Wednesday, May 06, 2009

OCF downtime: frequently asked questions

We've been getting a lot of questions over the past week, and (understandably) many of them are similar, so I thought I'd collect the answers to the most frequently asked ones here.

We thank you for your patience, and we'll continue to provide updates via our main website and this blog as things change and we get back on our feet.

Q: Can I access my email?
A: As of a few hours ago, there's a temporary webmail interface available at https://webmail.ocf.berkeley.edu/. Sending email from it doesn't work for the moment, and it lacks the spit and polish of the usual webmail interfaces, but you should at least be able to read your email. POP and IMAP access is still available, and you can send email using SMTP -- see our documentation (now also available again) for information on how to set this up.

Q: Can I access my files on the OCF?
Q: Can I modify my website hosted on the OCF?
A: The usual SSH and SFTP access is unavailable at the moment. For now, you can use the web FTP application to upload, download, and edit your files.

Q: What happened to my account application?
A: We can't process account applications at the moment. We'll get around to it once we have our services up and running.

Q: Can I use SSH or SFTP?
Q: I tried to log in via SSH/SFTP, but I'm getting a message that the host key changed.
A:The primary login servers that you get by logging into ocf.berkeley.edu are turned on again, but aren't accepting user logins at the moment. We'll let you know when you can log in to these machines again. The host keys have changed, and we'll post the new key fingerprints, along with instructions, when we're ready to allow logins again.

Q: So what's this about being hacked? Should I do anything to make sure I'm safe?
A: We recommend the following:

  • If you have other accounts which share the same password as your OCF account, those passwords should be changed immediately. Note that reusing passwords is a terrible idea for exactly this reason.
  • If you have logged into another machine from an OCF system using SSH, Telnet, or the r* commands using a password since April 15th, that password should be changed immediately.
  • If you entered a password on an OCF system, especially a Solaris or Linux system, at some point since April 15, consider changing that password.
  • If you kept an SSH private key on the OCF, immediately prevent it from being used to log in to any systems (remove the corresponding public key from authorized_keys everywhere it's listed).

We will be requiring that all users change their OCF account passwords soon, but you cannot do this now, nor do we recommend doing it now.

If you have other questions, feel free to email us (staff [AT] ocf.berkeley.edu).