...
UW ARCC has changed the way you authenticate to HPC. HPC resources are now accessible using a public/private ssh key combination and certain HPC resources (including MedicineBow HPC) are only accessible through SSH with your SSH key and certificate. This makes it possible for you to authenticate on our HPCs without always needing to enter your password and approving two-factor authentication.
| Table of Contents |
|---|
| minLevel | 1 |
|---|
| maxLevel | 3 |
|---|
| outline | false |
|---|
| style | none |
|---|
| type | list |
|---|
| printable | true |
|---|
|
| Excerpt |
|---|
|
The diagram below shows a user with 3 SSH keys and 2 devices. Each key is associated with a person’s identity and is a key to access a HPC cluster resource. It can be thought of like a key on a user’s keychain. This key can be generated a number of ways, then configured on the server/HPC and any device owned by the user from which they will use SSH to access the resource. ARCC Key Management Application pre-configures the key on the server/HPC resource, so that all a user needs to do is get the key from the key management app, and then configure it on their end client(s). Any devices configured with a specific key will be able to access the resource as Taylor when logged into the device as Taylor. Users should not configure these keys on shared devices where other device users could access them.
 Image Modified |
...
| minLevel | 1 |
|---|
| maxLevel | 3 |
|---|
| outline | false |
|---|
| style | none |
|---|
| type | list |
|---|
| printable | true |
|---|
...
Generating and Managing SSH Keys with SSH Key Manager
| Excerpt |
|---|
| name | General Setup Instructions |
|---|
|
To set up access: First, log into the OnDemand resource for the HPC you want to set up SSH keys for. For MedicineBow, log in at https://medicinebow.arcc.uwyo.edu/. Step-by-step directions for logging into MedicineBow OnDemand are available here. For WildIris, log in at https://https://wiodm01.arcc.uwyo.edu/. Step-by-step directions for logging into WildIris OnDemand are available here. For Loren Password-Free SSH Authentication instructions are different from our other HPC resources, and may be found here.
Once you’re logged in, you should be presented with the HPC Dashboard. Click the following icon to set up SSH key authentication:  Each key is associated with your identity, therefore you do not need to create a new key for every client you use to ssh into the HPC. If you haven’t set up an SSH key previously, you should see an empty screen/list with the option to generate a new a key. Click that button if you need to set up a key.  Doing this will create a new set of files associated with your login to the HPC. If you’ve already created a key previously you don’t need another one. Skip this step and download a key you’ve already generated for your account as described in the next step. Click the download button associated with the key ID for your ssh key to download them to your client/computer. 
| Warning |
|---|
Please be careful with these files. Do not change their permissions, put them in an insecure digital location, or share them with others. They are your “virtual keys” to log in as yourself on the HPC. If provided to or shared with others, they will be able to log into that ARCC HPC resource as you |
|
...
| Expand |
|---|
| title | Windows Instructions |
|---|
|
| Insert excerpt |
|---|
| DOCUMENTAT:Windows: SSH Key Setup |
|---|
| DOCUMENTAT:Windows: SSH Key Setup |
|---|
| name | Windows Specific Instructions |
|---|
| nopanel | true |
|---|
|
|
...
| Expand |
|---|
|
| Insert excerpt |
|---|
| DOCUMENTAT:Mac: Setting up SSH KeysKey Setup |
|---|
| DOCUMENTAT:Mac: Setting up SSH KeysKey Setup |
|---|
| name | Configure SSH Keys on your Mac |
|---|
| nopanel | true |
|---|
|
|
...
| Expand |
|---|
|
a. Check to see if you have a .ssh directory already created on your system. If it shows up in the list, skip step b. b. If your .ssh directory does not exist in the list use ssh-keygen to create the folder and set permissions appropriately: | Code Block |
|---|
ssh-keygen -t rsa |
Use the default location to store the key by hitting Enter. A key pair will be generated. c. You will then be asked to create a passphrase. If you would like to create one, put that in now, and make note of it, since it will be required later. Otherwise, hit Enter to accept the default with no passphrase. d. Unzip the files associated with your login to your .ssh folder: | Code Block |
|---|
unzip <username>.zip -d ~/.ssh/ |
e. Test configuration. Open up a new terminal/command line window and log into <cluster>. If configured properly, you will be logged in automatically, and will not be prompted for a password (first factor), nor second factor authentication for login. | Insert excerpt |
|---|
| DOCUMENTAT:Linux: SSH Key Setup |
|---|
| DOCUMENTAT:Linux: SSH Key Setup |
|---|
| name | Configure SSH Keys on your Linux Box |
|---|
| nopanel | true |
|---|
|
|
Links to Directions for specified clients and OS configurations:
Prior directions for Cyberduck on MacOS - Replace references to WildIris with MedicineBow or Beartooth.
Prior directions for MobaXTerm on Windows
Windows Subsystem Linux (pending)