TWiki> CrySP Web>LabOrganization (2025-04-09, RuizheWang) EditAttach

Lab Organization

This page is an attempt to codify the Unwritten Constitution of the CrySP Lab. It contains information that should be helpful to new members of the lab, and serves as a central hub for organization.

Table of contents:

CrySP wiki

In the odd event that you are not reading this document on the web already, the live version can be found at:

The wiki is used to manage most aspects of daily life as a CrySP member. Any member can have an account to edit any page, and in fact this is encouraged to help keep the wiki informative and up-to-date. HTML can be used on the wiki, but we have made an attempt to stick to TWiki syntax when possible. The WYSIWYG editor has a tendency to mangle page source code, and it is advisable to use "Raw edit" mode instead. This mode can be made the default by changing the preference on your userpage. Markup can be protected from WYSIWYG mangling by surrounding it in <sticky></sticky> tags.

Weekly meetings

CrySP meetings are held weekly, and attendance is generally considered mandatory if you do not have another conflict with the time slot (such as attending a conference). Two members of the lab present half-hour talks at each meeting on a rotating basis. New students are usually added to the end of the rotation so that they have a chance to experience many talks before giving their own.

Your Computer

All new students are given a computer for research purposes. Before you arrive, your supervisor should ask you what hardware/software option you want. See Graduate student workstation options for your options.

The computers in the lab are managed by the Computer Science Computing Facility (CSCF). By default, the machines grant full remote root access to CSCF staff, and the drives are not encrypted. All tech support requests should be submitted to CSCF through Alim (see student responsibilities for a list of student roles in the lab). In general, expect CSCF to be slow to respond to requests (if they respond at all) that are submitted via email. For urgent situations, you should physically go to the CSCF offices in the building to ask for assistance.

Unlike other institutions and departments, you are permitted to change your computer. For example, it is completely fine (and common) to wipe the SSD as soon as you arrive and install your own OS. However, if you modify the core system, you will not receive CSCF support for that system. Only reinstall the OS if you are confident enough to manage your own computer.

Firewalls

All machines in the lab are behind a firewall that blocks most incoming ports. There are exceptions for ports 22, 80, 443, and 8080. If you would like to have additional ports unblocked for your workstation, ask the Quartermaster (Alim) to submit a CSCF request.

Even though we are behind a firewall, you should install and enable a host-based firewall on your machine, since misconfigurations can and do happen. You probably already have a favorite, but if you don't, then we suggest ufw for Linux machines. On Ubuntu or Debian, simply sudo apt-get install ufw and then sudo ufw enable. See the manual for instructions for adding rules (e.g., sudo ufw limit in from any to any port 22 proto tcp). The built-in firewall for Windows machines is enabled by default and should be sufficient.

Additionally, you should be aware that SSH servers running on lab computers are routinely attacked by random zombie machines (expect tens or hundreds of brute force attempts per day). You should secure your SSH server . At the very least, you should disable password authentication and use only certificate-based authentication. If you don't need SSH, disable it completely (but note that this will prevent you from receiving CSCF support).

Lab door policy

All members of CrySP, including those with separate offices, should have keyfob access to the doors into the lab, as well as to DC 3335. The "door policy" determines when the door should be left open or closed.

We've established the following door policy (which is always open to discussion):

  • The side door to the hallway and the door to DC 3335 can be used any time, but should not be propped open.
  • The external atrium door can be used any time, but should only be propped open for the duration of office hours held in 3333A (the office hours room).
  • The internal doors to the lab foyer, from 3333A and 3333J, can be left open or closed when the external door is closed. If that door is open (i.e., during office hours), then the door to 3333J should be closed.
  • The back door to 3301 (the DSG lab) should not be used, except in the case of emergency, and should left closed at all times.

(If you're confused about which room is which, you can see the floor plan from plantops)

Booking lab resources

Hot desks and meeting rooms in the CrySP lab can be reserved through a web interface at https://booking.crysp.org/. Currently, this system does not integrate with ADFS, so you will need an account to use it. Having an online service allows you to check which resources are available and book free ones from home. There is also a laptop computer on the table near the door, which is logged into this system using a "guest" account. You can use this computer to quickly view and create reservations if you are physically in the lab.

The CrySP Lounge can be reserved for meetings. CrySP members are also encouraged to use the room informally (e.g., as a social space) during non-meeting times, but priority should be given for scheduled bookings.

Please contact Vecna if:

  • You need to set up your account
  • You need to schedule a resource on a recurring basis (as this cannot currently be done by non-administrators)
  • There is an issue with the "guest" laptop in the lab
  • You have any issues with the system or feedback about the software or its configuration (which can be changed if needed)

Printing

There is a list of all printers in the building available at: http://print.cs.uwaterloo.ca:631/printers/ The following printers are considered the most convenient for people that sit in the lab.

Location Model Connection string Notes
DC 2583 (grad mailroom) HP LaserJet M610DN
HP LaserJet M610DN 		socket://m610-grad1.cs.uwaterloo.ca:9100
socket://m610-grad2.cs.uwaterloo.ca:9100 		Technically the only printers grad students are allowed to use, but they're a bit of a walk from the lab. You need to install the HP LaserJet M610 M611 M612 Postscript PPD file to use as the driver. In Ubuntu and Debian, you can get this driver by installing the printer-driver-postscript-hp package. On Fedora, install the hplip package. Alternatively, you can print files from a USB-A drive without setting up network printing.
DC3116 Xerox WorkCentre 5335
HP LaserJet P4015x 		socket://xrxpr006.cs.uwaterloo.ca:9100
socket://lp7-cs.cs.uwaterloo.ca:9100 		In a utility room along the corridor to MC (i.e., turn left, walk straight, the door is on your left). Generally open already from 9-5 M-F. Xerox PPD driver file for Linux. The HP printer is used more often, so we recommend using the Xerox to avoid the congestion.

