Skip to main content

SSH keys and config file

If you plan to connect to the CARC machines from a laptop or desktop PC that you own, you may prefer to set this computer up so that you can log in without the need to type your password each time. This is done with "ssh keys", which are secure and easy to set up.

SSH key generation

First, set up your ssh key. To do this type in the terminal prompt:

ssh-keygen

This program will ask a number of questions, but for most users, the default answer is fine, and so you can just keep hitting enter until the program finishes. One of the questions will be to ask if you would like to set up a passphrase, and since you would then need to type the passphrase each time you wanted to log in, rather than the password, we recommend that you decline setting up a passphrase as this defeats the convenience of having a SSH key!

The ssh-keygen program will have created two files in the hidden directory ~/.ssh, id_rsa and id_rsa.pub. The one ending in ".pub" is the public part of the key, and the other is the private part that you should protect carefully. We are going to copy the contents of the public key to a file in your CARC home directory called ~/.ssh/authorized_keys. You can do this by hand, first copying the contents and then pasting into the correct file on the CARC machines, or there is a small program that is able to do this for you, called ssh-copy-id. You can now call this program with your username and any CARC machines address:

ssh-copy-id username@machinename.alliance.unm.edu

Since your home directory is shared across all machines at CARC, this step only needs to be done once to enable passwordless access to every CARC machine.

SSH config file: ~/.ssh/config

To make logging into CARC even easier we also recommend setting up an ssh config file which allows you to simply type: ssh machine instead of ssh username@machine.alliance.unm.edu. To set up this file simply copy the example below and save it as the text document ~/.ssh/config.

Host wheeler
    hostname wheeler-sn.alliance.unm.edu
    user CHANGEME
    port 22
Host galles
    hostname galles.alliance.unm.edu
    user CHANGEME
    port 22

Make sure to change the word "CHANGEME" to be your CARC username. This is a very useful way to store the ssh settings to CARC as well as any other machines you may need to ssh into. There are many possible settings that can be saved to this file and details can be found by looking at the man page for ssh. In addition to simplifying the process to login to other machines, this config file will also apply when transferring files with scp or rsync, by now allowing you to simply use a machine name followed by a colon ":" and whatever path is needed. For example, to copy a directory from my Desktop to wheeler-scratch, I would type the following from my local machine: 

scp -r ~/Desktop/calculations wheeler:~/wheeler-scratch/

Rsync is a far more powerful tool and is worth learning more about (man rsync), but quickly, the equivalent command as above is

rsync -vhat --progress ~/Desktop/calculations wheeler:~/wheeler-scratch/

And to reverse the transfer, copying a directory on the CARC machines back to my local Desktop the following commands would be run, again from my local machine:

scp -r wheeler:~/wheeler-scratch/experiment_1 ~/Desktop
or
rsync -vhat --progress wheeler:~/wheeler-scratch/experiment_1 ~/Desktop