Setting up Passwordless ssh
We’ll be using the
orion cluster of servers for big data development. To reach these machines, you must first ssh to
stargate.cs.usfca.edu and then log into the nodes you want. The hostnames for these machines are orion01 – orion12 (orion01, orion02, up to orion12).
You should set up passwordless ssh. Use
ssh-keygen to generate a public and private ssh key pair:
[mmalensek@orion01]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home4/mmalensek/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home4/mmalensek/.ssh/id_rsa Your public key has been saved in /home4/mmalensek/.ssh/id_rsa.pub The key fingerprint is: (etc) [mmalensek@orion01]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys [mmalensek@orion01]$ chmod 700 ~/.ssh [mmalensek@orion01]$ chmod 600 ~/.ssh/authorized_keys
You can leave all of the prompts blank (including the password). Most people are okay with this approach, but you should know that doing so allows anyone who has your id_rsa file to log in as you. In other words, don’t share your id_rsa file (the public key, id_rsa.pub, is fine to share though). If you don’t want to do things this way, the alternative is using
ssh-agent. See Using ssh-agent with ssh by Mark A. Hershberger to get you going.
Since our lab machines have shared home directories, you can now log into any of the machines in the department without a password.
You can also repeat this process on your own laptop and then copy the key over to stargate with:
(Replace mmalensek with your own username). This way you can log in from your laptop and bounce whereever you want to go without a password.
I like to add the following to my
~/.ssh/config file (create it if it doesn’t exist) so that I can
ssh directly to the
Host orion?? User mmalensek ProxyJump firstname.lastname@example.org
mmalensek with your own username).
You can also use the
scp utility to copy files to the department machines. The basic usage looks like:
scp local-file.txt email@example.com:
Don’t forget the trailing : character. This tells scp to store the file in your home directory. You can also specify a remote file name, or store in a particular folder/directory:
scp local-file.txt firstname.lastname@example.org:other-name.txt scp local-file.txt email@example.com:my_great_dir/subdirectory/
rsync utility is a good way to sync a directory to/from the department machines.
If you’d rather use a GUI to transfer the files, you have plenty of options:
- CyberDuck is a good choice for Mac/Windows.
When you configure these clients, set them up to use SFTP.