JASMIN Help Site logo JASMIN Help Site logo
  • Docs 
  • Guides 
  • Training 
  • Discussions   
    •   Search this site  

Can't find what you're looking for?

Try our Google custom search, across all JASMIN sites

Docs
  • getting started
    • get started with jasmin
    • generate ssh key pair
    • get jasmin portal account
    • get login account
    • beginners training workshop
    • how to contact us about jasmin issues
    • jasmin status
    • jasmin training accounts
    • tips for new users
    • how to login
    • multiple account types
    • present ssh key
    • reconfirm email address
    • reset jasmin account password
    • ssh auth
    • storage
    • understanding new jasmin storage
    • update a jasmin account
  • interactive computing
    • interactive computing overview
    • check network details
    • login servers
    • login problems
    • graphical linux desktop access using nx
    • sci servers
    • tenancy sci analysis vms
    • transfer servers
    • jasmin notebooks service
    • jasmin notebooks service with gpus
    • creating a virtual environment in the notebooks service
    • project specific servers
    • dask gateway
    • access from vscode
  • batch computing
    • lotus overview
    • slurm scheduler overview
    • slurm queues
    • lotus cluster specification
    • how to monitor slurm jobs
    • how to submit a job
    • how to submit an mpi parallel job
    • example job 2 calc md5s
    • orchid gpu cluster
    • slurm status
    • slurm quick reference
  • software on jasmin
    • software overview
    • quickstart software envs
    • python virtual environments
    • additional software
    • community software esmvaltool
    • community software checksit
    • compiling and linking
    • conda environments and python virtual environments
    • conda removal
    • creating and using miniforge environments
    • idl
    • jasmin sci software environment
    • jasmin software faqs
    • jaspy envs
    • matplotlib
    • nag library
    • name dispersion model
    • geocat replaces ncl
    • postgres databases on request
    • running python on jasmin
    • running r on jasmin
    • rocky9 migration 2024
    • share software envs
  • data transfer
    • data transfer overview
    • data transfer tools
    • globus transfers with jasmin
    • bbcp
    • ftp and lftp
    • globus command line interface
    • globus connect personal
    • gridftp ssh auth
    • rclone
    • rsync scp sftp
    • scheduling automating transfers
    • transfers from archer2
  • short term project storage
    • apply for access to a gws
    • elastic tape command line interface hints
    • faqs storage
    • gws etiquette
    • gws scanner ui
    • gws scanner
    • gws alert system
    • install xfc client
    • xfc
    • introduction to group workspaces
    • jdma
    • managing a gws
    • secondary copy using elastic tape
    • share gws data on jasmin
    • share gws data via http
    • using the jasmin object store
    • configuring cors for object storage
  • long term archive storage
    • ceda archive
  • mass
    • external access to mass faq
    • how to apply for mass access
    • moose the mass client user guide
    • setting up your jasmin account for access to mass
  • for cloud tenants
    • introduction to the jasmin cloud
    • jasmin cloud portal
    • cluster as a service
    • cluster as a service kubernetes
    • cluster as a service identity manager
    • cluster as a service slurm
    • cluster as a service pangeo
    • cluster as a service shared storage
    • adding and removing ssh keys from an external cloud vm
    • provisioning tenancy sci vm managed cloud
    • sysadmin guidance external cloud
    • best practice
  • workflow management
    • rose cylc on jasmin
    • using cron
  • uncategorized
    • mobaxterm
    • requesting resources
    • processing requests for resources
    • acknowledging jasmin
    • approving requests for access
    • working with many linux groups
    • jasmin conditions of use
  • getting started
    • get started with jasmin
    • generate ssh key pair
    • get jasmin portal account
    • get login account
    • beginners training workshop
    • how to contact us about jasmin issues
    • jasmin status
    • jasmin training accounts
    • tips for new users
    • how to login
    • multiple account types
    • present ssh key
    • reconfirm email address
    • reset jasmin account password
    • ssh auth
    • storage
    • understanding new jasmin storage
    • update a jasmin account
  • interactive computing
    • interactive computing overview
    • check network details
    • login servers
    • login problems
    • graphical linux desktop access using nx
    • sci servers
    • tenancy sci analysis vms
    • transfer servers
    • jasmin notebooks service
    • jasmin notebooks service with gpus
    • creating a virtual environment in the notebooks service
    • project specific servers
    • dask gateway
    • access from vscode
  • batch computing
    • lotus overview
    • slurm scheduler overview
    • slurm queues
    • lotus cluster specification
    • how to monitor slurm jobs
    • how to submit a job
    • how to submit an mpi parallel job
    • example job 2 calc md5s
    • orchid gpu cluster
    • slurm status
    • slurm quick reference
  • software on jasmin
    • software overview
    • quickstart software envs
    • python virtual environments
    • additional software
    • community software esmvaltool
    • community software checksit
    • compiling and linking
    • conda environments and python virtual environments
    • conda removal
    • creating and using miniforge environments
    • idl
    • jasmin sci software environment
    • jasmin software faqs
    • jaspy envs
    • matplotlib
    • nag library
    • name dispersion model
    • geocat replaces ncl
    • postgres databases on request
    • running python on jasmin
    • running r on jasmin
    • rocky9 migration 2024
    • share software envs
  • data transfer
    • data transfer overview
    • data transfer tools
    • globus transfers with jasmin
    • bbcp
    • ftp and lftp
    • globus command line interface
    • globus connect personal
    • gridftp ssh auth
    • rclone
    • rsync scp sftp
    • scheduling automating transfers
    • transfers from archer2
  • short term project storage
    • apply for access to a gws
    • elastic tape command line interface hints
    • faqs storage
    • gws etiquette
    • gws scanner ui
    • gws scanner
    • gws alert system
    • install xfc client
    • xfc
    • introduction to group workspaces
    • jdma
    • managing a gws
    • secondary copy using elastic tape
    • share gws data on jasmin
    • share gws data via http
    • using the jasmin object store
    • configuring cors for object storage
  • long term archive storage
    • ceda archive
  • mass
    • external access to mass faq
    • how to apply for mass access
    • moose the mass client user guide
    • setting up your jasmin account for access to mass
  • for cloud tenants
    • introduction to the jasmin cloud
    • jasmin cloud portal
    • cluster as a service
    • cluster as a service kubernetes
    • cluster as a service identity manager
    • cluster as a service slurm
    • cluster as a service pangeo
    • cluster as a service shared storage
    • adding and removing ssh keys from an external cloud vm
    • provisioning tenancy sci vm managed cloud
    • sysadmin guidance external cloud
    • best practice
  • workflow management
    • rose cylc on jasmin
    • using cron
  • uncategorized
    • mobaxterm
    • requesting resources
    • processing requests for resources
    • acknowledging jasmin
    • approving requests for access
    • working with many linux groups
    • jasmin conditions of use
  1.   Getting Started
  1. Home
  2. Docs
  3. Getting Started
  4. Generate an SSH key pair

