PPPL Unix Cluster

ssh and slogin ssh and slogin ssh examples

3.1.3.1: ssh with RSA authentication

You need to do the following once:

1. Run ssh-keygen as follows

   $ ssh-keygen
   ...
   Enter file in which to save the key (~/.ssh/identity): [RETURN]
   Enter passphrase: [ENTER A GOOD PASS PHRASE TO PROTECT THE PRIVATE KEY]
   Enter the same passphrase again: [DITTO]
   ...
   

   This creates a private-public key pair in `~/.ssh/identity' and `~/.ssh/identity.pub'. The first file is protected by (a) Unix permissions, and (b) your pass phrase. The second file only needs to be protected against writing by anyone except you.

2. Create `~/.ssh/authorized_keys':

   cp ~/.ssh/identity.pub ~/.ssh/authorized_keys
   

3. Create `~/.ssh/authorized_keys' on any remote systems you want to access. E.g., on hecate.princeton.edu

   mkdir ~/.ssh
   chmod 755 ~/.ssh
   

   and use ftp(1) to transfer the local copy of `~/.ssh/authorized_keys' to hecate.princeton.edu.

4. Near the beginning of your `~/.xsession', put

   eval `ssh-agent -s`
   ssh-add < /dev/null &
   

   OR

   eval `ssh-agent -c`
   ssh-add < /dev/null &
   

   depending on whether your `~/.xsession' is a `/bin/sh' or `/bin/csh' script. Look at the first line of the file to find out.

   At the end of `~/.xsession' (after the invocation of the window manager), put

   eval `ssh-agenet -k -s`
   

   or

   eval `ssh-agenet -k -c`
   

   Your `~/.xsession' may then look like:

   #! /bin/sh
   . /etc/env.default
   
   eval `ssh-agent -s`                # ADDITION
   ssh-add < /dev/null                # ADDITION
   
   xrdb $HOME/.Xresources
   
   xterm -ls -T `hostname` -n `hostname` -geo 80x50+105+5 &
   twm
   
   eval `ssh-agenet -k -s`            # ADDITION
   

5. [OPTIONAL] Create a file `~/.ssh/config' containing

   Host *.nersc.gov
   User u12345
   
   Host hecate.princeton.edu
   Port 1515
   

   where `u12345' is your NERSC user name. (This step means that you won't have to supply a `-l u12345' argument to ssh.) The port-specification for hecate connects you to the AFS-aware version of sshd on that machine. If you want to use compression on certain connections, this can be configured here too (see ssh(1)).

Once per X session

When you start an X session on your X terminal, the ssh-add command in `~/.xsession' will pop up a window for you to enter your pass phrase.

ssh and slogin

ssh and slogin

ssh examples