SSH - login
Logging in is done using a username (up to 8 letters, not an e-mail address).
On some systems, an additional login step is possible/required from the hpc.icm.edu.pl computer,
From December 2020, logging in using the ssh protocol requires two-factor authentication (2FA - 2 Factors Authentication) with the use of TOTP (Time-based One-time Password) tokens.
Account name and password setting
When log in in for the first time, it is necessary to change the password.
Two-factor authorization (2FA - OTP)
When logging in using ssh to the
hpc.icm.edu.pl server, the user provides the data (password / key) and then an additional request for OTP (One Time Password) appears, i.e. a one-time code, individual for everyone, generated using a special application.
The generation of the OTP is the described in a separate instruction.
Create SSH Keys
Logging in can be authenticated by entering a password or by using a cryptographic key. The keys are more secure (and more convenient - you don't have to type a password every time).
# To generate SSH keys on the local computer use the command: ssh-keygen # Then copy the public key to the target server: ssh-copy-id -i ~/.ssh/mykey.pub firstname.lastname@example.org # Only you (and no other user) should be able to read the keys: chmod 400 ~ /.ssh/mykey # If you want to use an existing key, don't forget to add it to 'ssh agent' on the local machine ssh-add ~/.ssh/mykey # if `ssh-add` fails saying `Could not open a connection to your authentication agent.` you have to start the ssh-agent eval `ssh-agent -s` # logging in ssh email@example.com # logging in in with a specific key ssh -o IdentitiesOnly = yes -i ~ / .ssh / example_rsa firstname.lastname@example.org # logging in in using a password (instead of a key) ssh -o PubkeyAuthentication = no email@example.com
Digital signature of the hpc.icm.edu.pl access machine
When logging in, the user's computer makes sure that it connects to the authorized
For this purpose, the cryptographic key imprint of the access machine is checked.
When connecting for the first time, you must agree to adding
hpc.icm.edu.pl to your friends list.
ssh firstname.lastname@example.org The authenticity of host 'hpc.icm.edu.pl (2001: 6a0: 2001: 2321 :: 79)' can't be established. ECDSA key fingerprint is SHA256: KGMfnzeNErKlS8J / MYOBsnFKFl95VJ + BFm4FAYwKV6A. Are you sure you want to continue connecting (yes / no / [fingerprint])? yes Warning: Permanently added 'hpc.icm.edu.pl' (ECDSA) to the list of known hosts. OTP:
The procedure for removing the old keyprint is shown below.
regedit program (Windows system application).
Then, in the panel on the left, search for an entry in the tree:
HKEY_CURRENT_USER \ Software \ UserName \ PuTTY \ SshHostKeys
and in the window on the right, find the line containing the name 'hpc.icm.edu.pl', and then delete it.
To delete the old key, run the following command in the terminal:
ssh-keygen -f $ HOME/.ssh/known_hosts -R hpc.icm.edu.pl
The [pass] program https://www.passwordstore.org/ is a password manager that allows linux users to safely store their passwords on the local computer. For example:
$ pass remote_computers / icm -c Copied zdalne_kompociąg / icm is a clipboard. Will clear in 45 seconds.
When you are finished, log out with the command
or with the key combination
Ctrl + D.
User support and support for computational grants:
- E-mail: help (monkey) icm.edu.pl
- By phone: +48 22 8749 200