...
Furthermore, JASMIN "requires" users to secure their key with a passphrase, but there's no way this can be enforced. It's quite likely users don't bother, and the SSH keys are copied around freely and even lost and replaced, while remaining active for access to the facility.
Third, we also know from other remote cluster providers that it's common to have to connect to a login node or bastion host, and then hop onwards to the final working node.
At ECMWF we much prefer a single hop for users straight to the HPCF, which has the consequence of more complex gateway requirements, in functionality and security.
Finally, although our ActivID tokens work well, they are extremely expensive and the software (at ECMWF's end) is unreliable and troublesome to maintain. We would like to move away from ActivID in the post-BOND timeframe, so any access service should not be bound too tightly to it.
...