Having problems connecting to a JASMIN VM? Details of how to login to jasmin can be found here. This article can help to diagnose any problems.
Unable to login to jasmin-login1
If you are unable to login to jasmin-login1.ceda.ac.uk then the message you get back from your ssh command can help diagnose what is wrong. There are two main scenarios:
1) "connection closed" (or possibly "refused" or "rejected").
2) A banner message followed by "permission denied" (see image below):
If you get the "connection closed" message then the problem is likely to be with the network address of the computer you are trying to connect from. See Check network details. You will need to get this sorted before you can proceed any further.
If you get the "permission denied" message then the most likely cause is that the ssh key your client is presenting does not match the one in your jasmin account. If you have only recently uploaded your ssh key then remember it can take up to 20 minutes before the key becomes active, so you may need to wait a few minutes before trying again. Otherwise, check that you are running ssh-agent and have loaded the correct ssh key. This is described in detail in How to login and is summarised below:
$ exec ssh-agent $SHELL $ ssh-add ~/.ssh/id_rsa_jasmin $ ssh -A <user_id>@jasmin-login1.ceda.ac.uk
Other possible causes of "permission denied" are:
1) You are using the wrong username. Please check the account details that were emailed to you when you set up your jasmin account.
2) You have not yet been granted jasmin-login access or your access has expired. To check, go to List my services on the jasmin portal and check that "Login services: jasmin-login" is listed. If not then you either need to apply for jasmin-login access, or if you have already done this recently you may simply need to wait for it to be approved. Note that if you have applied for access to a group workspace you still need jasmin-login access in order to connect to jasmin machines.
3) You have changed the permissions on your home directory to allow world read access. If you think this may be the case you will need to contact Ceda support to get this fixed.
Can login to jasmin-login1 but can't then transfer to another machine
If you can login to jasmin-login1.ceda.ac.uk but are unable to then transfer to another jasmin vm there are 3 main possibilities:
1) You have not set up agent forwarding correctly on your local machine. This allows your ssh key to be used for logging in from jasmin-login1 to other machines. To check, run the following command from jasmin-login1:
[jasmin-login1]$ echo "$SSH_AUTH_SOCK"
This should display something that looks similar to (but not identical to) "/tmp/ssh-RNjiHr2844/agent.2844". If nothing is displayed then it indicates that agent forwarding is not working. Please read how to login and make sure you are running ssh-agent (or similar), have loaded your private key and are using the -A option on your ssh command for the connection to jasmin-login1.
2) The "sci" machines (e.g. jasmin-sci1.ceda.ac.uk) and "xfer" machines (e.g. jasmin-xfer1.ceda.ac.uk) should be available to all. However, some other machines are restricted to particular project participants and require special permission to use. If you have not done so, you may need to apply for access
3) There is a problem with the vm you are trying to connect to. Occasionally there may be problems with the machine you are trying to connect to. This is particularly true for jasmin-sci3.ceda.ac.uk, which is run very intensively and is therefore prone to problems. This may prevent you from logging in or ask you for a password. If you are asked for a password there is no point in trying to enter one as none of the machines will accept one. In this case please contact us
If you still have problems then please contact us . It would be helpful if you can include as much of the following information as possible:
- The ip address and full hostname of the machine you are trying to connect from.
- The date and time that you tried connecting (to the nearest minute if possible). This will help us to identify any relevant messages in our log files.
- The exact ssh command you are using
- Add "-vvv" to your ssh command and send us the the output (and include the ssh command itself)
- List the ssh keys directory on your local machine. On a linux machine this can be done with the command: "ls -l ~/.ssh"