Cookies on this website
We use cookies to ensure that we give you the best experience on our website. If you click 'Continue' we'll assume that you are happy to receive all cookies and you won't see this message again. Click 'Find out more' for information on how to change your cookie settings.

Configuring FileZilla for Two Factor Authentication

FileZilla is a popular tool for SFTP file transfers and can be used to transfer files to/from BMRC with additional configuration as follows.

  1. Open FileZilla from the Menu Bar select Edit -> Settings. In the Connection settings tab, set your timeout value to 600 seconds (ten minutes). Then click OK to save your settings.
    FileZilla's Settings window showing the Connections tab with the time out value set to 600 seconds
  2. From FileZilla's main window, click the Site Manager button (underneath the File menu) to display the Site Manager window.
    FileZilla's Site Manager window
  3. Click New Site to configure your connection to the BMRC cluster and copy the details shown above, namely:
    Protocol: SFTP
    Host: cluster2.bmrc.ox.ac.uk
    Port: 22
    Logon Type: Interactive
    User: [Enter your username]

    NB If connecting to another BMRC server, adjust the Site Name and Host settings as needed.
  4. Now select the Transfer Settings tab, enable Limit number of simultaneous connections and set to 1.
    FileZilla - Site Manager - Transfer Settings window showing Limit number of simultaneous connections set to 1.
  5. Now click OK to save this configuration. Back at the main window, click the down-arrow next to the Site Manager button and select BMRC Cluster. This will begin the login process.
  6. If FileZilla warns you about an Unknown host key, tick the box marked Always trust this host, add this key to the cache and click OK. (Please contact BMRC if you wish to confirm the key identity further.)
  7. FileZilla will now prompt you to enter your First Factor i.e. your password:
    FileZilla's password window prompting for First Factor i.e. password
  8. After entering your password and clicking OK, FileZilla will then prompt you to enter your second factor code:
    FileZilla's login window prompting for a second factor code
  9. After entering your second factor code and clicking OK, FileZilla should now be connected. The left hand size of the FileZilla window will be showing files on your local computer. The right hand side will be showing files on the BMRC Cluster (or whatever remote site you have configured). Remember that on the BMRC cluster, all data should be stored in your group area under /well/<group>/users/<username>/ - so you may need to navigate to the appropriate location in the right hand window before dragging and dropping files between the two systems.

 

Data Transfers Via Globus

BMRC is able to facilitate both incoming and outgoing data transfers via Globus, a popular, secure third party platform for transferring data. Globus is our preferred option when transferring data to/from your research partners who do not have a regular BMRC account, whether they are elsewhere within the University of Oxford or outside the University.

Prerequisites

In order to request a data transfer via Globus, the BMRC user must in the first instance email us with details of the data to be transferred, cc'ing both to their PI for authorisation and to their external collaborator (the intended sender or recipient of the data).

The external collaborator will need :

1) Either: Access to an institutional Globus server. Please ask your institution's IT services whether there is an institutional licence and whether it provides a suitable location for your data to be received or transmitted from.

2) Or: The Globus Connect Personal software installed onto their institutional or personal computer.

 

Installing Globus Connect Personal

NB Installing Globus Connect Personal is not needed if you are using an institutional Globus account.

To install Globus Connect Personal:

