You are located in service: RWTH High Performance Computing (Linux)

Uploading an SSH Key

Uploading an SSH Key

You can log onto the CLAIX systems using your login name and password (unix password), or the Secure Shell Protocol (SSH) by authenticating yourself via a private key file on your local machine. In the latter case, the corresponding public key file which the server uses to validate your identity has been saved on the HPC file system in the folder ".ssh" in your user directory up until now. This public key file is now moving to RegApp.

In order to use it for your HPC Account, you need to first upload the file to RegApp.

Note:

The SSH Key is set to automatically expire after a certain amount of time (currently 12 month).

Once it is expired, it will disappear from the overview of SSH keys in your RegApp Dashboard and the associated services. A key that has expired or been deleted cannot be added again. You will need to generate and upload a new key pair instead according to the instructions below, and then assign that to your HPC account.

To learn more about SSH, you can check out Wikipedia or look up how-tos for other services, such as github.


Kurzinformation Quick Instructions

For more detailed instructions, continue below.

Prerequisite: you have registered for the service RWTH High Performance Computing.

  1. Generate an SSH Key Pair
  2. Login to RegApp
  3. Navigate to Index My SSH pubkeys
  4. Click Add SSH Key
  5. Enter a name for this public key and paste the public key into the corresponding field
    ! Do not upload your private key here !
  6. Click Add to finalize uploading this SSH key

Detailinformation

Generating your SSH Key

Use your SSH key generation tool of choice such as ssh-keygen on your local Linux maschine:

$ ssh-keygen -a 100 -t ed25519 -f ~/.ssh/id_ed25519

or puttyGen on your local Windows maschine:

Make sure to generate a key of sufficient length to make it secure. We recomment key type Ed25519. To ensure your key cannot be abused, set an appropriately strong password for the private key file. Without such a password, your credentials are very vulnerable.

Strong passwords may be cumbersome to use in everyday cluster access. Help comes in the form of an ssh-agent.

Once you have generated the pair of files, save the private key file in the folder ".ssh" on your user directory ("~/.ssh" on Linux, "/c/users/[username]/.ssh" on Windows). You can save the public key file in the same location, or move it elsewhere.

Note: Access to a 2FA node requires password and second factor on first connection within a certain time frame. If you use an ssh config file (a file in your ".ssh" folder named "config"; for more info query your preferred search engine or start here), make sure that for this domain (e.g., *.hpc.itc.rwth-aachen.de) you are not using the public key as your preferred authentication method (i.e., do not set "PreferredAuthentications publickey" for this domain). Doing so will prevent the password request and thus login.

Uploading the public key

Screenshot of the RegApp main dashboard, showing the main navigation ribbon after expanding it from the 'Index' menu point. The new ribbon has three links: Personal Data, My SSH Pubkeys, and My Tokens.

To upload your public key, hover your mouse over the menu point Index in the navigation ribbon on top. This will expand the menu. Click on My SSH Pubkeys. This will take you to the SSH key overview.

Screenshot of the overview over the SSH keys. It displays the already added keys along with their name, expiration date, key type, SHA256 Fingerprint, and associated services. The option to revoke each key and add new ones is also given.

In the overview, your added keys are listed with their relevant information and the option to revoke each key. Note that you can only ever add a certain key once, even after revoking the key or letting it expire. You cannot reuse your keys and will need to generate a new key in these situation.

To add a new public key, use the button Add SSH Key. This brings up the dialogue to upload your public key.

Dialogue pop-up to add a new SSH public key.

Open your saved public key (the file ending in ".pub") and copy the key sequence, or copy it directly from the application used to generate it. Paste it into the text box "SSH Key". Do NOT upload your private key! Give your public key a name, e.g. to differentiate keys associated with different machines.

Important hint for Windows users: PuTTY uses a different public key format. In order to use the correct format do the following:

  1. Open PuTTY Key Generator (PuTTYgen)
  2. Load your private key
  3. Enter the password of the key
  4. Copy the text from “Public key for pasting into OpenSSH authorized_key file” panel & paste the key sequence to the RegApp text box in the browser:

You can now register this public key with the services available in RegApp.

last changed on 12/20/2023

How did this content help you?

Creative Commons Lizenzvertrag
This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License