1.1. Onboarding

You will need to

1. have a grid certificate,

2. register to a VO,

3. and obtain a UNIX account.

1.1.1. Grid certificate

Go to UK Certification Authority Portal and obtain a grid certificate. You will obtain a certBundle.p12 file which is “an archive file format for storing many cryptography objects as a single file”[1]

Note

You may need to use a different website if you are outside UK. TODO: add other countries’ links here.

Follow the instruction over there to obtain grid certificate. They implements a strong principle of Web of trust and requires you to physically verify your identity in-person with an existing member of the Grid.

1.1.2. Registering the SO:UK Virtual Organization (VO) and obtain a grid certificate

Go to VOMS Admin > souk.ac.uk and submit an application to the VO.

Note

They prefer you to use your institutional email here. It does not have to match your email address used in the Grid Certificate.

Once submitted, you will receive an email. Once you clicked the link in the email to confirm your application, you need to wait for admin to process it.

Occasionally the application went into a blackhole, feel free to ping the admin there or us if you aren’t approved in a couple of days.

1.1.3. Obtain a UNIX account

Provide the following info and send it to one of us:

0. Your email address, GitHub account name, and preferred name.

1. Your preferred UNIX username. If you don’t know, run echo $USER in your terminal and copy that. A recommended pattern is first initial then surname. For example, jdoe.

2. Your first name and last name, same as the one used above.

3. Copy your ssh public key(s) to us. For example, you can run the following commands and copy the first available result:

   cat ~/.ssh/id_ed25519.pub
   cat ~/.ssh/id_rsa.pub
   

   Note

   For advanced users, if your ssh comment from your key contains your email address, you can specify an alternative comment to be used on our system. Otherwise it will be assigned by us. This is a policy enforced by Blackett.

4. (Optional) For typical users, please skip this step. If you need sudo, follow the following procedure to generate a salted, hashed password. On your local machine (vm77’s openssh is too old), enter this line,

   $ openssl passwd -6 -salt $(openssl rand -base64 16)
   # type the password you want to use in the prompt
   # and result would look like this:
   $6$...$...
   

   Copy the resulting string to us.

For maintainers to add this new user, go to this section.

---

[1]

See PKCS 12 - Wikipedia.