Accessing Tycho

From Tycho
Jump to navigation Jump to search

After getting an account (following the instructions here), you can now log into Tycho using ssh.

SSH into the frontends

Open your terminal, and type: 

>>ssh username@astro06.hpc.ku.dk

In "username", replace it with your username. You will be prompted to type your password. Do so, press enter, and then you will be in the frontend. You should see something like this: 

Last login: Mon Nov  6 09:33:04 2023 from 130.225.188.XX
[username@astro06 ~]$

This way you logged into the astro06 frontend. You can also log in to the other frontends (astro01 and astro02).

Quality of Life Improvements

Shortening the access prompt

You can shorten the command that you need to write to log into the cluster by adding this line to the ~/.ssh/config file: 

Host astro06        User username        HostName astro06.hpc.ku.dk

Once you have that, you can log in writing 

>>ssh astro06

Aliasing the access prompt

If you will be using a bash command very often, it is sometimes useful to make an alias. You can do this by adding this line to your ~/.bashrc file (using vim or nano): 

alias tycho='ssh astro06'

Once you do this, write source ~/.bashrc in the Terminal, and then you can log in to the astro06 frontend by just typing tycho .

Do not use the ssh option -Y, which "enables trusted X11 forwarding". This means, basically, that you turn off some essential X security features and say "I trust the remote host completely".

Passwordless access

There is one more quality of life improvement to log into the cluster, which will let you log in without having to write your password every time.

First, we generate a key writing: 

ssh-keygen -t ed25519

With the option t we specify the encryption type. You will be asked for the filename, you can just press enter and use the default. Then, you will be asked for a passphrase to protect your personal key.

You should NOT under any circumstances use an empty pass phrase; it is not necessary for convenience reasons (see below), and could endanger your access to remote supercomputers. Use instead really a "pass phrase"; a relatively long expression, which need not have the character of a password (such as "Carlsberg is probably the best beer in the world").

There will be stored two keys (id_rsa and id_rsa.pub) in the hidden folder ~/.ssh/ on your client. Note that if you specified a particular name for the key when generating it, the keys will appear with the file name you specified.

You need to copy your public key to the accepted key list of on your host machine (authorized_keys). We do this by writing: 

cat ~/.ssh/id_rsa.pub | ssh username@astro06.hpc.ku.dk 'cat >> .ssh/authorized_keys'

Now if you try to log in, you will be prompted to write the passphrase. Instead of writing the passphrase, do 

ssh-add

to add the passphrase once and for all. Once you do this, you will be able to log in without having to write your password.

If for some reason no ssh-agent is running on an intermediate host, then as an alternative you can forward your ssh-credentials from your laptop, by using ssh -A to login to astro0X, and continuing an ssh from there (having stored the id_rsa.pub from your laptop on the remote supercomputer). Finally, if for some reason you start out from a place (such a just a command window) where no ssh-agent is running, you can just start one, by doing ssh-agent bash, this starts an ssh-agent, which starts bash (or tcsh) as a descendant. Then execute "ssh-add", and you're free from typing the pass phrase, for as long as you keep the ssh-agent running.

Retrieved from "https://wiki.nbi.ku.dk/w/tycho/index.php?title=Accessing_Tycho&oldid=121"