Skip to content

SSH - login

Tip

ICM login: ssh username@hpc.icm.edu.pl. Logging in is done using a username (up to 8 letters, not an e-mail address). On some systems, an additional login step is possible/required from the hpc.icm.edu.pl computer, e.g. ssh rysy, ssh okeanos.

ssh_hpc

Info

From December 2020, logging in using the ssh protocol requires two-factor authentication (2FA - 2 Factors Authentication) with the use of TOTP (Time-based One-time Password) tokens.

Account name and password setting

When log in in for the first time, it is necessary to change the password.

Two-factor authorization (2FA - OTP)

When logging in using ssh to the hpc.icm.edu.pl server, the user provides the data (password / key) and then an additional request for OTP (One Time Password) appears, i.e. a one-time code, individual for everyone, generated using a special application. The generation of the OTP is the described in a separate instruction.

Create SSH Keys

Logging in can be authenticated by entering a password or by using a cryptographic key. The keys are more secure (and more convenient - you don't have to type a password every time).

# To generate SSH keys on the local computer use the command:
ssh-keygen
# Then copy the public key to the target server:
ssh-copy-id -i ~/.ssh/mykey.pub user@your.server.example.com
# Only you (and no other user) should be able to read the keys:
chmod 400 ~ /.ssh/mykey
# If you want to use an existing key, don't forget to add it to 'ssh agent' on the local machine
ssh-add ~/.ssh/mykey
# if `ssh-add` fails saying `Could not open a connection to your authentication agent.` you have to start the ssh-agent
eval `ssh-agent -s`

# logging in
ssh user@your.server.example.com
# logging in in with a specific key
ssh -o IdentitiesOnly = yes -i ~ / .ssh / example_rsa user@your.server.example.com
# logging in in using a password (instead of a key)
ssh -o PubkeyAuthentication = no user@your.server.example.com

Digital signature of the hpc.icm.edu.pl access machine

When logging in, the user's computer makes sure that it connects to the authorized hpc.icm.edu.pl machine. For this purpose, the cryptographic key imprint of the access machine is checked. When connecting for the first time, you must agree to adding hpc.icm.edu.pl to your friends list.

ssh username@hpc.icm.edu.pl
The authenticity of host 'hpc.icm.edu.pl (2001: 6a0: 2001: 2321 :: 79)' can't be established.
ECDSA key fingerprint is SHA256: KGMfnzeNErKlS8J / MYOBsnFKFl95VJ + BFm4FAYwKV6A.
Are you sure you want to continue connecting (yes / no / [fingerprint])? yes
Warning: Permanently added 'hpc.icm.edu.pl' (ECDSA) to the list of known hosts.
OTP:

The procedure for removing the old keyprint is shown below.

Windows

Run the regedit program (Windows system application). Then, in the panel on the left, search for an entry in the tree:

HKEY_CURRENT_USER \ Software \ UserName \ PuTTY \ SshHostKeys

and in the window on the right, find the line containing the name 'hpc.icm.edu.pl', and then delete it.

Linux

To delete the old key, run the following command in the terminal:

ssh-keygen -f $ HOME/.ssh/known_hosts -R hpc.icm.edu.pl

Password Manager

The [pass] program https://www.passwordstore.org/ is a password manager that allows linux users to safely store their passwords on the local computer. For example:

$ pass remote_computers / icm -c
Copied zdalne_kompociąg / icm is a clipboard. Will clear in 45 seconds.

Finishing work

When you are finished, log out with the command exit orlogout or with the key combination Ctrl + D.

Support

User support and support for computational grants:

  • E-mail: help (monkey) icm.edu.pl
  • By phone: +48 22 8749 200
Ta strona używa plików cookies.
Polityka Prywatności    AKCEPTUJĘ