Skip to content

SSH Access to PubAppsΒΆ

Review and update the acess list regularly

Developers and maintainers of web applications hosted in the PubApps infrastructure can access servers an VMs via ssh from HiPerGator. Access is governed by public ssh keys added to the ~/.ssh/authorized_keys file of the respective instance or service user account in PubApps.

During the initial PubApps instance setup RC staff will add the public keys of the group sponsor and the initially indicated HiPerGator users. After the instance is in use project members with existing access are encouraged to manage the authorized keys as needed, adding new project members or removing the keys of the no longer active project members from the ~/.authorized_keys file of the respective instance service user account.

If you would like to request help from RC staff to manage authorized keys in pubapps please open an RCSupport ticket, indicate the project/service user account to be modified, and list the HPG user(s) whose key(s) are to be added to the authorized key list. RC staff will ask for confirmation from the project sponsor or the project lead/manager before any keys can be added and the support ticket will serve as an audit log for the change.

Below is an example of an ~/.ssh/authorized_keys file for a pubapps instance user. Note: each entry must be a single line with three space-separated components 1. Key type (ssh-ed25519 or ssh-rsa). 2. Public HPG key as a single uninterrupted line. 3. Comment to help identify the key owner.

ed25519 keys are preferred as the public keys are short and easier to manage than long line rsa keys.

~/.ssh/authorized_keys 

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICuP4A4XKF04EEEJ9Bam3TIcd2BVT4b5ZIanoDYw5+RP projectsponsor@HPG
ssh-rsa AAAAB3NzaC1yc2EAAA...rm8a5myKR6lxicWZtNj9I7NLbWhnIhx/Slted6d9dzs9W+8HGd295ZAdkMHqP9FpPs93= projectmember@HPG

Once a public key is added to the list the corresponding user will be able to log into the hosting VM as the service user.

We recommend adding a ssh configuration to your ~/.ssh/config SSH configuration file on HiPerGator to make access to the instance user account in a hosting VM more convenient. For example, the following config will allow you to ssh into your 'pubapps' VM without having to remember the exact instance servie user name or the VM hostname.

Host pubapps
  HostName pubmygroup1
  User groupserviceuser