Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

What are SSH Keys?

SSH keys provide a secure way to authenticate yourself to an SSH server using public-key cryptography and challenge-response authentication. Unlike passwords, SSH keys help prevent brute-force attacks and do not expose valid credentials if the server is compromised. They are the preferred method for accessing the cluster because they enhance security and streamline actions that require authentication, such as logging in or transferring files.

SSH keys always come in a pair

  • a “private key” that exists on your local computer

  • a “public key” that can be transferred on to the cluster or any other system that uses keys

To learn more visit: https://wiki.archlinux.org/title/SSH_keys

Set up SSH Keys for Linux, MacOS and Windows Subsystem for Linux (WSL)

  1. To generate a key, on your local command line enter the following

    ssh-keygen -t rsa -b 4096

  2. ssh-keygen will then prompt you to protect your private key with a passphrase. You may create one or leave it blank.

  3. Add the public key to the cluster (adjust path to id_rsa.pub if needed and enter your netid)

    ssh-copy-id -i ~/.ssh/id_rsa.pub yournetidhere@hpc2.storrs.hpc.uconn.edu

If the ssh-copy-id command fails. We have to manually copy the key onto the cluster:

  1. On a local terminal, open the id_rsa.pub file with a text editor (nano, vim, cat).

  2. Copy the content

  3. On the cluster, locate your .ssh directory in your home and create a new file called “authorized_keys”

  4. Paste the contents of id_rsa.pub into the “authorized_keys”

✅ You should now be able to access the cluster without password or duo prompts!

Adding SSH Key to Filezilla

image-20240829-193114.png

“Edit” > “Settings” > “SFTP” > “Add key file…” and locate your id_rsa.pub public key.

For more details on file transfer and Filezilla: File Transfer - Storrs HPC - UConn Knowledge Base

Using Private Key for Passwordless Access on MobaXterm

Edit a saved User Session by right clicking and selecting “edit session” or create a new session.

image-20240910-154020.png

In “Session Settings” > Advanced SSH settings”, select “Use private key”. Then locate the private key on your local machine. For MobaXterm, it will be under your AppData\Roaming\MobaXterm\home\.ssh labeled “Private Key File”.

image-20240910-154651.png

Click “OK” to save and you should be able to log on the cluster with that session without password or DUO prompt!

Common Errors

If you encounter the following error, fear not!

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in /home/hostname /.ssh/known_hosts to get rid of this message.
Offending RSA key in 
RSA host key for pong has changed and you have requested strict checking.
Host key verification failed.

Simply remove hpc2 from your known hosts with the following command:

ssh-keygen -R hpc2.storrs.hpc.uconn.edu

You should now be able to log in again (big grin)

  • No labels