This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
ssh_certificates [2023/08/21 20:59] pwolinsk |
ssh_certificates [2023/09/18 12:21] (current) pwolinsk |
||
---|---|---|---|
Line 6: | Line 6: | ||
* SSH public certificate (key-ed25519-cert.pub) | * SSH public certificate (key-ed25519-cert.pub) | ||
- | Both files are generated on the Pinnacle cluster. | + | Both files are generated |
- | == Downloading the SSH Certificate file pair == | + | === Downloading the SSH Certificate file pair === |
To download the SSH certificate file pair: | To download the SSH certificate file pair: | ||
- | + | ||
- | - Logging | + | **1.** Log into **[[https:// |
{{: | {{: | ||
- | - In the main menu at the top select: **Files-> | + | **2.** |
{{: | {{: | ||
- | - Select check boxes next to both of the listed filesand at the top click the **Download** button. | + | **3.** |
- | - On Linux and MacOS machines make sure the file permissions for the SSH private key (key-ed25519) are read only for the owner (400): | + | |
+ | **4.** On Linux and MacOS machines make sure the file permissions for the SSH private key (key-ed25519) are read only for the owner (400): | ||
< | < | ||
pawel@dia: | pawel@dia: | ||
Line 28: | Line 28: | ||
-r-------- 1 pawel pawel 399 May 19 05:34 key-ed25519 | -r-------- 1 pawel pawel 399 May 19 05:34 key-ed25519 | ||
pawel@dia: | pawel@dia: | ||
- | < | + | </code> |
+ | |||
+ | |||
+ | === Logging into Pinnacle using SSH Certificates === | ||
+ | |||
+ | SSH client allows users to pass an //identity file// to the ssh server. | ||
+ | |||
+ | < | ||
+ | pawel@dia: | ||
+ | -r-------- 1 pawel pawel 399 May 19 05:34 key-ed25519 | ||
+ | -rw-rw-r-- 1 pawel pawel 1227 Aug 21 16:11 key-ed25519-cert.pub | ||
+ | pawel@dia: | ||
+ | |||
+ | Arkansas High Performance Computing Center | ||
+ | |||
+ | |||
+ | SSH access only using timed certificates. | ||
+ | Download your < | ||
+ | |||
+ | http:// | ||
+ | |||
+ | chmod 400 < | ||
+ | ssh -i < | ||
+ | |||
+ | |||
+ | Arkansas Research Platform | ||
+ | |||
+ | Last login: Mon Aug 21 15:08:50 2023 from 167.224.147.47 | ||
+ | ood-rocky: | ||
+ | </ | ||
+ | |||
+ | On Windows, SSH clients (including GUI) may have a different syntax for specifying an identity file. Please see documentation for your particular SSH client. | ||
+ | === Certificate Validity Period === | ||
+ | The SSH private key (key-ed25519), | ||
+ | **). | ||
- | == Certificate Validity Period == | + | {{ :ssh-login.mp4 |}} |
- | The SSH private key (key-ed25519), once generated and downloaded to the SSH client machine does not change. | + |