ssh_certificates
**This is an old revision of the document!**
SSH Certificate Access
SSH Certificates can be used to log into Pinnacle without using password authentication. A set of two files has to be present on the SSH client computer:
- SSH private key (key-ed25519)
- SSH public certificate (key-ed25519-cert.pub)
Both files are generated on the Pinnacle cluster.
Downloading the SSH Certificate file pair
To download the SSH certificate file pair:
- Log into https://arp-ood.hpc.uark.edu
- In the main menu at the top select: Files→SSH Certificate Update
- Select check boxes next to both of the listed filesand at the top click the Download button.
- On Linux and MacOS machines make sure the file permissions for the SSH private key (key-ed25519) are read only for the owner (400):
pawel@dia:~/Downloads$ chmod 400 key-ed25519 pawel@dia:~/Downloads$ ls -l key-ed25519 -r-------- 1 pawel pawel 399 May 19 05:34 key-ed25519 pawel@dia:~/Downloads$
Certificate Validity Period
The SSH private key (key-ed25519), once generated and downloaded to the SSH client machine does not change. However, the SSH public certificate is valid for 12 hours. After that period it has to be regenerated and downloaded again to the SSH client machine (as described in the previous section).
ssh_certificates.1692651663.txt.gz · Last modified: 2023/08/21 21:01 by pwolinsk
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
