SSH Keys

Some modes of access to the HPC system require users to use SSH keys for authentication.

SSH keys are a secure authentication method that can be used for remote access to a server without using passwords. It is in fact a more secure authentication method than using a password. SSH keys consist of a pair of cryptographic keys — a private key kept secret on your computer and a public key placed on the remote server you want to access.

While in many cases it is required, the use of SSH keys is also generally recommended for convenience and enhanced security when connecting to any UCHC HPC resources.

To be able to login using SSH keys, you will need to follow the setup process outlined below. Only ed25519 keys are accepted.

Create SSH keys

You can create a public and private SSH key pair using your SSH client in Windows PowerShell or a MacOS / Linux Terminal.

1. First check for an existing SSH key pair by running the following command:

MacOS / Linux Terminal

ls ~/.ssh/

Windows PowerShell

ls $env:USERPROFILE\.ssh\

If you see files named id_ed25519.pub and id_ed25519, you already have an SSH key pair and can skip ahead to the Copy to UCHC HPC system section. If you do not see these files or get an error message, you will need to create a new SSH key pair.

2. To create a key pair run the following command:

ssh-keygen -t ed25519 -C <comment>

Replacing <comment> with something to help you identify which computer this key pair was created for. For example: laptop

3. You will be prompted to specify the location to save the key. You can press enter to accept the default location.
4. Next you will be prompted to create a passphrase which is optional. If you don’t wish to create a passphrase, simply press enter.

Warning

Do not share your private key with anyone! Your private key should be kept secret and secure on your computer. If someone else has access to your private key, they can access the UCHC HPC system as you. We will never ask you for your private key for any reason.

Copy Public SSH Key to the UCHC HPC system

Once you have created your SSH key pair, you will need to copy the public key to the UCHC HPC system.

MacOS and Linux

On MacOS and Linux, you can copy your public key to the UCHC HPC system using the ssh-copy-id command:

ssh-copy-id <user>@transfer.cam.uchc.edu

Where <user> is replaced with your CAM username.

When prompted, enter your CAM password. Note that for security reasons, your cursor will remain stationary and you will not see any characters appear as you type your password. Also note that passwords expire every 90 days and can be reset in the CAM Password Manager.

Windows PowerShell

On Windows 10 or later, you can copy your public key to the UCHC HPC system using Windows PowerShell with the command:

type $env:USERPROFILE\.ssh\id_ed25519.pub | ssh <user>@transfer.cam.uchc.edu "mkdir -p .ssh && cat >> .ssh/authorized_keys"

Where <user> is replaced with your CAM username.

When prompted, enter your CAM password. Note that for security reasons, your cursor will remain stationary and you will not see any characters appear as you type your password. Also note that passwords expire every 90 days and can be reset in the CAM Password Manager.