You can log onto the CLAIX systems using your login name and password (unix password), or the Secure Shell Protocol (SSH) by authenticating yourself via a private key file on your local machine. In the latter case, the corresponding public key file which the server uses to validate your identity has been saved on the HPC file system in the folder ".ssh" in your user directory up until now. This public key file is now moving to RegApp.

In order to use it for your HPC Account, you need to first upload the file to RegApp.

To learn more about SSH, you can check out Wikipedia or look up how-tos for other services, such as github.

Quick Instructions

For more detailed instructions, continue below.

Prerequisite: you have registered for the service RWTH High Performance Computing.

1. Generate an SSH Key Pair
2. Login to RegApp
3. Navigate to Index → My SSH pubkeys
4. Click Add SSH Key
5. Enter a name for this public key and paste the public key into the corresponding field
   ! Do not upload your private key here !
6. Click Add to finalize uploading this SSH key

Generating your SSH Key

Use your SSH key generation tool of choice such as ssh-keygen on your local Linux maschine:

$ ssh-keygen -a 100 -t ed25519 -f ~/.ssh/id_ed25519

or puttyGen on your local Windows maschine:

Make sure to generate a key of sufficient length to make it secure. We recomment key type Ed25519. To ensure your key cannot be abused, set an appropriately strong password for the private key file. Without such a password, your credentials are very vulnerable.

Strong passwords may be cumbersome to use in everyday cluster access. Help comes in the form of an ssh-agent.

Once you have generated the pair of files, save the private key file in the folder ".ssh" on your user directory ("~/.ssh" on Linux, "/c/users/[username]/.ssh" on Windows). You can save the public key file in the same location, or move it elsewhere.

Note: Access to a 2FA node requires password and second factor on first connection within a certain time frame. If you use an ssh config file (a file in your ".ssh" folder named "config"; for more info query your preferred search engine or start here), make sure that for this domain (e.g., *.hpc.itc.rwth-aachen.de) you are not using the public key as your preferred authentication method (i.e., do not set "PreferredAuthentications publickey" for this domain). Doing so will prevent the password request and thus login.

Uploading the public key

To upload your public key, hover your mouse over the menu point Index in the navigation ribbon on top. This will expand the menu. Click on My SSH Pubkeys. This will take you to the SSH key overview.

In the overview, your added keys are listed with their relevant information and the option to revoke each key. Note that you can only ever add a certain key once, even after revoking the key or letting it expire. You cannot reuse your keys and will need to generate a new key in these situation.

To add a new public key, use the button Add SSH Key. This brings up the dialogue to upload your public key.

Open your saved public key (the file ending in ".pub") and copy the key sequence, or copy it directly from the application used to generate it. Paste it into the text box "SSH Key". Do NOT upload your private key! Give your public key a name, e.g. to differentiate keys associated with different machines.

Important hint for Windows users: PuTTY uses a different public key format. In order to use the correct format do the following:

1. Open PuTTY Key Generator (PuTTYgen)
2. Load your private key
3. Enter the password of the key
4. Copy the text from “Public key for pasting into OpenSSH authorized_key file” panel & paste the key sequence to the RegApp text box in the browser:
   
   

You can now register this public key with the services available in RegApp.