student.ssh.inf) and a second which is restricted to staff, research postgraduates, and visitors (staff.ssh.inf). Both servers are currently globally accessible. As these are critical entry points to our computing infrastructure the University IT security team have decided that, to ensure their security, access controls for these services must be changed to require the use of a VPN client when you are outwith the University network.

We are aware that the use of a VPN client will not be practical for all research requirements so we are also introducing a new SSH service that will be globally accessible (to be known as remote.ssh.inf). The new service will be available to all staff, research postgraduates, and visitors, like the current staff service, but access will be on an opt-in basis. To gain access permission a request will have to be sent via our usual support form. To avoid having to handle a large number of requests initially we will allocate access permission to all those who have accessed the current staff SSH server in the last 2 months. Going forward, any user who does not use the service for over 2 months will have their access automatically withdrawn.

At the same time, we are taking the opportunity to restructure the way in which we manage the SSH services. This will allow us to work on the hardware and apply security updates in a timely manner without regularly causing disruption to the services. To achieve this the current services will move to new hosts, full details of the new service arrangements will soon appear on our computing.help website.

We believe that these changes are necessary because the security threats to our computing infrastructure have significantly changed over the last few years. In particular, universities are now seen as easy targets for ransomware attacks. To give some sense of the scale of this threat, so far this year 18 universities have suffered serious ransomware attacks with the resulting disruption to services being 10 to 20 days and repair costs being anything up to £2 million. See this NCSC alert and the JISC Cyper Impact report for a more detailed exploration of the issues involved.

Changes to the SSH service / Computing Systems by is licensed under a

Posted by

Categories

Uncategorized

Tags

No tags have been added to this post.

Previous post

Next post

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Changes to the SSH service / Computing Systems by is licensed under a
css.php

Report this page

To report inappropriate content on this page, please use the form below. Upon receiving your report, we will be in touch as per the Take Down Policy of the service.

Please note that personal data collected through this form is used and stored for the purposes of processing this report and communication with you.

If you are unable to report a concern about content via this form please contact the Service Owner.

Please enter an email address you wish to be contacted on. Please describe the unacceptable content in sufficient detail to allow us to locate it, and why you consider it to be unacceptable.
By submitting this report, you accept that it is accurate and that fraudulent or nuisance complaints may result in action by the University.

  Cancel