Setting up your SSH keys#
You will use SSH keys to access the summer school’s cloud computing resources (P-Cluster and OSS).
What are SSH Keys?#
(adapted from https://www.atlassian.com/git/tutorials/git-ssh)
SSH keys are like digital ID cards that help you prove who you are when connecting to a remote computer securely—without needing to type a password. They provide access credentials for the SSH (secure shell) network protocol. SSH is an authenticated and encrypted secure network protocol used for remote communication between machines on an unsecured open network. SSH is used for remote file transfer, network management, and remote operating system access.
SSH uses a pair of keys to initiate a secure handshake between remote parties. The key pair contains a public and private key. The private vs public nomenclature can be confusing as they are both called keys. It is more helpful to think of the public key as a “lock” and the private key as the “key”. You give the public key ‘lock’ to remote systems to encrypt or ‘lock’ data. You can then access the remote system using your ‘private’ key, which you hold in a secure place.
Attention
Upon completion you:
Generating SSH keys#
To generate ssh keys, use a tool like ssh-keygen.
Note: ssh-keygen is normally installed on macOS, Linux, and Windows machines.
Use the following commands:
ssh-keygen -q -N "" -t rsa -b 4096 -f PATH_AND_FILENAME_OF_NEW_KEY
The -q and -N "" arguments means stay quiet and do not use a passphrase (optional).
Replace PATH_AND_FILENAME_OF_NEW_KEY to something like the following:
.. generating on Linux or MacOS systems#
On linux or MacOS systems it is customary to put the keys in your ~/.ssh/ directory.
ssh-keygen -q -N "" -t rsa -b 4096 -f ~/.ssh/id_rsa_key_LASTNAME
Where LASTNAME is your last name.
.. generating on Windows systems#
On Windows machines I suggest that you put the keys in your user profile directory (home directory)
ssh-keygen -q -N "" -t rsa -b 4096 -f C:\Users\username\id_rsa_key_LASTNAME
Where username is your Windows home directory
What did ssh-keygen do?#
ssh-keygen creates a pair of public and private keys at the location you specified. The public key has the extension .pub and the private key has the same filename with no extension. So your PUBLIC KEY will be something like id_rsa_key_LASTNAME.pub and your PRIVATE KEY will be something like id_rsa_key_LASTNAME. These files will be together in your key directory (e.g., ~/.ssh).
What next?#
Now that you have your public/private keys, you must send your public SSH key to eccosummerschool@gmail.com so your public key can be registered. Do not send your private key.
Attention
It will take a few days for the system admins to register your key. Once your key has been registered, we will email you a username. Once you have the username, you’ll be able to connect to the P-Cluster using your username and private key like this:
Testing your keys#
Once you have a username, you should be able to connect to the P-Cluster (34.210.1.198) using ssh with the following command
ssh -i /path/to/privatekey -X USERNAME@34.210.1.198
Attention
The -X option in the ssh -X command enables X11 forwarding, allowing you to run graphical applications on a remote machine and display them locally on your computer.
If you used a passphrase to create your keys then you may be prompted to enter it:
Enter passphrase for key '/Users/USERNAME/.ssh/id_rsa':
Once you successfully log in to the P-Cluster, you will be in your home directory, /home/USERNAME/.
The home directory is intended for storing analysis code, scripts, configurations, and user-specific settings, while the /efs_ecco/USERNAME/ directory is better suited for conducting model runs.