The purpose of this document is to describe how to setup password-less logins between your desktop/laptop/office computer (running GNU/Linux), Enigma (the main department server and the head node for the cluster). If you run Cygwin on a Windows machine, then you can treat your computer as a GNU/Linux machine. Cygwin uses OpenSSH. Similarly, recent Apple computers running OS X use OpenSSH and the instructions for GNU/Linux can be applied.
You can check the version of your SSH program by typing ssh -V. On a relatively recent GNU/Linux distribution, it should say something like
zooey:> ssh -V OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003On Enigma, it says
enigma:> ssh -V OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
Note: If you have already generated public/private keys via ssh-keygen then you can skip this section and go on to "Setting up Logins". If you run ssh-keygen you will overwrite any keys that were generated previously.
On each computer that you routinely use run the command ssh-keygen -t dsa. This command creates public and private cryptography keys that can be used for authentication/login. During this process you will be prompted with some questions. Just hit ENTER until you get your command prompt back. In particular, you don't need to specify a passphrase. Just leave it blank.
You can look at your public key (it is an ASCII file) but it will appear as as bunch of random characters.
Copy your public key to Enigma, using scp:
scp id_dsa.pub firstname.lastname@example.org:.ssh/id_dsa-zooey.pubwhere you can replace zooey with the name of your computer. When running scp you will be prompted for your password. Now login to Enigma and cd to the .ssh directory. Add the contents of the public key file from your desktop/laptop/office computer to the end of your authorized_keys file and set the correct permissions:
cat id_dsa-zooey.pub >> authorized_keys chmod 600 authorized_keys
Execute puttygen.exe. Click "generate" and move your mouse around randomly in the blank area. Add a passphrase if you'd like, though I choose not to. Click 'Save private key' and type in a file name. Do not close puttygen yet.
SSH to enigma, cd to your .ssh directory and edit your "authorized_keys" file. Paste the text from puttygen in the area labeled "Public key for pasting into Open Ssh ..." into the end of your authorized_keys file and save it.
Open up putty. For the hostname type in YOUR_USER_NAME@enigma2.biostat.jhsph.edu. In the left had panel click on "ssh" and then "auth". Browse to you private key that saved earlier. In the left hand panel, click on "session" then under "saved session" type a name (I use enigma2.biostat.jhsph.edu as the name, this has benefits, but you can name it whatever you want). Then click on save. You should only have to do all of the previous steps once.
Now to get to enigma, open putty load your saved session and click on "open".
You can create a shortcut for this by right clicking in a directory then "new" then "shortcut". Have the target of the shortcut be:
"PATH TO PUTTY\PUTTY.EXE" -load "NAME OF SAVED PUTTY SESSION"
For example, mine is:
"C:\Users\my_dirname\putty\PUTTY.EXE" -load "enigma2.biostat.jhsph.edu"
Now you can double click on that icon and it will automatically bring up a putty session on enigma without requiring a password.
If you set up passwordless login and you are still being asked for a password, then you may have to fix the permissions of your .ssh directory. This shouldn't happen on enigma, but it does happen occasionally on other machines. The sshd daemon requires that the .ssh be readable by user and group only, not by others. To fix the permissions, execute the following command on the machine that you are trying to log into:
chmod o-rwx ~/.sshPlease report any corrections or suggestions regarding this document to bitsupport 'at' jhsph.edu