SSH keys are a convenient way to perform passwordless authentication with the cluster's ssh interface. These are generated using ssh-keygen
on your workstation (linux, Mac, or WSL). You can generate either with or without a local passphrase, which provides more security although it slows some single-command functions like scp
. SSH keys are distinct from time-limited X509_keys,though either can be used for passwordless authentication.
After you generate the key with ssh-keygen
, copy the new public key from your workstation ~/.ssh/id_ecdsa.pub
to your home directory on the cluster (not the ~/.ssh
directory on the cluster, where it might overwrite the cluster's keys). You will need a password for this as the key is not active yet. You can also use the file manager on the OOD portal to copy this small file.
Then ssh
to the cluster (using a password or a saved session or the terminal on the OOD portal), append the transferred public key to ~/.ssh/authorized_keys
on the cluster using the editor or the concatenate operator ». Don't use the replace operator > which will overwrite any existing authorized keys, some of which are needed by the cluster.
Your succeeding logins should be passwordless.
[rfeynman@workstation ~]$ ssh-keygen -t ecdsa Generating public/private ecdsa key pair. Enter file in which to save the key (/home/rfeynman/.ssh/id_ecdsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/rfeynman/.ssh/id_ecdsa Your public key has been saved in /home/rfeynman/.ssh/id_ecdsa.pub The key fingerprint is: SHA256:G0nsMz3AVVX22LkwT6JJM723pMWfpCD/Gu/mluZmUA0 rfeynman@workstation The key's randomart image is: +---[ECDSA 256]---+ | ooooo. | | . oE+ .. | | + = Oo | | . = @.=. | | + o.S + | | o.* X o | | +.+.o | | +B | | .@* | +----[SHA256]-----+ [rfeynman@workstation ~]$ ls -al .ssh/id_ecdsa* -rw------- 1 rfeynman rfeynman 505 Feb 11 14:53 id_ecdsa -rw-r--r-- 1 rfeynman rfeynman 177 Feb 11 14:53 id_ecdsa.pub [rfeynman@workstation ~]$ scp .ssh/id_ecdsa.pub rfeynman@hpc-portal2.hpc.uark.edu:/home/rfeynman/ rfeynman@hpc-portal2's password: hpc-portal2:rfeynman:$ exit [rfeynman@workstation ~]$ ssh rfeynman@hpc-portal2.hpc.uark.edu rfeynman@hpc-portal2's password: Last login: Sun Feb 11 14:55:05 2024 from 165.224.131.232 hpc-portal2:rfeynman:$ cat id_ecdsa.pub >> .ssh/authorized_keys hpc-portal2:rfeynman:$ exit [rfeynman@workstation ~]$ ssh rfeynman@hpc-portal2.hpc.uark.edu Last login: Sun Feb 11 14:56:11 2024 from 165.224.131.232 hpc-portal2:rfeynman:$