Infrastructure / Mosler / Mosler Application

Mosler can be found at https://mosler.nbis.se/

This page is about how to apply for access to Mosler, if you want to know how to use the system please see Mosler User Guide.


Checklists for project and account applications

Project application
  1. Apply for a Mosler project in SUPR
  2. Add accounts for those that shall be part of the project
    • Specify if any of these shall have export rights
  3. (Ensure that there is a personal data assistant agreement between your institution/department and Uppsala University (not necessary if you are employed by Uppsala University))
Account application
  1. Apply for an account at UPPMAX in SUPR if you don’t already have one
    • Register new person & apply for UPPMAX account - see instructions
    • As part of this process you need to accept the SNIC user agreement
  2. Ensure that the project owner has added your account to the project
  3. Confirm that you can log in to the UPPMAX system that you have an account on using your username and password, and send a mail to mosler-support@nbis.se stating this.
    • Your account will then be imported to Mosler
    • This step is to verify that the password we import is the one you know, there are other ways to use ssh that does not test this, but if you log in by filling in your username and password we know that you know your password.
  4. Check that you can access https://mosler.nbis.se/. If not, see Access from your IP address below
  5. Get the second factor for the login
    • The User agreement, signed by you and the project owner (or your boss)
    • Some sort of valid ID, to verify your identity
    • A smartphone with an app to handle Time-based One-time Passwords (TOTPs)
      • We recommend using Authy, which is available for iPhone and Android
        • Authy allows securely backing up the second login factor so it can be restored to a new phone
        • Another alternative is Google Authenticator, but it cannot back up the second login factor (so you will have to request a new second login factor from one of the token administrators in case you get a new phone)

For more detailed instructions, see the Accounts section below.


Applying for projects - Policy and Instructions

Project applications are handled in the SNIC project repository at https://supr.snic.se/. Project resources are granted for 12 months. Project owners will be notified before the project time runs out, and can request prolongation of the project. Project prolongation will be subject to evaluation if resources are limited.

By sending in a project application you agree to the following:

Accounts

To be able to access MOSLER, you must first have a user created at one of the systems at UPPMAX (milou or rackham) with a password you know.

If you do not previously have a user account there, an application will be made when you’re added to a project on MOSLER. You will also need to accept the SNIC common user agreement within SUPR (you will get an e-mail reminder about this). When you’ve done this, an account should be created for you.

After you’ve received an account, you should log in and change your password.

When you have an account (new or old), you’ll need to confirm that you can log in using your password to UPPMAX (not using ssh keys or other authentication methods). Once this is done, send an e-mail to mosler-support@nbis.se to let us know your account is ready for importing into Mosler.

Once that is done, your user can be imported into MOSLER and two-factor authentication can be setup for you.

Access from your IP address

Before you can access the MOSLER service, firewall rules must be updated to let you connect. The firewall rules should allow access from all major Swedish universities. Should you have problems accessing https://mosler.nbis.se, report your IP address (see https://whatismyipaddress.com/ if you don’t know this) to mosler-support@nbis.se along with the information that you need to be able to access the MOSLER service and what project you’re a member of.

2-factor login

For use of Mosler, a requirement is that that the identity of all users are verified. To mitigate the risks of password guessing theft, the use of a second factor is also required for login.

To get this second factor you need to visit one of the Mosler appointed token administrators, and you will need to identify yourself with a valid ID.

You will also need to fill in and sign a user agreement. This should also be signed by the owner of the project on Mosler, or by your boss.

We are using a standards-based one time password algorithm that can be used with different providers. One is by using a smart phone and a key generator such as Authy, which is available for iPhone and Android.

Please install the app on your phone before you visit the support staff.

We strongly recommend that you use a phone as a generator and that you lock your phone screen with a good password or key.