Adding an SSH key to your HPC account
The CLAIX Cluster offers the option to authenticate yourself using SSH. You can use a SSH key that has been uploaded to the RegApp.
For more detailed instructions, continue below.
- Login to RegApp
- Navigate to Registered Services → RWTH High Performance Computing → Set SSH Key
- Click Add on the SSH key you wish to associate
- Fill in the required fields
- Click Add to associate the key with your HPC account
The SSH Key is set to automatically expire after a certain amount of time.
Once it is expired, it will disappear from the overview of SSH keys in your RegApp Dashboard and the associated services. A key that has expired or been deleted cannot be added again. You will need to generate and upload a new key pair instead, and then associate that with your HPC account.
Available SSH public keys that can be associated with the service are listed under Set SSH Key below the list of already associated SSH keys. For each key, the name and expiration date is listed.
To add it to the service account, click the ADD button. This brings up a dialogue to specify how the key should be associated. Two usage types are available: Interactive, i.e., to be used by the user when logging in to a session, and Command.
The latter option is intended for scripts that are executed without the user being present. A key that is associated with a command can only be used for executing that command and needs administrator approval before use.
Once you have filled out this dialogue, click Add. The SSH key is now associated with your HPC account and is either waiting for administrator approval (Command-type association) or can be used immediately (Interactive-type association).
Note: Access to a 2FA login node requires password and second factor on first connection within a certain time frame. If you use an ssh config file (a file in your ".ssh" folder named "config"; for more info query your preferred search engine or start here), make sure that for this domain (e.g., *.hpc.itc.rwth-aachen.de) you are not using the public key as your preferred authentication method (i.e., do not set "PreferredAuthentications publickey" for this domain). Doing so will prevent the password request and thus login.