You are here: Home / News & Events / News / Security Incident Mistral

Security Incident Mistral

Jun 25, 2020

Update: 2020-06-26 12:33

Dear users,

we are still investigating the incident that has been discovered yesterday. Systems with the lustre filesystem mounted have been hacked so that confidential information such as plain text passwords in files like ~/.netrc or ssh-keys might have been stolen. Access to compromised systems is prevented now.

We suggest you to do the following as soon as possible:

  • If you have or had stored ssh-keys on Mistral, in particular those without passphrase, then disable them on any remote system where you might have used them, this includes gitlab.dkrz.de
  • If your password is or was stored in ~/.netrc or in any other file on mistral then you should set a new password on luv.dkzr.de. You might consider using Kerberos in the future when accessing HPSS (please refer to https://www.dkrz.de/up/systems/hpss/pftp-with-kerberos)

Best regards,
DKRZ


Dear users,

due to a security incident on Mistral we have to disable usage of ssh-keys in ~/.ssh/authorized_keys on all of our nodes. If you have private ssh-keys on Mistral in ~/.ssh/id_* they should be considered as stolen. Don't use these keys any longer inside and outside of DKRZ.

We are working on alternatives, but this may take some time. For the time being you are asked to use password authentication instead.

We apologize for the inconvenience we are well aware of. 

Best regards,
DKRZ

Document Actions

Filed under: