-
Notifications
You must be signed in to change notification settings - Fork 0
SSH Access Using a Keypair
Key-based SSH authentication provides a convenient and secure way of starting an SSH session on a login node without using a password. This page takes you through the steps to create a new keypair and use it to connect to login1, the primary login node for the Penobscot Cluster.
On your own computer, open a Terminal or Command Prompt window and type
ssh-keygen -t ed25519 -a 100
(Note: the ssh-keygen command should be present on Linux, Mac and recent Windows systems. If you don't have the command, you can generate a keypair with a different tool. Contact us through the ARCSIM Services Request Form for help.)
Press enter to accept the default name/location for the new private key. (If you're warned about overwriting an existing file, don't do it, you might lose access to a different system. You may be able to use your existing keys, contact ARCSIM Services Request Form for assistance.)
You'll be prompted for a passphrase, which you'll need to enter twice. The passphrase provides an added layer of security in case your computer is compromised.
The keypair consists of a private key, which never leaves your computer, and a public key, which other computers can use to encrypt data so that it can only be read with your private key. You'll need to copy your public key to your HPC account. To see your public key, type
type .ssh\id_ed25519.pub (Windows)
cat .ssh/id_ed25519.pub (Linux or MacOS)
The Open OnDemand system provides an easy way to get into your HPC account. Connect to https://login1.acg.maine.edu/ with a browser and log in using your UMS Single Sign-On credentials.
In the Open OnDemand web portal, choose Files | Home Directory. Scroll down to the folder named ".ssh" and click into it. (If you don't see the folder, you may need to check the "Show Dotfiles" option at the top of the list.) Find the file named "authorized_keys", and select Edit from the ... menu button in that row.
In the web text editor for "authorized_keys", copy the line from the end of Step 1 (it starts with "ssh-ed25519") as a new line at the end of the file and press the Save button. You can close the browser tab.
Now when you SSH to login1 using your computer's built-in SSH client, your public key will identify you. Return to the Terminal or Command Prompt on your computer and type
ssh <your.name>@login1.acg.maine.edu
You'll be prompted for your passphrase, then you'll have a shell on login1.
For more information visit the Advanced Research Computing, Security & Information Management web site.