  1. Visit the Globus Connect Personal website and download the appropriate client for your operating system. Clients are available for Windows, Mac and Linux. Follow the installation instructions in order to complete the installation.
  2. During the installation process, you will be asked to login via the Globus website. You can login with an organisational account, and Google account of an ORCID iD account.
    The image show the Globus Personal Connect login webpage. If you have an organisational login, you can search for your organisation. Alternatively you can sign in with a Google account or ORCID iD account.
  3. Once logged in, you will be asked to provide consent to the use of Globus Connect Personal and provide a name for the computer on which you are installing the software. Choose a name that is meaningful to you and click Allow to continue.
    An image of the Globus Connect Personal website showing the initial consent form for connecting your computer. The image shows that this will allow Globus to view your identity, view information about linked entities, create collections in the Globus Transfer Service and view Identity Details. During the registration, you are asked to provide a label by which to identify your computer. Buttons show Allow and Deny.
  4. The Globus Connect Personal software on your laptop will now ask you to complete the setup by choosing a name for the data collection on your laptop.
    The image shows an application window which appears when setting up the Globus Connect Personal Software for the first time. You are asked to provide details of a Globus Collection, with Owner Identity (your email address) and to input a name and description for the new collection. There is a option box for High Assurance, if your computer will store sensitive information such as Protected Health Information of Controlled Unclassified information. There is a save button at the bottom of the window.
    In general, you can use your laptop name as the Collection name. For transfers to/from BMRC, the High Assurance button should be left unticked.
  5. Finally, the application should notify you that it has been successfully installed and that the Globus Connect Personal application is now running. Mac and Windows users should find a notification icon in the tray or menubar. Linux users may see a notification icon or the running application window.

Using Globus for Data Transfers To/From BMRC

In order to carry out a data transfer to/from BMRC, you will need to have logged in to an institutional Globus account or configured Globus Connect Personal on your own computer following the steps above. On request, BMRC will issue a Globus-only account to external collaborators in order to transfer data. Users with regular BMRC cluster accounts will need to request that Globus access is enabled.

Once the above is in place, you can carry out a data transfer by following these steps.

  1. Login to the Globus website using the same credentials used previously (whether an institutional login, Google login or ORCID iD).
  2. Once logged in, visit the Endpoints page and search for bmrc#upload23 using the Search all endpoints input at the top of the screen. Once the endpoint is showing, click the arrow point right to show full endpoint details and then click the Activate button to activate the endpoint.
    The image shows a webpage in which the user has searched for the endpoint bmrc#upload23.The results of the search are shown below with the bmrc#upload23 endpoint found. An arrow icon to the right allows one to see more information about this endpoint.
  3. When activating the endpoint, you will be asked to input the credentials for your BMRC account. Enter the username and in the password field enter your username and two-factor code as a single entry (the one immediately followed by the other with no spaces in between). Activation normally lasts for 24 hours. Click the Advanced button to customise the duration if desired. Once activated, click the button to Open in File Manager.
  4. The file manager window is vertically split into two halves. You will see the contents of the BMRC folder and the bmrc#upload23 endpoint on the left side of the screen. You should now search for the collection name you registered for your own computer. If you click in the endpoint search box you will be taken to a new window where you can either search by name or click the Your Collections tab to show your own collections.
    The image shows the Globus File Manager webpage. The page is split vertically. The left hand column shown the bmrc#upload2 endpoint and the files visible there. The right hand side shows the user's own endpoint (normally the user's own computer) and the files visible there. The image highlights that one can select files or folders in one location for transfer to the other location. Above each location and start button is shown to start the transfer. In the centre of the screen, a "Transfer and Timer Options" button allows one to configure additional options
  5. After selecting your collection, you will return to the file manager window, with the BMRC endpoint showing on the left and your own endpoint showing on the right. To transfer files in either direction:
    1. Navigate to find the files the need to transfer (either in the BMRC endpoint or your own endpoint).
    2. Click the checkbox next to your files or folders to select them for transfer.
    3. Click the Transfer & Timer Options button to show advanced options and make sure to select Encrypt Transfer (NB if encryption is not enabled, the transfer will fail).
    4. Finally click the Start button on the appropriate side of the window to begin the transfer.
      The image shows configurable options for a Globus data transfer within a webpage. The image highlights the need to select the option to encrypt transfers. It is also possible to schedule a transfer to start at a particular time and also to schedule repeating transfers.
  6. Once your transfer has started, you can monitor it from the Activity page (see the menu on the left side of the screen).
  7. Once the transfer is in progress, you can logout from the Globus website and the transfer will continue in the background. Please log back in later to confirm that your transfer has completed successfully.
  8. In the event that your endpoint activation expires before the transfer has completed, you can simply re-activate the endpoint and the transfer should then automatically resume.

On this page