Differences

This shows you the differences between two versions of the page.

--- other:ssh [2023/05/03 10:32] – [Windows ssh agent] Improved jypeter
+++ other:ssh [2024/11/29 13:58] (current) – [Installing ssh keys] Improved jypeter
@@ Line 72: / Line 72: @@
 If you want to connect to the [[https://documentations.ipsl.fr/spirit/spirit_clusters/head_nodes.html|IPSL servers]] (only possible with [[other:ssh#using_ssh_keys|ssh keys]]!):
+  * [[https://mesocentre.ipsl.fr/account-opening/|Requesting an account at IPSL]]
   * Connecting to ''spirit1'':
     * ''ssh -A -X my_meso_login@spirit1.ipsl.fr''
@@ Line 358: / Line 359: @@
 ==== Installing ssh keys ====
+<note tip>**Special case**:
+  *  ''spirit[x]'' servers: if you need to use the [[other:ssh#ipsl_servers|IPSL spirit[x] servers]], you have to send your //public// key when you request your account, and the IT people will take care of putting your //public// key in the correct place when they create your account
+</note>
+The **required //ssh key// files have to be present in the ''.ssh'' [[other:ssh#configuration_files|directory where ssh stores its configuration files]]**, on the //source// **and** //target// computers. You do not need the same key files on the //source// **and** //target// computers, but it is easier to have all the key files in all the ''.ssh'' directories. This will also act as a backup of the key files in different locations.
+We assume below that you have copied the required key files in the ''.ssh'' directory of both //source// and //target// computers. We also assume that we are dealing with ''ed25519'' keys, so the //key// files will are named: ''id_ed25519'' (and ''id_ed25519**.ppk**'' on a Windows computer, if you use [[other:putty_conf#using_ssh_keys_with_putty_pageant|PuTTY/Pageant]]), and ''id_ed25519**.pub**''.
+  * on the **//source// computer**\\ (your local desktop/laptop, or a remote Linux server if you will use ''ssh''/''scp'' from this remote server to another remote server)\\ \\
+    * you need **the //private// key**: e.g. ''id_ed25519''
+      * remember that **the private key has to be readable only by the file owner (you!)** on a linux (or Mac) computer\\ <code>$ chmod 600 ~/.ssh/id_ed25519
+$ ls -l ~/.ssh/id_ed25519
+-rw------- [...] /some_path/your_login/.ssh/id_ed25519</code>
+  * and the **//target// computer**\\ (a remote Linux server)\\ \\
+    * you need **the //public// key**: e.g. ''id_ed25519.pub''
+    * you need a copy of the //public// key in the ''authorized_keys'' file
+      * **if the ''authorized_keys'' file does not exist yet**, just copy the //public// key file\\ <code>$ cd ~/.ssh
+$ ls -l authorized_keys
+ls: cannot access authorized_keys: No such file or directory
+$ cp -p id_ed25519.pub authorized_keys</code>
+      * **if there is already an ''authorized_keys'' file** (possibly with older public keys), just create a backup of the existing file, and **add the new public key at the end of the file**\\ <code>$ cd ~/.ssh
+$ cat authorized_keys
+ssh-dss AAAAB3NzaC1kc3MAAACBAM9w0bY604COfD5yLwlBLaSDSbi2eKfhPJBl/
+[...]
+OUZ8jrQrhDbq2P7GNTTaEEdy+JvtDvZSZLG4+DwhWSkxqPZ35yD8wfOi5WInpG3Cms some_login
+$ mv authorized_keys authorized_keys.save
+$ cat authorized_keys.save id_ed25519.pub > authorized_keys
+$ cat authorized_keys
+ssh-dss AAAAB3NzaC1kc3MAAACBAM9w0bY604COfD5yLwlBLaSDSbi2eKfhPJBl/
+[...]
+OUZ8jrQrhDbq2P7GNTTaEEdy+JvtDvZSZLG4+DwhWSkxqPZ35yD8wfOi5WInpG3Cms some_login
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICD35IUxzgjlslHsrOZQ2ARZsXN1RuDcJ+ncyBKLwHr another_login
+</code>
 ==== Using the keys ====