Generate an SSH key pair

 

Share via
JASMIN Help Site
Link copied to clipboard

Generate an SSH key pair

On this page
SSH client and terminal   Using ssh-keygen to create an SSH key pair  

This article explains how to create an SSH key pair for logging in to JASMIN.

You can also use this procedure to update an existing SSH key pair for JASMIN. However, if you are experiencing problems logging in to JASMIN you are advised to first check Login problems before changing your key. Once you have created your SSH key pair, the public key will need to be uploaded to your JASMIN profile  . If this is the first time you have created a key pair then this will be done when you create an account on the accounts portal (Step 2 of Get Started with JASMIN).

SSH client and terminal  

Generating an SSH key pair requires an SSH client, usually an application which functions as a terminal: a text-based environment where you type commands to make things happen. Linux and Mac users can use a standard terminal which is very likely to have SSH installed. Windows users are advised to find a suitable SSH client to use or install on their machine. Suggestions are:

  • MobaXterm (requires license), provides a Linux-style terminal with all the relevant command-line and some GUI utilities included. Figures 1 and 2, below, show example terminal windows on a Mac, and Windows (using MobaXterm).
  • Windows OpenSSH client  an optional feature in Windows 10 or 11, but usually installed by default.
  • PuTTY  set of SSH tools (includes PuTTYgen GUI tool for generating keys, and Pageant ssh-agent)

There are many more, but if you stick to one of these three, which are known to us, then potentially we can help you if you run into difficulties.

