| Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
ssh_keys [2024/02/11 22:36]
root |
ssh_keys [2024/04/02 20:38] (current)
root |
| === SSH Keys ==== | === SSH Keys ==== |
| |
| SSH keys are a convenient way to perform passwordless authentication with the cluster's ssh interface. These are generated using ``ssh-keygen`` on your workstation (linux, Mac, or WSL). You can generate either with or without a local passphrase, which provides more security although it slows some single-command functions like ``scp``. SSH keys are distinct from time-limited [[X509_keys]],though either can be used for passwordless authentication. | SSH keys are a convenient way to perform passwordless authentication with the cluster's ssh interface. These are generated using ``ssh-keygen`` on your **linux-like workstation** (linux, Mac, or Windows WSL). You can generate either with or without a local passphrase, which provides more security, although it slows some single-command functions like ``scp``. SSH keys are older technology that have unlimited lifetime, and are distinct from time-limited [[X509_keys]],though either can be used for passwordless authentication. |
| |
| After you generate the key with ``ssh-keygen``, copy the new public key from your workstation ``~/.ssh/id_ecdsa.pub`` to your home directory on the cluster (not the ``~/.ssh`` directory on the cluster, where it might overwrite the cluster's keys). You will need a password for this as the key is not active yet. You can also use the file manager on the OOD portal to copy this small file. | After you generate the key with ``ssh-keygen`` **on your workstation**, copy the new public key ``~/.ssh/id_ecdsa.pub`` to your home directory on the cluster (not the corresponding ``~/.ssh`` directory on the cluster, where it might overwrite the cluster's keys). You will still need a password and working login for this file copy, or you can use the file manager on the OOD or Globus portals, as the key is not active yet. |
| | |
| | Then ``ssh`` to the cluster (using a password, or a saved session, or the terminal on the OOD portal), and append the transferred public key to ``~/.ssh/authorized_keys`` on the cluster using the editor or the concatenate operator >>. Don't use the replace operator >, which will overwrite any existing authorized keys, some of which are needed by the cluster. Your succeeding ``ssh/scp/sftp`` logins should be passwordless. |
| |
| Then ``ssh`` to the cluster (using a password or a saved session or the terminal on the OOD portal), append the transferred public key to ``~/.ssh/authorized_keys`` on the cluster using the editor or the concatenate operator >>. Don't use the replace operator > which will overwrite any existing authorized keys, some of which are needed by the cluster. | |
| Your succeeding logins should be passwordless. | |
| <code> | <code> |
| [rfeynman@workstation ~]$ ssh-keygen -t ecdsa | [rfeynman@workstation ~]$ ssh-keygen -t ecdsa |
