The Research Team: Share a Device Without Sharing Credentials
Multiple researchers, one GPU workstation — collaborative access with individual accountability and no shared passwords circulating over email.
The Scenario
One GPU Workstation. Three PhD Students. One Shared Password.
A university research group has one high-end GPU workstation for model training. Three PhD students need access. The current solution is a shared SSH password distributed over email — meaning any one of them can accidentally overwrite another's running job, and there is no way to tell who made which change when something goes wrong. When a student graduates or leaves the group, the shared password must be changed and redistributed. When two students try to run training jobs simultaneously, resource conflicts occur with no coordination mechanism in place.
The Challenges
Shared Hardware Should Not Mean Shared Accountability Gaps
Shared Credentials Create Accountability Blind Spots
A single shared SSH password means there is no way to determine who restarted a service, who terminated a running training job, or who modified a configuration file when something breaks.
Offboarding Is a Manual, Insecure Process
When a student graduates or leaves the project, the shared password must be changed and re-distributed to every remaining team member — a process that is easy to forget and creates a recurring security gap.
How awaBerry Anywhere Helps
Per-User Access. Instant Revocation. Full Auditability.
awaBerry Anywhere's device sharing model gives each student their own authenticated access session — no shared passwords, no credential distribution over email. The device owner shares the workstation with each student's individual awaBerry account. Access can be granted and revoked instantly per person, providing both convenience and accountability.
Step 1 — Install on the Workstation
awaBerry is deployed on the GPU workstation by the lab manager or device owner. One-time setup for the entire team's access lifecycle.
Step 2 — Per-User Access Sharing
Each PhD student's awaBerry account is granted access individually. Access is revoked immediately when a student leaves the project — no password rotation, no re-distribution.
Step 3 — SSH for Job Submission
Students submit training jobs via SSH using their own individual sessions, with separate shell histories and complete audit trails — no shared password, no credential exposure.
Step 4 — Web-to-Local for Jupyter
A Web-to-Local tunnel to the local Jupyter server (port 8888) lets each student open their own notebooks in the browser without exposing Jupyter to the public internet.
Step 5 — Parallel Workflows Without Interference
One student monitors GPU utilization via a Web-to-Local tunnel to the local monitoring dashboard while another runs a training job via SSH — independently, without interfering with each other.
Summary
The Lab Manager Stays in Control. The Team Stays Agile.
Shared research hardware should not mean shared credentials and shared accountability gaps. awaBerry Anywhere gives each team member their own secure, auditable access path — and gives the lab manager the ability to add or remove access in seconds, keeping the team agile and the workstation secure.
