This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
ssh_certificates [2023/08/21 20:19] pwolinsk created |
ssh_certificates [2023/09/18 12:21] (current) pwolinsk |
||
---|---|---|---|
Line 6: | Line 6: | ||
* SSH public certificate (key-ed25519-cert.pub) | * SSH public certificate (key-ed25519-cert.pub) | ||
- | Both files are generated on the Pinnacle cluster. | + | Both files are generated |
- | == Downloading the SSH Certificate file pair == | + | === Downloading the SSH Certificate file pair === |
- | The pair of needed files can be downloaded by logging into | + | To download the SSH certificate file pair: |
- | https:// | + | **1.** Log into **[[https:// |
- | In the main menu: File-> | + | {{:ssh-cert.png? |
- | == Certificate Validity Period == | + | **2.** In the main menu at the top select: **Files-> |
- | The SSH private key (key-ed25519), | + | |
+ | {{: | ||
+ | |||
+ | **3.** Select check boxes next to both of the listed filesand at the top click the **Download** button. | ||
+ | |||
+ | **4.** On Linux and MacOS machines make sure the file permissions for the SSH private key (key-ed25519) are read only for the owner (400): | ||
+ | < | ||
+ | pawel@dia: | ||
+ | pawel@dia: | ||
+ | -r-------- 1 pawel pawel 399 May 19 05:34 key-ed25519 | ||
+ | pawel@dia: | ||
+ | </ | ||
+ | |||
+ | |||
+ | === Logging into Pinnacle using SSH Certificates === | ||
+ | |||
+ | SSH client allows users to pass an //identity file// to the ssh server. | ||
+ | |||
+ | < | ||
+ | pawel@dia: | ||
+ | -r-------- 1 pawel pawel 399 May 19 05:34 key-ed25519 | ||
+ | -rw-rw-r-- 1 pawel pawel 1227 Aug 21 16:11 key-ed25519-cert.pub | ||
+ | pawel@dia: | ||
+ | |||
+ | Arkansas High Performance Computing Center | ||
+ | |||
+ | |||
+ | SSH access only using timed certificates. | ||
+ | Download your < | ||
+ | |||
+ | http:// | ||
+ | |||
+ | chmod 400 < | ||
+ | ssh -i < | ||
+ | |||
+ | |||
+ | Arkansas Research Platform | ||
+ | |||
+ | Last login: Mon Aug 21 15:08:50 2023 from 167.224.147.47 | ||
+ | ood-rocky: | ||
+ | </ | ||
+ | |||
+ | On Windows, SSH clients (including GUI) may have a different syntax for specifying an identity file. Please see documentation for your particular SSH client. | ||
+ | |||
+ | |||
+ | === Certificate Validity Period | ||
+ | The SSH private key (key-ed25519), | ||
+ | **). | ||
+ | |||
+ | {{ : |