Starting today, Sigma2 is implementing two-factor authentication on SSH across our systems. Initially, this will be offered on the Fram and Saga resources. All users of Fram and Saga will receive information about this via email.
Two-factor authentication on SSH is implemented with a time-based one-time pad (TOTP), which most will recognise from other services with two-factor authentication.
As a user, you can choose to use two-factor authentication on Fram and Saga starting today. The way to do this is by logging in via www.metacenter.no/user, where you change your password, and select "OTP / 2FA" from the menu. Once this is done, you will be enrolled in two-factor authentication on Fram and Saga within the next quarter of an hour.
Remember to take good care of the recovery codes, as these are required if you ever lose access to the two-factor device you have registered with. You will find a step-by-step guide in our documentation.
We will set a deadline for the required transition to two-factor authentication, which is assumed to be in batches at the time of writing. This means the deadline for switching to two-factor authentication may vary from user to user.
At a date later this year, two-factor authentication will be required for all users on Fram and Saga. A new message will be given in due time before this transition. After this date, logging into NIRD and Betzy will also require two-factor authentication on SSH login servers.