Skip to content

SSH - login


ICM login: ssh Logging in is done using a username (up to 8 letters, not an e-mail address). On some systems, an additional login step is possible/required from the computer, e.g. ssh rysy, ssh okeanos.



From December 2020, logging in using the ssh protocol requires two-factor authentication (2FA - 2 Factors Authentication) with the use of TOTP (Time-based One-time Password) tokens.

Account name and password setting

When log in in for the first time, it is necessary to change the password.

Two-factor authorization (2FA - OTP)

When logging in using ssh to the server, the user provides the data (password / key) and then an additional request for OTP (One Time Password) appears, i.e. a one-time code, individual for everyone, generated using a special application. The generation of the OTP is the described in a separate instruction.

Create SSH Keys

Logging in can be authenticated by entering a password or by using a cryptographic key. The keys are more secure (and more convenient - you don't have to type a password every time).

# To generate SSH keys on the local computer use the command:
# Then copy the public key to the target server:
ssh-copy-id -i ~/.ssh/
# Only you (and no other user) should be able to read the keys:
chmod 400 ~ /.ssh/mykey
# If you want to use an existing key, don't forget to add it to 'ssh agent' on the local machine
ssh-add ~/.ssh/mykey
# if `ssh-add` fails saying `Could not open a connection to your authentication agent.` you have to start the ssh-agent
eval `ssh-agent -s`

# logging in
# logging in in with a specific key
ssh -o IdentitiesOnly = yes -i ~ / .ssh / example_rsa
# logging in in using a password (instead of a key)
ssh -o PubkeyAuthentication = no

Digital signature of the access machine

When logging in, the user's computer makes sure that it connects to the authorized machine. For this purpose, the cryptographic key imprint of the access machine is checked. When connecting for the first time, you must agree to adding to your friends list.

The authenticity of host ' (2001: 6a0: 2001: 2321 :: 79)' can't be established.
ECDSA key fingerprint is SHA256: KGMfnzeNErKlS8J / MYOBsnFKFl95VJ + BFm4FAYwKV6A.
Are you sure you want to continue connecting (yes / no / [fingerprint])? yes
Warning: Permanently added '' (ECDSA) to the list of known hosts.

The procedure for removing the old keyprint is shown below.


Run the regedit program (Windows system application). Then, in the panel on the left, search for an entry in the tree:

HKEY_CURRENT_USER \ Software \ UserName \ PuTTY \ SshHostKeys

and in the window on the right, find the line containing the name '', and then delete it.


To delete the old key, run the following command in the terminal:

ssh-keygen -f $ HOME/.ssh/known_hosts -R

Password Manager

The [pass] program is a password manager that allows linux users to safely store their passwords on the local computer. For example:

$ pass remote_computers / icm -c
Copied zdalne_kompociąg / icm is a clipboard. Will clear in 45 seconds.

Finishing work

When you are finished, log out with the command exit orlogout or with the key combination Ctrl + D.


User support and support for computational grants:

  • E-mail: help (monkey)
  • By phone: +48 22 8749 200
Ta strona używa plików cookies.
Polityka Prywatności    AKCEPTUJĘ