Skip to content

Using SSH Keys To Access HPG

After a new account is created on HiPerGator (HPG) you, as the account's owner, can log in using your credentials (GatorLink username and password for UF users). Mis-typing the credentials several times will result in a security system block of the user's IP address and can be slow. For convenience and speed, it may be useful to set up a SSH key pair to use.

Create an SSH Key Pair

Background

SSH key access means using a pair of keys - private and public:

  1. A private key is stored on the computer you are connecting from. The private key acts as the identity file (the key part of the lock/key mechanism). Use a good passphrase to protect the private key in case it is accessed by someone else. Use an SSH agent to store it, so you only have to type the passphrase in once when starting the computer or the terminal application.
  2. A public key can be copied to any and all systems you want to connect to and can be described as a specification for the 'lock' part of the lock/key ssh mechanism, which tells the system to look for a match from the private key part of the pair.

Create SSH Keys

The default cipher for ssh keys is RSA. However, this no longer recommended as it is less secure. We recommend users to use a ED25519 cipher when generating new keys in HiPerGator.

  • Generate a key on Linux/Mac
    • ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "Comment to make the key recognizable among many"
  • Generate a key on Windows
    • ssh-keygen -t ed25519 -C "Comment to make the key recognizable among many" If you're on windows you can also accomplish this with Putty instead following the Create SSH Keys Using Putty guide.

Configure SSH on your local (client) computer

Add the following configuration at the top of the \~/.ssh/config file.

Host *
  AddKeysToAgent yes
  IdentityFile ~/.ssh/id_ed25519
  • If you're on Mac, add another line with UseKeychain yes

Add the following example configuration to \~/.ssh/config for HiPerGator replacing '[your username]' with your actual HPG username:

Host hpg
    User [your username]
    HostName hpg.rc.ufl.edu
    Port 2222
    ControlPath ~/.ssh/cm-%r@%l-%h:%p
    ControlMaster auto

Enable SSH Key Access on HiPerGator

On macOS or Linux, run the following command to copy your public key to HiPerGator:

``` bash
ssh-copy-id -i ~/.ssh/id_ed25519 USER@hpg.rc.ufl.edu
```

On Windows, you'll need to manually add your public key to the ~/.ssh/authorized_keys file on HiPerGator. To do this, SSH into HiPerGator, then edit the ~/.ssh/authorized_keys file using a text editor, for example, nano:

```
nano $HOME/.ssh/authorized_keys
```

You can also use a text editor (vi, vscode, etc) in a terminal or a console session in Open OnDemand to edit \~/.ssh/authorized_keys file.

There will likely already be entries for keys that were generated for your account automatically. Please select copy the data from your locally generated key file in .ssh folder. Use the arrow keys to navigate to the bottom of the list in the authorized_keys file and paste the data using right click.

After you have pasted the information in the file, press the CTRL and o keys at the same time followed by Enter to write out the file. Then press the CTRL and x keys at the same time to exit the editor.

Congratulations your key is now authorized to login to your account on HPG.

SSH into HiPerGator Using an SSH Key

To SSH into HiPerGator using your SSH keys, run the following command:

``` bash
ssh -p 2222 [your_username]@hpg.rc.ufl.edu
```

Note that federated users must use the default port 22 with SSH key authentication, so they should not specify the port in the command.

After completing these steps, you should be able to securely access HiPerGator using your SSH key pair. Remember, never share your private SSH key, as it acts as your password and must be kept secure.

If you encounter any issues or have additional questions, please don't hesitate to reach out to the HiPerGator support for further assistance.