Swati Goel @Swagoel
 Sign up for a wikitech account at https://www.mediawiki.org/wiki/Developer_access per https://wikitech.wikimedia.org/wiki/Production_shell_access . Let us know the username.
 Read this https://wikitech.wikimedia.org/wiki/Requesting_shell_access
 And then sign this: https://phabricator.wikimedia.org/L3
 Generate a dedicated SSH key pair (Note to all: this should be a dedicated key generated for this specific access. Please do not share it between this and your other personal/academic projects.) - how to here: https://wikitech.wikimedia.org/wiki/Production_shell_access#Generating_your_SSH_key
 Post the link to your key in this task and also specify your preferred login name.
This checklist should be used on all access requests to ensure that all steps are covered. This includes expansion to access. Please do not check off items on the list below unless you are in Ops and have confirmed the step.
- - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
- - User has a valid NDA on file with WMF legal. (This can be checked by Operations via the NDA tracking sheet & is included in all WMF Staff/Contractor hiring.)
- - User has provided the following: wikitech username, preferred shell username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform.
- - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not share with any other service (this includes not sharing with WMCS access, no shared keys.)
- - access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for wmf staff)
- - non-sudo requests: 3 business day wait must pass with no objections being noted on the task. (though Production_access#Filing_the_request claims this applies only to non-staff)
- - sudo requests: All sudo requests must be approved by the user manager. If the sudo permissions also give access to restricted data then the data owner must also approve the request
- - Patchset for access request
- - add to 'nda' group with modify-ldap-group on mwmaint1002