Connecting to IDCS with SSH keys

Generating private and public keys

Connections by SSH keys are mandatory to access on IDCS HPC clusters. The procedure for generating keys is described below. When generating your keys, you must enter a passphrase to protect your private key. This passphrase will then be requested at each connection or only one time if you are using the agent ssh-agent.

The keys are generated by the ssh-keygen command. You will be presented with three prompts. We advise you to press RETURN for the first prompt ("Enter file ..."). For the second and third prompts, you may enter the passphrase which will protect your keys.

user@mycomputer:~$ ssh-keygen -t ed25519
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/mycomputer/.ssh/id_ed25519): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/mycomputer/.ssh/id_ed25519
Your public key has been saved in /home/mycomputer/.ssh/id_ed25519.pub

Two files (id_ed2559 and id_ed2559.pub) are created in the .ssh directory of the local machine. Following this, the public key must be added to the authorized_keys file of the distant machine's ~/.ssh directory.

Using the ssh-agent program to type your passphrase only one time

The SSH-agent

You must enter the following two commands on your local machine:

user@mycomputer:~$ eval 'ssh-agent'
user@mycomputer:~$ ssh-add ~/.ssh/id_ed25519
Enter passphrase for /home/mycomputer/login/.ssh/id_ed25519:
Identity added: /home/mycomputer/login/.ssh/id_ed25519
(/home/mycomputer/login/.ssh/id_ed25519)

If you are in a Windows environment and you are using the client SSH Putty, you may also use the program Pageant, furnished with Putty.

IDCS security recommandations

For security reasons, we request that you respect the following requests: