Skip to content

IT4I Account

Important

If you are affiliated with an academic institution from the Czech Republic (eduID.cz), create an e-INFRA CZ account, instead.

If you are not eligible for an e-INFRA CZ account, contact the IT4I support (email: support[at]it4i.cz) and provide the following information:

  1. Full name, country/countries of citizenship, academic affiliation, and country of affiliation
  2. Statement that you have read and accepted the Acceptable use policy document (AUP)
  3. Attach the AUP file
  4. Your preferred username (length is limited between 4 and 7 letters)
    The preferred username must associate with your first and last name or be otherwise derived from it. Note that the system will automatically add the it4i- prefix to your username.
  5. Public part of your SSH key
    If you don't provide it in the ticket, you must add it manually after your account is created.
  6. All information above should be provided by email that is digitally signed by a CA authority. Read more on digital signatures below. If you do not have such a digital signature, you can choose an Alternative way to personal certificate; a scan of photo ID (personal ID or passport or driver license) is required.

Example (except the subject line, which must be in English, you may use Czech or Slovak language for communication with us):

Subject: Access to IT4Innovations

Dear support,

Please open the user account for me and attach the account to OPEN-0-0
Personal information: John Smith, USA, Department of Chemistry, MIT, MA, US
I have read and accept the Acceptable use policy document (attached)

Preferred username: johnsm

Thank you,
John Smith
(Digitally signed)

You will receive your personal login credentials in an encrypted email. The login credentials include:

  1. username
  2. system password

The clusters are accessed by the private key and username. Username and password are used for login to the information systems.

Certificates for Digital Signatures

We accept personal certificates issued by any widely respected certification authority (CA). This includes certificates by CAs organized in International Grid Trust Federation, its European branch EUGridPMA and its member organizations, e.g. the CESNET certification authority. The Czech "Qualified certificate" (Kvalifikovan√Ĺ certifik√°t) provided by PostSignum or I.CA, which is used in electronic contact with Czech authorities, is accepted as well. In general, we accept certificates issued by any trusted CA that ensures unambiguous identification of the user.

Certificate generation process for academic purposes, utilizing the CESNET certification authority, is well described here:

Note

The certificate file can be installed into your email client. Web-based email interfaces cannot be used for secure communication, external application, such as Thunderbird or Outlook must be used. This way, your new credentials will be visible only in applications that have access to your certificate.

If you are not able to obtain the certificate from any of the respected certification authorities, follow the Alternative Way below.

FAQ about certificates can be found here: Certificates FAQ.

Alternative Way to Personal Certificate

Important

Choose this alternative only if you cannot obtain your certificate in a standard way. Note that in this case you must attach a scan of your photo ID (personal ID, passport, or driver's license) when applying for login credentials.

An alternative to personal certificate is an S/MIME certificate allowing secure email communication, e.g. providing sensitive information such as ID scan or user login/password.

The following example is for Actalis free S/MIME certificate, but you can choose your preferred CA.

  • Go to the Actalis Free Email Certificate request form.
  • Follow the instructions: fill out the form, accept the terms and conditions, and submit the request.
  • You will receive an email with the certificate.
  • Import the certificate to one of the supported email clients.

Note

Web-based email interfaces cannot be used for secure communication; external application, such as Thunderbird or Outlook must be used. This way, your new credentials will be visible only in applications that have access to your certificate.

Comments