Using SSH keys
This article explains how to create an SSH key pair, and install it on the servers you use.
With an SSH key pair, you won't have to enter your password every time you log in to one of our servers, or when you access a git repository on a remote server.
Create a key pair
You should give the key pair a name that identifies the computer you created it on. The name should preferably be on the form <USERNAME>@<COMPUTER NICKNAME>. The exact name doesn't matter, but helps you know which key is which in case you have several computers.
Open a terminal window, and run the following command:
ssh-keygen -C USERNAME@COMPUTERNAME
For example ssh-keygen -t rsa -C johndoe@macbookpro
if your username is johndoe
and
your nickname for your laptop is macbookpro
.
Make sure to enter a passphrase to encrypt the key.
This command will create two files in your ~/.ssh
directory:
id_rsa
: This is the private part of your key pair, and should never be shared.id_rsa.pub
: This is the public part of your key pair. You can provide this key to every server or service you want to be able to log in on without having to type your password.
Add the passphrase to your keychain (macOS only)
Create a ~/.ssh/config
file, or edit your existing one. The file should start with these lines:
Host * UseKeychain yes
Then, run one of the following commands:
If your mac is running macOS 12 (Monterey) or newer:
ssh-add --apple-use-keychain
If your mac is running macOS 11 (Big Sur) or older:
ssh-add -K
You will be asked to enter the passphrase you chose when creating the key pair.
Adding the SSH key to GitHub
When you add your SSH public key to your GitHub account, you will be able to git push
/ git pull
without typing your GitHub password.
See Adding a new ssh key to your GitHub account for instructions.
Adding the SSH key to a server
When you add your SSH public key to your account on a server, you will be able to log in to that server without typing your password.
To install your SSH public key to the department's computing servers, run the following command. Replace USERNAME with your own username:
ssh-copy-id -f ~/.ssh/id_rsa.pub USERNAME@syvert0.math.ntnu.no
This makes passwordless ssh work on all the department's compute servers, as well as on other servers which share the same home directories.
Since your home directory on the IDUN cluster is separate from your home directory on the department's servers, you will need to repeat this step in order to install your key on IDUN:
ssh-copy-id -f ~/.ssh/id_rsa.pub USERNAME@idun.hpc.ntnu.no
Using the SSH keys
Now that the keys are generated and installed, you should be able to log in to our servers without typing your password. You can verify this with
ssh USERNAME@syvert0.math.ntnu.no
If you are asked to provide either your password or your SSH key passphrase, please check if any of the previous steps failed.