| Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
ssh_keys [2024/02/11 22:51]
root |
ssh_keys [2024/04/02 20:38] (current)
root |
| === SSH Keys ==== | === SSH Keys ==== |
| |
| SSH keys are a convenient way to perform passwordless authentication with the cluster's ssh interface. These are generated using ``ssh-keygen`` on your workstation (linux, Mac, or WSL). You can generate either with or without a local passphrase, which provides more security, although it slows some single-command functions like ``scp``. SSH keys are older technology that have unlimited lifetime, and are distinct from time-limited [[X509_keys]],though either can be used for passwordless authentication. | SSH keys are a convenient way to perform passwordless authentication with the cluster's ssh interface. These are generated using ``ssh-keygen`` on your **linux-like workstation** (linux, Mac, or Windows WSL). You can generate either with or without a local passphrase, which provides more security, although it slows some single-command functions like ``scp``. SSH keys are older technology that have unlimited lifetime, and are distinct from time-limited [[X509_keys]],though either can be used for passwordless authentication. |
| |
| After you generate the key with ``ssh-keygen`` on your workstation, copy the new public key ``~/.ssh/id_ecdsa.pub`` to your home directory on the cluster (not the corresponding ``~/.ssh`` directory on the cluster, where it might overwrite the cluster's keys). You will still need a password for this file copy, or you can use the file manager on the OOD or Globus portals, as the key is not active yet. | After you generate the key with ``ssh-keygen`` **on your workstation**, copy the new public key ``~/.ssh/id_ecdsa.pub`` to your home directory on the cluster (not the corresponding ``~/.ssh`` directory on the cluster, where it might overwrite the cluster's keys). You will still need a password and working login for this file copy, or you can use the file manager on the OOD or Globus portals, as the key is not active yet. |
| |
| Then ``ssh`` to the cluster (using a password, or a saved session, or the terminal on the OOD portal), and append the transferred public key to ``~/.ssh/authorized_keys`` on the cluster using the editor or the concatenate operator >>. Don't use the replace operator >, which will overwrite any existing authorized keys, some of which are needed by the cluster. Your succeeding ssh logins should be passwordless. | Then ``ssh`` to the cluster (using a password, or a saved session, or the terminal on the OOD portal), and append the transferred public key to ``~/.ssh/authorized_keys`` on the cluster using the editor or the concatenate operator >>. Don't use the replace operator >, which will overwrite any existing authorized keys, some of which are needed by the cluster. Your succeeding ``ssh/scp/sftp`` logins should be passwordless. |
| |
| <code> | <code> |