Mac terminal
Mac terminal
Terminal using Mobaxterm client on Windows
Terminal using Mobaxterm client on Windows

Using ssh-keygen to create an SSH key pair  

 
As of November 2024 you are now recommended to use an ECDSA key (instead of RSA), for better compatibility with some services. Please note the updated command and filenames generated.

The Linux command ssh-keygen should be used to generate your SSH key pair. Open a terminal and generate your public and private key, as follows, replacing the e-mail address with your own:

ssh-keygen -m PEM -t ecdsa -b 521 -C "me@somewhere.ac.uk" -f ~/.ssh/id_ecdsa_jasmin

(Here, ~/ or $HOME both mean “your home directory”. The equivalent on Windows is %USERPROFILE%)

The equivalent using the graphical PuTTYgen or MobaKeyGen tools is with these settings: choose these before clicking “Generate”

Settings for ECDSA key in PuTTYgen (same for MobaKeyGen). Choose settings before clicking Generate.
Settings for ECDSA key in PuTTYgen (same for MobaKeyGen). Choose settings before clicking Generate.
When prompted, type a secure passphrase to protect your SSH private key. This is a requirement for access to JASMIN machines. Use a new, different passphrase whenever you generate a new key. Note that nothing is echoed to the screen when you enter your passphrase, so it may look like it is not working.

The output from the command-line tools will look something like this: 

Generating public/private ecdsa key pair.
Enter passphrase (empty for no passphrase): <ADD PASSPHRASE HERE>
Enter same passphrase again: <REPEAT PASSPHRASE HERE>
Your identification has been saved in /home/users/meuser/.ssh/id_ecdsa_jasmin.
Your public key has been saved in /home/users/meuser/.ssh/id_ecdsa_jasmin.pub.
The key fingerprint is:
74:14:95:8a:31:73:cc:5c:af:be:91:04:01:c2:39:0b me@somewhere.ac.uk

Running ssh-keygen will generate two files in your $HOME/.ssh/ directory:

  • id_ecdsa_jasmin - private key file (which should have permission “600”, i.e. read/write only by you)
  • id_ecdsa_jasmin.pub - public key file

The public key file is the part that you need to share in order to access JASMIN. Windows may mistakenly associated the *.pub file with Microsoft Publisher so don’t try to double-click it. When you need to copy & paste its contents to upload to your JASMIN profile, use a simple text editor (like Notepad).

Make sure the file is stored in a directory called .ssh in your home directory (~/.ssh, $HOME/.ssh or %USERPROFILE%\.ssh on Windows, or ${env:UserProfile}\.ssh in PowerShell). Storing it elsewhere sometimes causes problems with permissions, but it’s also good to keep keys in one place so that they can be kept securely.

 
The private key file should be protected and not shared with others. It should stay on your local machine: Do not copy your private key to anywhere on JASMIN.
Last updated on 2024-12-13 as part of:  Restoring email argument to ssh-keygen commands (f2061e4d6)
On this page:
SSH client and terminal   Using ssh-keygen to create an SSH key pair  
Follow us

Social media & development

   

Useful links

  • CEDA Archive 
  • CEDA Catalogue 
  • JASMIN 
  • JASMIN Accounts Portal 
  • JASMIN Projects Portal 
  • JASMIN Cloud Portal 
  • JASMIN Notebooks Service 
  • JASMIN Community Discussions 

Contact us

  • Helpdesk
UKRI/STFC logo
UKRI/NERC logo
NCAS logo
NCEO logo
Accessibility | Terms and Conditions | Privacy and Cookies
Copyright © 2025 Science and Technology Facilities Council.
Hinode theme for Hugo licensed under Creative Commons (CC BY-NC-SA 4.0).
JASMIN Help Site
Code copied to clipboard