UK: National and Regional Services¶
Overview:
- Teaching: 15 min
- Exercises: 0 min
Questions
- How can I manage ssh keeys on the UK national and regional HPC systems
Objectives
- Know that SSH keys are often managed centrally and how to get them updated
National and regional resources
On many national and regional resources e.g. ARCHER, ARCHER2 and the Tier-2 sites it is compulsory to use public keys and these will often be required as part of your application to use the service and added for you. If you need to change you key on these services you can change in the SAFE the system uses and it will be updated for you:
Archer and Tier-2
Note that while there are different access points for Archer and Tier-2 they use the same ssh key. This means that if you change the ssh-key you have registered for Archer it will also change on any Tier-2 systems that you yhave access to, and vice-versa.
UK National and Tier-2 Centres
By default the SAFE(s) used to manage accounts on machine for national and Tier-2 centres requires users to use a single key for access to all machines in each SAFE as indicated above. Currently you must use RSA keys so we would recommend:
ssh-keygen -o -a 100 -t rsa -b 4096 -f ~/.ssh/id_rsa_archer_safe
or at least
ssh-keygen -o -a 100 -t rsa -b 2048 -f ~/.ssh/id_rsa_archer_safe
Once you have added your key to the SAFE, the key will be added to the services your use by system operators.
As of 21st May 2010 the UK national supercomputing service ARCHER will require both SSH key and username to log-in.
Key Points:
- some national and regional services manage your ssh key. You add iyour public key to the relevant
SAFEand it will be added for you.