Generate an SSH key pair
This article explains how to create an SSH key pair for logging in to JASMIN. It covers:
- The shell terminal
ssh-keygento create an SSH key pair
- Converting a PuTTYGen private key for use with MobaXterm (Windows only)
Note: You can also use this procedure to update an existing SSH key pair for JASMIN. However, if you are experiencing problems logging in to JASMIN you are advised to first check Login problems and then contact CEDA support before changing your key. Once you have created your SSH key pair it will need to be uploaded to the JASMIN accounts portal. If this is the first time you have created a key pair then this will be done when you create an account on the portal (Step 2 of Get Started with JASMIN). If you are updating your key for an existing account then you will need to update it in your JASMIN profile.
The shell terminal
Generating an SSH key pair requires an SSH client and a Shell terminal. Linux and Mac users can use a standard terminal which is very likely to have SSH installed. Windows users are advised to install the MobaXterm application which provides a linux-style terminal with all the relevant utilities included. Figures 1 and 2 show example terminal windows on a Mac and Windows (using MobaXterm).
Figure 1. Screenshot of a shell terminal on a Mac
Figure 2. Screenshot of a shell terminal using the MobaXterm client on Windows.
Using ssh-keygen to create an SSH key pair
The Linux command
ssh-keygen should be used in order to generate your SSH key pair. Open a terminal and generate your public and private SSH keys, as follows (replace the e-mail address with your own, and ignore the "$" which is simply the command prompt):
$ ssh-keygen -t rsa -b 2048 -C "firstname.lastname@example.org" -f ~/.ssh/id_rsa_jasmin
At the prompt, type a secure passphrase to protect your SSH private key. This is a requirement for access to JASMIN machines. Use a new, different passphrase whenever you generate a new key.
The output will look something like this:
Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): <ADD PASSPHRASE HERE> Enter same passphrase again: <REPEAT PASSPHRASE HERE> Your identification has been saved in /home/users/meuser/.ssh/id_rsa_jasmin. Your public key has been saved in /home/users/meuser/.ssh/id_rsa_jasmin.pub. The key fingerprint is: 74:14:95:8a:31:73:cc:5c:af:be:91:04:01:c2:39:0b email@example.com
ssh-keygen will generate two files in your
id_rsa_jasminis the private SSH key file which is passphrase protected and should not be shared with others. The file should have permission "400", i.e. readable only by you
id_rsa_jasmin.pubis the public SSH key file which you need to share in order to access JASMIN
Converting a PuTTYGen SSH private key for use with MobaXterm (Windows only)
If you have previously used the PuTTY utilities to login to JASMIN and you wish to move over to using MobaXterm then please see these instructions to convert your SSH private key from the PuTTYGen format to the OpenSSH format (as used by Linux/Mac). Please save your resulting OpenSSH key as
id_rsa_jasmin in your