added ssh key paragraph
Lucas Frérot
parent
4272941e02
commit
e6256a3d6d
|
|
@ -1,11 +1,28 @@
|
|||
Having an external backup of your home directory is mandatory. Here are a few ways to back up your data, from simplest to most feature rich.
|
||||
|
||||
- Using cron + rsync
|
||||
- Using cron + rsync (can be used to backup to a server)
|
||||
- On Gnome: using DejaDup (duplicity)
|
||||
- On KDE/Plasma: using KBackup or kup
|
||||
- (really advanced) using zfs or btrfs snapshots
|
||||
- (advanced) using zfs or btrfs snapshots
|
||||
|
||||
Depending on the tool used, your backups can be versioned, meaning you can recover an old file version, or a deleted file.
|
||||
Depending on the tool used, your backups can be versioned, meaning you can
|
||||
recover an old file version, or a deleted file.
|
||||
|
||||
# Security
|
||||
If backing up to an external drive, I highly advise encrypting the full disk (with e.g. `cryptsetup`, the standard tool on Linux, which can is used by most disk utility GUIs). Research data can be sensitive, but your personal data (emails, cookies, history, passwords, etc.) are much more sensitive, and should not fall in the wrong hands. Encrypting your computer's internal drive is also a good security measure, and should be done when installing the OS.
|
||||
If backing up to an external drive, it highly advised to encrypt the full disk (with e.g. `cryptsetup`, the standard tool on Linux, which can is used by most disk utility GUIs). Research data can be sensitive, but your personal data (emails, cookies, history, passwords, etc.) are much more sensitive, and should not fall in the wrong hands. Encrypting your computer's internal drive is also a good security measure, and should be done when installing the OS.
|
||||
|
||||
# SSH Keys
|
||||
Connecting to a cluster to run simulations or pushing changes to a git
|
||||
repository is always done through SSH. In order to avoid entering a password on
|
||||
every login, [SSH keys](https://wiki.archlinux.org/title/SSH_keys) provide a
|
||||
safe and easy way to authenticate a connection. However, private keys are very
|
||||
sensitive, and should always be protected by a password, which reduces the
|
||||
convenience of keys.
|
||||
|
||||
To avoid typing your key password on every login, you can setup the [SSH
|
||||
Agent](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)
|
||||
to unlock the key once and hold it in memory. **Never ever use a blank password
|
||||
for an SSH key**. The agent can even be configured to unlock the key when loggin
|
||||
to your desktop session, cf this execellent
|
||||
[article](https://wiki.archlinux.org/title/SSH_keys#SSH_agents) from the
|
||||
[ArchWiki](https://wiki.archlinux.org).
|
||||
|
|
|
|||
|
|
@ -40,6 +40,7 @@ The objective of these rules is to ensure:
|
|||
### Tenets
|
||||
1. Your `$HOME` must have scheduled daily backups on an external drive / remote server. Periodically make sure backups are working and can be recovered.
|
||||
2. Simulation data for a workflow / pipeline / paper is grouped in a dataset. Datasets must be documented with a `README` file explaining what is the data, how it was generated and how it can be used.
|
||||
3. Datasets must be (as much as possible) published to Zenodo at the time of submission, and the dataset DOI cited in the article.
|
||||
3. Datasets must be (whenever possible) published to Zenodo at the time of submission, and the dataset DOI cited in the article.
|
||||
4. Open-source file formats must be used to store data and metadata.
|
||||
5. All datasets must be uploaded to ... when leaving the lab.
|
||||
Self-describing file formats are preferred.
|
||||
5. All datasets must be uploaded to ??? when leaving the lab.
|
||||
|
|
|
|||
|
|
@ -160,6 +160,7 @@ Here is a list of useful features:
|
|||
the name.
|
||||
- [Parameter space
|
||||
exploration](https://snakemake.readthedocs.io/en/stable/snakefiles/rules.html#parameter-space-exploration).
|
||||
- [Command line arguments](https://snakemake.readthedocs.io/en/stable/executing/cli.html)
|
||||
|
||||
# GNU Make
|
||||
Make is a program specifically designed to be a build system, i.e. a tool that
|
||||
|
|
@ -198,4 +199,4 @@ Here are [documentation](https://www.gnu.org/software/make/manual/html_node/inde
|
|||
- [Automatic variables](https://www.gnu.org/software/make/manual/html_node/Automatic-Variables.html) correspond to the symbols `$@`, `$<` and `$*` in the example
|
||||
- [Grouped targets](https://www.gnu.org/software/make/manual/html_node/Multiple-Targets.html)
|
||||
|
||||
One important advantage of Snakemake is the ability to define arbitrarily many wildcards (Make's patterns) in a single rule. Multi-pattern rules do not directly exist in Make. Emulating this feature is [cumbersome](https://stackoverflow.com/questions/3745177/multi-wildcard-pattern-rules-of-gnu-make).
|
||||
One important advantage of Snakemake is the ability to define arbitrarily many wildcards (Make's patterns) in a single rule. Multi-pattern rules do not directly exist in Make. Emulating this feature is [cumbersome](https://stackoverflow.com/questions/3745177/multi-wildcard-pattern-rules-of-gnu-make).
|
||||
|
|
|
|||
Loading…
Reference in New Issue