- Requesting access to studentdb
GL is the name of our general access Unix systems here at UMBC, managed by DoIT. Anyone with a UMBC account can access GL.
Accessing the GL Servers
To connect to GL you’ll need an SSH client. For Windows, we recommend using PuTTY; the Bitvise SSH client is an alternative option. For Mac and Linux, we recommend the
ssh command in the Terminal. Below is the connection info for GL:
|Port:||22 (This is the default for SSH)|
|Protocol (Connection Type):||SSH|
You authenticate to the GL systems using your myUMBC username (all lowercase!) and password.
Connect using your SSH client. They usually have a connection dialog where you can specify the host, port, and protocol information listed above.
ssh firstname.lastname@example.org in the Terminal.
All UMBC accounts have a quota of 500MB. If you exceed your quota, you will have issues running programs, etc. You can check your quota by running “fs lq” in your home directory.
When you first connect to an unknown server over SSH, your client will typically present the server's host key fingerprint so that you can verify its authenticity. These are the current host key fingerprints (as of 8/23/2018) for the GL servers:
Can I add an SSH key to my GL account?
No, sorry, you can't. Due to the way the system is set up, SSH keys don't work. We understand that might be frustrating to some of our security-minded students, so here's why:
We store user home directories in a network filesystem called AFS. AFS is built to use a system called Kerberos for authentication.
As part of the default login process, SSH asks you for your password. The GL server then attempts to authenticate you with Kerberos using that password and receives a Kerberos ticket granting ticket (TGT). It then uses that TGT to request an AFS ticket, which it then uses to request an AFS token, which allows access to your home directory.
Without your password being temporarily present, the GL server can't get you your Kerberos TGT, which means you can't get access to your home directory
As a result, we have SSH keys disabled for non-root users. If we left it enabled, it would work, and then you'd get a permission denied error for your own home directory, which wouldn't be very useful for you
Browse all articles