Setting Up Passwordless Login
Passwordless login allows users to run scripts remotely without the need to pass their passwords into the script but rather enter it once before running multiple scripts.
Mac and Linux
To setup passwordless login you will need two files:
- ~/.ssh/id_rsa
- ~/.ssh/id_rsa.pub
If you don't already have the above files, you will have to generate them with the following command:
ssh-keygen -t rsa
This will ask you for a location to save the keys (leave this option blank unless you plan to save them somewhere other than the default), and a passphrase for the keys. This passphrase is for the key itself, not for your login to the remote host. Type in a passphrase of your choice and hit ENTER.
If you do not enter a passphrase, your keys will not require a passcode to be used. While this is simpler, it leaves your keys unsecured. If you choose this route, be sure to keep your keys in a safe place.
Run the following command to copy your id keys to the authorized_keys list on the remote host:
ssh-copy-id -i ~/.ssh/id_rsa.pub HAWKID@argon.hpc.uiowa.edu
this will ask you for your HawkID password one last time. After you've logged in, your ID key should be appended to the file ~/.ssh/authorized_keys.
If you get this message
-bash: ssh-copy-id: command not found
you will have to append your keys manually.
When you log into the cluster with an encrypted key, you may be asked to save this passphrase to your keychain. Keychains are used on Macs and Linux, depending on the Linux distribution. If you check this box, your passphrase will be saved on this machine and you will not have to use the ssh-agent method explained below. You may have to enter your local password to unlock keychain access.
If you are not using a keychain you can start an ssh agent from a terminal session.
eval `ssh-agent`
then add your key file to the agent:
MAC Users
You may also add a key, and unlock it in the keyring using the command “ssh-add -K”.
Windows
The walkthrough here is for PuTTY users. You can download PuTTY from (here)
PuTTY main site: http://www.chiark.greenend.org.uk/~sgtatham/putty/
Start PuTTYGEN.exe and click “generate” to create your key pairs. Set a passphrase (unless you wish to have no passphrase, which is less secure). Your file will not be given an extension by default, so be sure to give the private key the “.ppk” extension. Now SSH into the cluster using PuTTY, and change into the .ssh directory.
Edit the authorized_keys file by typing
vim authorized_keys
switch into insert mode by pressing the letter "i". Now, on your windows machine, copy the entire line labeled “public key for pasting into authorized_keys” and paste that line into the authorized_keys file in your ~/.ssh directory on the cluster. Exit the editor by hitting ESC and typing ':wq', then hit ENTER.
On your Windows machine, save your .ppk file to a directory of your choice and give it a name. Start up Pageant.exe which will be located in your PuTTY install directory. After you have started Pageant, right-click on the icon in the system tray and select “Add key”. Browse to your private key that you just saved, and select it. If you gave your key a passphrase, Pageant will prompt you for it now. After you have added your key, Pageant will handle authentication for you until you close it down. To test if the authentication works, use PuTTY to login to the cluster.