To effectively use the cluster resources, you will need to ensure that all the compute nodes have the ability to authenticate you, without you ever needing to send your password over the network. This is achieved by setting up an ssh key pair, generated using the RSA algorithm. Running HPC jobs on SCU resources requires passwordless key-based authentication. In this article we explain how to configure key-based authentication as well as setup your SSH client for proxying and avoiding Fail2Ban.
| Info |
|---|
Setting up your ssh keys only needs to be done once. |
...
Connect to Gateway Server
Connect Once you have a new SCU account, connect to one of our gateway nodes using the username and password provided to you by the SCU. In In this example, we are using pascal:
| Code Block | ||
|---|---|---|
| ||
ssh <your-scu-username>@pascal.med.cornell.edu |
Create your Key pairPair
First, check to see if you don't already have ssh keys set up:
| Code Block | ||
|---|---|---|
| ||
ls -ltr ~/.ssh |
If the output shows the files id_rsa and id_rsa.pub,you already have keys in place. Skip Skip the following command and continue to authorizing your key.
If the output did does not show those files, then generate them with the following command:
| Code Block | ||
|---|---|---|
| ||
ssh-keygen -t rsa -b 4096 |
Follow the instructions on screen. Accept the default location. This will create two new files: id_rsa and id_rsa.pub, which are your private and public keys, respectively.
...
| Warning |
|---|
While your public key in id_rsa.pub can be shared freely, your private key in id_rsa must be kept secret. If another person gains access to this file, they will be able to impersonate you thereby accessing all of your files. |
Authorizing your key
SCU has a shared home directory which will allow key-based authentication across all HPC nodes. For this to work add the public key you generated to your authorized_keys file.
...