WildIris Authentication Changes

Owned by Lisa Stafford
Last updated: Jan 08, 2024
6 min read

UW ARCC is changing the way you authenticate on our devices and ssh authentication is now available using a public/private ssh key combination. This makes it possible to authenticate your login on WildIris without a password.

What this means for our users: This change standardizes the way all ARCC WildIris users log into the WildIris cluster, and once complete, should make the process easier.

  1. A public/private key pair has already been created on WildIris. To access your key, go to: https://wiodm01.arcc.uwyo.edu/

  2. Log into your account the way you have previously, by putting your WildIris username in the username textbox. In the password box, put in your WildIris password. Immediately following that (no spaces, commas or other characters) enter or paste in in your 2 factor code from your authentication application.

  3. Once logged into WildIris OnDemand, open a WildIris Shell by clicking on pinned Wildiris Shell Access app:

  4. This will open a virtual terminal window in WildIris.

  5. Type the following command to view the contents of your private key: cat .ssh/id_rsa. Note: This will show the entire contents of your private key. ~!!Do not share the contents of the key with others!!~

  6. Copy the contents of the key text beginning from the text -----BEGIN OPENSSH PRIVATE KEY----- through -----END OPENSSH PRIVATE KEY-----. If your browser prompts asking if it’s ok to access the clipboard, allow this.

  7. The following steps should be performed on the machine from which you typically SSH into WildIris. It will will also depend on your preferred SSH client from that machine.

    1. On a Mac from terminal, go to step 8.

    2. On any Windows PC, begin with step 9, then continue with 9d. for MobaXTerm configuration or 9e. for Putty configuration.

 

  1. On a Mac using terminal:

    1. Open up a terminal window, and navigate to your ssh folder with: cd ~/.ssh

    2. create a new ssh private key with vi wildiris_rsa.

    3. This will open the Vi file editor and create a new file named wildiris_rsa in which you can paste the private key that you copied from WildIris.

    4. Hit cmd+p to paste the contents of your private key into the new file.

    5. Once pasted, hit the esc key to exit out of file editing.

    6. Then type :wq! and hit your return key to write the contents and close out of the file editor.

    7. Lastly, update the permissions for your new file so it may only be read/written to by you with the command: chmod 600 wildiris_rsa

    8. Once this is completed, close out of your terminal window and open a new terminal window to test your ability to log in.

    9. Assuming mac terminal opens by default in your home folder (~) the command to log into WildIris using your private key would be: ssh <your_username>@wildiris.arcc.uwyo.edu -i .ssh/wildiris_rsa

    10. If it worked, you will be logged into WildIris automatically, and will not be prompted for a password, nor your first factor, and second factor authentication for login.

 

  1. On all PC setups. First, setup your private key:

    1. Launch notepad by clicking on the windows search in your start menu and typing in: notepad. The correct app will likely have this icon in Windows 10: or this icon in Windows 11:

    2. In a new empty document, paste the contents of your private key. Once pasted, go to the file menu and choose “save as”.

    3. Choose the location in which you’d like you’re private key saved. This should be within your profiles .ssh folder. Ex: C:\Users\cowboyjoe\.ssh. Type wildiris_rsa for the filename, and choose “All files” from the dropdown for save as type. Then click the 'Save' button. Correct configuration will look as follows:

    4. Configure access in MobaXTerm:

      1. Click on Sessions and choose “new session”. This will bring up a new session window.

      2. Choose SSH for session type.

      3. Under basic SSH settings, put in:

        1. Remote host *: wildiris.arcc.uwyo.edu

        2. Specify your Username: (check the box and use your default username if applicable, or type in your WildIris username as shown below):

           

      4. Under the “Advanced SSH settings” tab, check the box to ”Use private key” as indicated in the screenshot above, and click the file icon to browse your files and direct to the location in which your wildiris_rsa file was saved. When everything looks right, click OK.

      5. If you’ve configured everything correctly, the session will execute and you will be logged into WildIris in the new session without having to enter your WildIris Username/Password and 2 Factor code and the session should be listed in your quickconnect sessions.

    5. Configure access in PuTTY:

      1. Open your start menu and type in ‘puttygen’ to bring up the Putty Key Generator application. This will bring up a new window. Choose the option to load an existing private key file. In the file location textbox, type in C:\Users\<your username>\.ssh

      2. Then to populate all file types, change the file type drop down from putty private key files (*.ppk) to 'All Files':

      3. configure the wildiris_rsa key you created earlier by clicking Open.

        1. A confirmation displays after PuTTYgen successfully imports the private key. Click OK to dismiss the message.

        2. If you prefer to have a password associated with the use and login on your private key, Enter a unique key passphrase in the Key passphrase field, then enter the same passphrase again in the Confirm passphrase field. You will be prompted for this passphrase whenever you log into WildIris with this SSH key. If you don’t want a password, leave this blank and continue.

        3. Click Save private key, then make sure the name is wi_rsa to save it for use with PuTTY. (Note: It’s usually recommended to keep the default settings in the PuTTY key authentication configuration).

      4. Log into PuTTY using your SSH private key:

        1. Enter the name for the session if you don’t have one already, and click Save. (Note: While you may use any name you wish, this example names the connection based on the WildIris hostname/address).

        2. Click Connection > Data in the left navigation pane and set the Auto-Login username to your WildIris Username.

        3. Click Connection > SSH > Auth > Credentials in the left navigation pane and configure the SSH private key to use by clicking Browse under Private key file for authentication field.

        4. Navigate to the C:\Users\<you>\.ssh file location on your windows computer where you saved your SSH private key file. Select it and click Open. The file path for the SSH private key file should now display in the Private key file for authentication field.

        5. Click Session in the left navigation pane, then click Save in the Load, save, or delete a stored session section.

        6. Click Open to begin your session with the server. If you saved your SSH private key with a passphrase, you will now be prompted to enter that passphrase. An alert displays indicating that the server’s host is not cached. Click Yes, to continue the connection.