Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Before the Student Arrives

CIS Account


Default group: pegasus.

Group Number: 23

Office, Badge


Ask Larry Lorna to find an office for the student. Try to avoid offices without a window.

Larry will Lorna will also get an ID badge for the student. Make sure they get a key that works for their office.

Ask Larry Lorna to create a basic computer account for the student. He will need an a project account to charge it to.


Loaner or a new laptop

New Mac Setup:


Create a CIS ticket to add the student to the ccg@isi.


We have several computers the students can use, including and

The computer should have the latest CentOS, with a recent Condor and the latest Pegasus release.

Install iptables and open port 22, install fail2ban, and disable passwords via ssh.

Make sure the computer is mounting the ISI NFS home directories properly, and configure it to use the ISI NIS and ISI NTP servers.

Give the student sudo privileges on the machine.


Subscribe the student to the group email list, The files are in: /nfs/asd2/pegasus/mailing-lists


edu mailing list.

Welcome Bag

After the Student Arrives

Wired Access for Student's Laptop

Register student's wired NIC address with CIS from

AD Setup

Action should have sent an email about the student's account along with a username and temporary password.

Change password

Set Duo

Set Okta

Add to Crowd

Add student to Crowd's isi directory with ccg-users, confluence-users, jira-users, bamboo-users groups

Sync user directories in JIRA, Confluence, Bamboo, etc.

Add to Salt

Add student to salt stack.

Add to Slack

Add to USC ISI Slack

Add to Pegasus-WMS Slack

Add to Pegasus-Users Slack

Add to other project specific Slack workspaces as applicable.

Add to CCG mailing list


Give the student write access to Confluence via Crowd.


Have the student set up their email client to access their ISI account.

Set up SSH Keys

  • Windows 10: Has OpenSSH support. To enable see

    Code Block
    mkdir ~/.ssh
    cd ~/.ssh
    ssh-keygen -t ed25519 -C "$USER"
    # Enter a password when prompted
    # Execute on Student's Linux Desktop
    # cat > authorized_keys


NSF has a new requirement that all students (undergraduate, graduate, and postdoctoral) must have had training in Responsible Conduct in Research (RCR) *before* being supported (i.e., paid) by NSF. 

Furthermore, an on-line

An online RCR certification system has been set up for this purpose.   It is found here:

Please note the following requirements as they apply to all VSoE students:

  • all currently NSF-supported students (undergraduate, graduate, and postdoctoral) *must* complete the on-line course this spring, as per the Provost's memo;
  • all new incoming PhD students and postdocs *must* complete the on-line course before being set up on payroll;
  • all undergraduates being put on an NSF support *must* complete the on-line course before being set up on payroll;
  • PIs who have or hope to have NSF funding are urged to have all their PhD students and postdocs complete the on-line course in any case, to avoid possible future delays in student payroll if students/postdocs are moved from one grant to another.

Papers to Read

List of Pegasus papers:

Older Pegasus Papers ( for reference. not reqd to read on first go):

HTCondor Papers

Computer Stuff

Change your password

Open a terminal for the student and have them telnet to It should ask them to change their password on login.


Have the student set up their email client to access their ISI account, or create a .forward file.

Set up SSH Keys

Help the students set up their ssh keys so that they can log on to ISI machines from their laptops / home computers

  • log on to your linux box using action provided username and password
  • mkdir ~/.ssh
  • ssh-keygen -t dsa

    Code Block
    Enter passphrase (empty for no passphrase): ********
    Enter same passphrase again: ********
    Your identification has been saved in /nfs/asd2/username/.ssh/id_dsa.
    Your public key has been saved in /nfs/asd2/username/.ssh/
    The key fingerprint is:
    14:f9:31:1a:2d:e0:11:86:cd:3a:3d:9f:35:73:24:8c user isi key
    93.340u 0.070s 4:55.37 31.6%    0+0k 0+0io 363pf+0w
  • Make sure you enter a passphrase
  • Now you have a private key/public key pair generated.
  • cat id_dsa > authorized_keys

Optional grid papers: