Uploading an SSH Key
You can log onto the CLAIX systems using your login name and password (unix password), or the Secure Shell Protocol (SSH) by authenticating yourself via a private key file on your local machine. In the latter case, the corresponding public key file which the server uses to validate your identity has been saved on the HPC file system in the folder ".ssh" in your user directory up until now. This public key file is now moving to RegApp.
In order to use it for your HPC Account, you need to first upload the file to RegApp.
The SSH Key is set to automatically expire after a certain amount of time.
Once it is expired, it will disappear from the overview of SSH keys in your RegApp Dashboard and the associated services. A key that has expired or been deleted cannot be added again. You will need to generate and upload a new key pair instead according to the instructions below, and then assign that to your HPC account.
For more detailed instructions, continue below.
Prerequisite: you have registered for the service RWTH High Performance Computing.
- Generate an SSH Key Pair
- Login to RegApp
- Navigate to Index → My SSH pubkeys
- Click Add SSH Key
- Enter a name for this public key and paste the public key into the corresponding field
! Do not upload your private key here !
- Click Add to finalize uploading this SSH key
Generating your SSH Key
Use your SSH key generation tool of choice, such as ssh-keygen manual or puttyGen. Make sure to generate a key of sufficient length to make it secure. To ensure your key cannot be abused, set an appropriately strong password for the private key file. Without such a password, your credentials are very vulnerable.
Strong passwords may be cumbersome to use in everyday cluster access. Help comes in the form of an ssh-agent.
Once you have generated the pair of files, save the private key file in the folder ".ssh" on your user directory ("~/.ssh" on Linux, "/c/users/[username]/.ssh" on Windows). You can save the public key file in the same location, or move it elsewhere.
Note: Access to a 2FA node requires password and second factor on first connection within a certain time frame. If you use an ssh config file (a file in your ".ssh" folder named "config"; for more info query your preferred search engine or start here), make sure that for this domain (e.g., *.hpc.itc.rwth-aachen.de) you are not using the public key as your preferred authentication method (i.e., do not set "PreferredAuthentications publickey" for this domain). Doing so will prevent the password request and thus login.
Uploading the public key
To upload your public key, hover your mouse over the menu point Index in the navigation ribbon on top. This will expand the menu. Click on My SSH Pubkeys. This will take you to the SSH key overview.
In the overview, your added keys are listed with their relevant information and the option to revoke each key. Note that you can only ever add a certain key once, even after revoking the key or letting it expire. You cannot reuse your keys and will need to generate a new key in these situation.
To add a new public key, use the button Add SSH Key. This brings up the dialogue to upload your public key.
Open your saved public key (the file ending in ".pub") and copy the key sequence, or copy it directly from the application used to generate it. Paste it into the text box "SSH Key". Do NOT upload your private key! Give your public key a name, e.g. to differentiate keys associated with different machines.
You can now register this public key with the services available in RegApp.