Version 4 (modified by annette, 4 years ago) (diff)

SSH setup for PUMA to Archer

Please Note: These instructions assume that you DO NOT already have an ssh-key set up on PUMA.

1. Generate the authentication key on PUMA and install it on ARCHER

Run the install-ssh-keys script. This will take you through ssh-key creation and copy the key over to ARCHER.

puma$ source ~um/um-training/install-ssh-keys <archer-username>

When prompted to "Enter passphrase", this should be a fairly complicated and unguessable passphrase. You can use spaces in the passphrase if it helps you to remember it more readily. It is recommended that you don’t use your password in case it is hacked.

Warning: DO NOT use an empty passphrase as this presents a security issue.

After generating your ssh-key, the script will copy it over to ARCHER.

When prompted for "Password", enter your ACRHER password.

2. Verify the authentication works

puma$ ssh <archer-user-name>
Enter passphrase for key '/home/<puma-username>/.ssh/id_dsa':

If you don’t get asked for your Passphrase, then something has gone wrong. In this case, make sure the public key, was successfully copied over to ARCHER by logging into ARCHER and opening the file ~/.ssh/authorized_keys. It should contain something similar to:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAt1JmHYgsuf0UWVLqNqnDSaUUP2xJ+Um0H5WnUt/i

If it doesn’t, and no errors were reported from the install-ssh-keys script, please contact the CMS team.

Once you have this part working, log out of ARCHER.

3. Start up ssh-agent

Run the following command and type your passphrase:

puma$ ssh-add
Enter passphrase for /home/<puma-username>/.ssh/id_rsa:

The ssh agent should keep running even when you log out of puma, however you may need to restart it from time to time.

4. Checks this works by ssh-ing into ARCHER

You should now be able to ssh from PUMA to ARCHER without a password or passphrase.