| | 1 | [[Include(WikiToC)]] |
| | 2 | = Account Management = |
| | 3 | |
| | 4 | The Account Management features in the COSMOS Portal let you update your profile information, change your password, and manage the SSH keys used to access testbed nodes. These settings are accessible from the user menu in the top-right corner of the portal (click your name, then select '''Edit Profile''' or '''SSH Keys'''). |
| | 5 | |
| | 6 | ---- |
| | 7 | |
| | 8 | == Edit Profile == #Profile |
| | 9 | |
| | 10 | The Edit Profile page lets you update your personal information. The following fields can be changed: |
| | 11 | |
| | 12 | * '''First Name and Last Name''' — used in the portal directory and reservation records |
| | 13 | * '''Email''' — changing your email takes effect immediately and affects all future notifications, password reset links, and testbed announcements |
| | 14 | * '''Phone''' — your contact phone number |
| | 15 | |
| | 16 | Your '''username''' and '''organization''' cannot be changed after registration. If you need to change either, contact testbed support at `problems@cosmos-lab.org`. |
| | 17 | |
| | 18 | Changes to your profile are immediately reflected in LDAP (the testbed's central directory service), meaning updated information propagates to all testbed systems. |
| | 19 | |
| | 20 | [[Image(wiki:UserGuide/Portal:portal-profile.png, width=25%)]] |
| | 21 | |
| | 22 | ---- |
| | 23 | |
| | 24 | == Change Password == #Password |
| | 25 | |
| | 26 | On the Edit Profile page, scroll down to the '''Change Password''' section. To change your password: |
| | 27 | |
| | 28 | 1. Enter your '''current password''' for verification |
| | 29 | 2. Enter your '''new password''' |
| | 30 | 3. Enter the new password again in the '''Confirm Password''' field |
| | 31 | 4. Click '''Change Password''' |
| | 32 | |
| | 33 | The new password must meet the same strength requirements as during registration: |
| | 34 | * At least 8 characters |
| | 35 | * Mixed case (uppercase and lowercase letters) |
| | 36 | * At least one digit |
| | 37 | * At least one special character |
| | 38 | * Must not be a commonly used or weak password |
| | 39 | |
| | 40 | Your new password takes effect immediately across all testbed services. |
| | 41 | |
| | 42 | ---- |
| | 43 | |
| | 44 | == SSH Keys == #SSHKeys |
| | 45 | |
| | 46 | SSH keys are the primary authentication mechanism for accessing testbed nodes during your experiments. The portal's SSH Keys page (accessible from the user menu) lets you manage your public keys. |
| | 47 | |
| | 48 | === Why SSH Keys? === |
| | 49 | |
| | 50 | Password-based SSH authentication is disabled on testbed console servers for security. Instead, you authenticate using public-key cryptography: your private key stays on your computer, and the corresponding public key is stored on the testbed. When you connect via SSH, the server verifies your identity by challenging your private key — no password is transmitted over the network. |
| | 51 | |
| | 52 | You can upload multiple keys (for example, one from your laptop, one from your desktop, and one from a lab workstation). All uploaded keys grant access to testbed console servers during your active reservations. |
| | 53 | |
| | 54 | === Managing Keys === |
| | 55 | |
| | 56 | The SSH Keys page provides three operations: |
| | 57 | |
| | 58 | '''Upload a key''' — paste the contents of your public key file (the `.pub` file) into the text area and click '''Add Key'''. The portal validates the key in real time before accepting it: |
| | 59 | * Checks that the format is valid OpenSSH public key format |
| | 60 | * Verifies the key type is supported |
| | 61 | * Rejects private keys, incomplete keys, and keys with invalid encoding |
| | 62 | |
| | 63 | '''View keys''' — all your uploaded keys are displayed in a list showing the key type (e.g., ssh-ed25519, ssh-rsa) and the comment field (usually your email or hostname). This helps you identify which key belongs to which machine. |