Matrix chat

We have a student-run chat server for the lab. Many of us idle here, and we encourage all CrySP students to join. The sysadmin for the chat server is currently Vecna. Do not write down the Matrix registration token anywhere anyone but you can see it. Matrix only needs it once during initial setup. If you need it and don't have it, ask Vecna for it.

Some points to know about Matrix, and our setup:

  • There used to be an IRC server too. It no longer exists.
  • The main room is configured to not share previous messages with new users, but the default for new rooms is to share old messages. Check this before assuming one or the other.
  • Rooms should have encryption enabled. Please enable it when creating a new room unless you have a specific reason not to.
  • Matrix does not encrypt reactions, even in encrypted rooms. While reactions are a common way to informally poll something, actual Matrix polls do encrypt responses, so are probably a better fit for that purpose.
  • Matrix federation is completely disabled. Any functionality that relies on additional servers will not work.

Show Matrix configuration instructions Hide

To join our Matrix server, you'll need a Matrix client. Because our server has disabled federation, you cannot use an existing Matrix account to join, and you cannot use your CrySP Matrix account to connect to other Matrix servers. If you want to use Matrix both for CrySP and for non-CrySP purposes, you'll either need to use multiple clients, or find a client that has a way to manage multiple accounts. You can look through clients by features and supported platforms using Matrix's official Clients list. Our suggestions are:

  • Element is the most popular client, which runs as browser, desktop (electron), Android, or iOS app. The main disadvantage is it only supports one account (on Browsers or Desktop, you can work around this using profiles).
  • FluffyChat is a more niche client (~the same platforms as Element) that supports multiple accounts.
  • WeeChat is an extensible chat client, with a couple Matrix plugins (a more complete but end-of-life client and a less complete but actively developed client). WeeChat is probably your best bet if you want a client in the terminal, or a single client for multiple types of accounts (e.g., Matrix, IRC, Slack, etc.). There are several front ends for WeeChat if you want to use it somewhere other than a terminal.
  • Unlike Element, the Element X beta client is not supported, as our server does not deploy sliding sync. More generally, our server is on the release channel of Synapse, and will not deploy experimental features, so experimental/bleeding edge clients are likely to run into issues.

Once you've picked a client, you'll need to register an account. These instructions will assume you're using the Element web app, but should be relatively similar for any client.

  • Select "Create Account"
  • Where it says "matrix.org", edit it to instead be "irc.crysp.org" (if this doesn't work, try "irc.crysp.org:49059" or "https://irc.crysp.org:49059", though this port is only accessible from campus connections)
  • Pick a username (it does not need to be your name) and a strong password (you do not need to set an email address, since we do not federate the only use is password resets -- if you do set one, it must be a UW email address)
  • On the next form, hit "Start authentication", and enter the registration token (ask another CrySPer if you don't know it)

From there, you can configure the client as you see fit. You'll automatically join the primary chat room. Please introduce yourself! smile You can find additional rooms by adding a room and selecting "Explore public rooms".

CrySP library

There is a small bookshelf in DC 3335 that has a variety of crypto-related books you may find useful.

Responsibilities

Various responsibilities for lab upkeep are delegated to CrySP students. Positions are assigned on a volunteer basis, but students should avoid holding more than one or two titles at a time. Descriptions of each position and their duties should be placed on an associated TWiki page.

The current holder and title of a position is set in a variable on CrySP.WebPreferences, so that changes can be made from a central location. The student assigned to a role may freely change the title of that role with absolutely no effect on the associated responsibilities.

Title Responsibilities Assigned person
Scheduler of the Meeting Picking group meeting time Rasoul
Assistant Vice Speaker Rotator Managing the speaker rotation Vecna
Typey Lad Updating the speaker archives with notes from weekly talks Hossam
Spider-Man Updating the CrySP website Parjanya
Quartermaster Assigning cubicles, fobs, CSCF interactions, and coordinating repairs & facilities Alim
Ancient of Knowledge Managing the library and poster displays Shreya, Alice, Mashal
CPI Mailing List Maintainer See Information for CACR Representatives. (Duties are currently in flux while CPI operating procedure is established.) Nils
Transadmin Maintaining the Matrix/Mastodon server running in the lab Vecna
TWikir General wiki maintenance that doesn't fit other categories Vecna
Area Deputy Interfacing with faculty hiring committee Bailey
Probationary Host Set up the CrySP meeting in the lounge and host the meeting until the real host is back. Ruizhe
Town Crier Posting content to lab social media accounts Sina

Changing seats

If you have a seating preference that is not currently being fulfilled, speak to the Quartermaster (currently Alim) and it may be possible to change desks (or get on the waiting list for a departing student's spot). For more information, see the lab space allocation page.

Edit | Attach | Watch | Print version | History: r63 < r62 < r61 < r60 < r59 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r63 - 2025-04-09 - RuizheWang
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2025 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback