...
Example:
...
Albedo
Here is an example for my (Natalja's) desktop a user named "user" and a desktop named "desktop" connecting to NEC SX-ACE StanAlbedo. Please replace username and remote machine accordingly!
Generate a key on your local desktop or whatever machine you want to connect to stan0 albedo0 and stan1albedo1
Here, we stick to rsa to be on the safe side to generate a portable key. For more recent machines, ssh.com recommends ecdsa: ssh-keygen -t ecdsa -b 521rakowsky@binf02l006user@desktop:~$ ssh-keygen -t ed25519 -a 100 -f ~/.ssh/id_rsa_awihome-stan -t rsa -b 4096
ed25519_albedo
You are asked for a passphrase. A passphrase increases the security in case your account is hacked or your notebook gets lost, and it is a must for connections between systems at different locations, e.g., from AWI to HLRN or from home to AWI. Please use a strong passphrase to secure your key.
Two files are generatedthe private key ~/.ssh/id_rsaed25519_awihome-stan albedo remains on your local machine,
the public key ~/.ssh/id_rsaed25519_awihome-stanalbedo.pub is copied to the remote machine.
- Our recommendation is to have a pair of private+public keys for each local+remote connection. It helps to keep an overview and a good naming scheme helps to prevent the danger of overwriting an existing key.
- Make sure you are connected to the AWI network (via ethernet or VPN)
Copy the public key to StanAlbedo, here to stan1albedo1, this also makes the key available on stan0albedo0, as they share the home directory:
rakowsky@binf02l006user@desktop:~$ ssh-copy-id -i ~/.ssh/id_rsaed25519_awihome-stanalbedo.pub rakowsky@stan1<your_username>@albedo1.dmawi.de
For some destinations, to increase the security, the public key has to be uploaded in a web portal, and it is not placed in your remote home directory. . For Albedo the command above is all you need.
Log in to stan0 albedo0 or stan1 albedo1 with
rakowsky@binf02l006user@desktop:~$ ssh -i ~/.ssh/id_rsaed25519_awihome-stanalbedo -Y rakowsky@stan0<your_username>@albedo0.dmawi.de
Or, for convenience, add an entry to ~/.ssh/config on your local desktop. Generate this file, if not yet present.
rakowsky@binf02l006user@desktop:~$ cat ~/.ssh/config
Host stanalbedo0
Hostname Hostname stan.awialbedo0.dmawi.de
IdentityFile IdentityFile ~/.ssh/id_rsaed25519_awihome-stanalbedo
User rakowsky user <your_username>and log in with
rakowsky@binf02l006user@desktop:~$ ssh -Y stanalbedo0