Setting up Passwordless ssh

We’ll be using the orion cluster of servers for big data development. To reach these machines, you must first ssh to stargate.cs.usfca.edu and then log into the nodes you want. The hostnames for these machines are orion01 – orion12 (orion01, orion02, up to orion12).

Passwordless ssh

You should set up passwordless ssh. Use ssh-keygen to generate a public and private ssh key pair:

[mmalensek@orion01]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home4/mmalensek/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home4/mmalensek/.ssh/id_rsa
Your public key has been saved in /home4/mmalensek/.ssh/id_rsa.pub
The key fingerprint is:
(etc)

[mmalensek@orion01]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[mmalensek@orion01]$ chmod 700 ~/.ssh
[mmalensek@orion01]$ chmod 600 ~/.ssh/authorized_keys

You can leave all of the prompts blank (including the password). Most people are okay with this approach, but you should know that doing so allows anyone who has your id_rsa file to log in as you. In other words, don’t share your id_rsa file (the public key, id_rsa.pub, is fine to share though). If you don’t want to do things this way, the alternative is using ssh-agent. See Using ssh-agent with ssh by Mark A. Hershberger to get you going.

Since our lab machines have shared home directories, you can now log into any of the machines in the department without a password.

You can also repeat this process on your own laptop and then copy the key over to stargate with:

ssh-copy-id mmalensek@stargate.cs.usfca.edu

(Replace mmalensek with your own username). This way you can log in from your laptop and bounce whereever you want to go without a password.

SSH Aliases

I like to add the following to my ~/.ssh/config file (create it if it doesn’t exist) so that I can ssh directly to the orion machines:

Host orion??
    User mmalensek
    ProxyJump mmalensek@stargate.cs.usfca.edu

(replace mmalensek with your own username).

Transferring Files

You can also use the scp utility to copy files to the department machines. The basic usage looks like:

scp local-file.txt mmalensek@stargate.cs.usfca.edu:

Don’t forget the trailing : character. This tells scp to store the file in your home directory. You can also specify a remote file name, or store in a particular folder/directory:

scp local-file.txt mmalensek@stargate.cs.usfca.edu:other-name.txt
scp local-file.txt mmalensek@stargate.cs.usfca.edu:my_great_dir/subdirectory/

The rsync utility is a good way to sync a directory to/from the department machines.

If you’d rather use a GUI to transfer the files, you have plenty of options:

• CyberDuck is a good choice for Mac/Windows.

When you configure these clients, set them up to use SFTP.