| | 64 | |
| | 65 | '''Delete a key''' — click the delete button next to any key to remove it. Deleted keys are immediately removed from all testbed console servers. Make sure you have at least one working key before deleting others. |
| | 66 | |
| | 67 | [[Image(wiki:UserGuide/Portal:portal-ssh-keys.png, width=25%)]] |
| | 68 | |
| | 69 | === Supported Key Types === |
| | 70 | |
| | 71 | The portal accepts the following SSH key types: |
| | 72 | |
| | 73 | ||= Key Type =||= Algorithm =||= Recommended? =|| |
| | 74 | || `ssh-ed25519` || Ed25519 (elliptic curve) || '''Yes''' — fast, secure, short keys || |
| | 75 | || `ecdsa-sha2-nistp256` || ECDSA with P-256 curve || Yes || |
| | 76 | || `ecdsa-sha2-nistp384` || ECDSA with P-384 curve || Yes || |
| | 77 | || `ecdsa-sha2-nistp521` || ECDSA with P-521 curve || Yes || |
| | 78 | || `ssh-rsa` || RSA || Acceptable (use 4096-bit minimum) || |
| | 79 | || `sk-ssh-ed25519@openssh.com` || Ed25519 with FIDO/U2F hardware token || Yes (hardware security key) || |
| | 80 | || `sk-ecdsa-sha2-nistp256@openssh.com` || ECDSA with FIDO/U2F hardware token || Yes (hardware security key) || |
| | 81 | |
| | 82 | We recommend '''Ed25519''' for new key generation — it provides strong security with compact key sizes and fast operations. |
| | 83 | |
| | 84 | === Generating a New SSH Key === |
| | 85 | |
| | 86 | If you do not have an SSH key pair yet, follow the instructions below for your operating system. |
| | 87 | |
| | 88 | ==== Linux and macOS ==== |
| | 89 | |
| | 90 | Open a terminal and run: |
| | 91 | {{{ |
| | 92 | ssh-keygen -t ed25519 -C "your_email@example.com" |
| | 93 | }}} |
| | 94 | |
| | 95 | When prompted: |
| | 96 | * '''File location''' — press Enter to accept the default (`~/.ssh/id_ed25519`) |
| | 97 | * '''Passphrase''' — enter a passphrase for extra security (recommended), or press Enter for no passphrase |
| | 98 | |
| | 99 | This creates two files: |
| | 100 | * `~/.ssh/id_ed25519` — your '''private key''' (never share this with anyone) |
| | 101 | * `~/.ssh/id_ed25519.pub` — your '''public key''' (this is what you paste into the portal) |
| | 102 | |
| | 103 | To copy the public key to your clipboard: |
| | 104 | {{{ |
| | 105 | cat ~/.ssh/id_ed25519.pub |
| | 106 | }}} |
| | 107 | Then select and copy the entire output line (starting with `ssh-ed25519`). |
| | 108 | |
| | 109 | ==== Windows (PowerShell) ==== |
| | 110 | |
| | 111 | Windows 10 and 11 include a built-in OpenSSH client. Open PowerShell and run: |
| | 112 | {{{ |
| | 113 | ssh-keygen -t ed25519 -C "your_email@example.com" |
| | 114 | }}} |
| | 115 | The key pair is saved to `C:\Users\YourName\.ssh\`. Open `id_ed25519.pub` with Notepad to copy the public key. |
| | 116 | |
| | 117 | ==== Windows (PuTTY) ==== |
| | 118 | |
| | 119 | If you use PuTTY: |
| | 120 | 1. Open '''PuTTYgen''' (included with PuTTY) |
| | 121 | 2. Select '''EdDSA''' (Ed25519) as the key type |
| | 122 | 3. Click '''Generate''' and move your mouse to add randomness |
| | 123 | 4. Save the private key to a secure location |
| | 124 | 5. Copy the text from the '''Public key for pasting into OpenSSH authorized_keys''' box — this is what you paste into the portal |
| | 125 | |
| | 126 | '''Important:''' PuTTY uses its own key format (`.ppk`). The portal requires OpenSSH format. Make sure you copy from the text box at the top of PuTTYgen, not from the "Save public key" button (which saves in a different format). |
| | 127 | |
| | 128 | === Further Reading === |
| | 129 | |
| | 130 | * [https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent GitHub: Generating SSH Keys] — comprehensive tutorial for all platforms |
| | 131 | * [https://www.ssh.com/academy/ssh/keygen SSH Academy: ssh-keygen] — reference for key generation options and best practices |
| | 132 | * [https://wiki.archlinux.org/title/SSH_keys ArchWiki: SSH Keys] — detailed guide covering key types, security considerations, and agent forwarding |
