Using SSH Keys
Categories:
To use your SSH key to log in to another remote machine, you must copy the public key file to the remote machine. For use at the SDCC, you can use the SSH key file upload form to upload your public key file (the one with the .pub extension) to the facility. Your public key will be stored in LDAP and will be available on all of the gateway machines. When you log into one of the gateway machines after uploading your key, you will be prompted to enter the passphrase for your private key (the passphrase and private key remain on your local machine and never be transmitted over the network). After successfully entering your passphrase, you will be logged into the gateway. To avoid typing your passphrase each time you log in, please refer to the SSH agent page.
If your browser dialog does not display your .ssh directory or files because they are hidden, see these instructions.
SSH Keys on Multiple Machines
You can only upload and use one SSH key at a time at the SDCC. If you own multiple machines (e.g., a desktop and a laptop), then you can generate a public/private key pair on one machine, upload the public key to the LDAP server, and copy the private key to your other machines.
If your public key ends with a [username]@[host] string that does not directly follow an equals character (’=’), the [username]@[host] string serves as a host restriction and must be removed from the public key before the key can be used from another machine. A [username]@[host] string that immediately follows ’=’ at the end of the public key is merely a comment and can be ignored or removed.
Note: If you want to move keys between a Windows machine running PuTTY and a Linux machine, then you will have to convert the format of the key since PuTTY uses a different format from OpenSSH. To do so, see the Using An Existing Windows Key Pair on a Linux Machine section of the Working With SSH Key Pairs page. If you use Cygwin, the key files should be fully compatible, since OpenSSH is the version of SSH implemented in Cygwin.
Using Multiple SSH Keys
If you need to use multiple different SSH keys in order to access remote locations in addition to SDCC, a few options are available:
- Add the
-iflag to your SSH client command and specify the path to your desired private key (e.g.,ssh -i ~/.ssh/id_rsa_2). - Load all necessary keys into your SSH agent.
- Configure your SSH client to load the required key when connecting to each host, via the
IdentityFileconfiguration directive in your.ssh/configfile, along with the host name, your user name, and an alias, if desired, e.g.:
Host your_alias yourhost.sdcc.bnl.gov
HostName yourhost.sdcc.bnl.gov
IdentityFile ~/.ssh/your-private_key
User your_user_name
```
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.