Google authenticatorConnecting to research computing resource from off-campus requires one of two approaches:”

Approach One – Most commonly used – SU VPN
From a Windows PC this is most easily done through the Syracuse University Remote Access (SURA) utility.  You can find information describing how to connect to the VPN through SURA as well as from other operating systems here.

Once connected to the University’s VPN, you can then initiate your Condor connection via SSH.  The steps below describe how to configure the required two-step authentication needed to connect to this resource.

Approach Two – Google Two Factor and A bastion Host
(The Research Computing team will recommend this approach if required.)

Google Authenticator provides a two-step authentication procedure using one-time passcodes (OTP). The OTP generator application is available for common mobile platforms such iOS and Android.  Each can be downloaded from  their respective stores.

To log into Condor you must first set up Google Authenticator.

1) If not already installed, download/install the Google Authenticator application from the application store (Apple) or Google play (Android)

2) Use your SSH client to connect to its-condor-t1.syr.edu.  If you need to download a SSH client PuTTY is a good option for Windows and Unix. PuTTY can be downloaded from here.  Apple user can use the built-in application called Terminal.

PuTTy

3) Maximize your SSH window (you will a big window to display a QR code that you will scan through the Google Authenticator application).

4) When prompted use your SU NetID and password to login.

Login one

5) It will display a basic instruction set for setting up your 2 factor authentication and then wait at a prompt before continuing – AGAIN BE SURE TO MAXIMIZE the SSH session window before you go to the next step to make sure the barcode will be fully displayed on the screen.


Login 3
Login with qr code

6) Once you continue it will display a key and barcode – use Google Authenticator Application you installed in step  to scan the barcode or enter the key.

7) This should log you in successfully,  on the subsequent logins, you’ll enter NetID password as Password prompt, then 6-digit Google Authenticator one time password at the Verification prompt.Enter the 6-digit code without any spaces even if Google Authenticator shows a space in the number string.

Google Authenticator