JASMIN Help Site logo JASMIN Help Site logo
  • Docs 
  • Guides 
  • Training 
  • Discussions   
    •   Search this site  

Can't find what you're looking for?

Try our Google custom search, across all JASMIN sites

Docs
  • getting started
    • get started with jasmin
    • generate ssh key pair
    • get jasmin portal account
    • get login account
    • beginners training workshop
    • how to contact us about jasmin issues
    • jasmin status
    • jasmin training accounts
    • tips for new users
    • how to login
    • multiple account types
    • present ssh key
    • reconfirm email address
    • reset jasmin account password
    • ssh auth
    • storage
    • understanding new jasmin storage
    • update a jasmin account
  • interactive computing
    • interactive computing overview
    • check network details
    • login servers
    • login problems
    • graphical linux desktop access using nx
    • sci servers
    • tenancy sci analysis vms
    • transfer servers
    • jasmin notebooks service
    • jasmin notebooks service with gpus
    • creating a virtual environment in the notebooks service
    • project specific servers
    • dask gateway
    • access from vscode
  • batch computing
    • lotus overview
    • slurm scheduler overview
    • slurm queues
    • lotus cluster specification
    • how to monitor slurm jobs
    • how to submit a job
    • how to submit an mpi parallel job
    • example job 2 calc md5s
    • orchid gpu cluster
    • slurm status
    • slurm quick reference
  • software on jasmin
    • software overview
    • quickstart software envs
    • python virtual environments
    • additional software
    • community software esmvaltool
    • community software checksit
    • compiling and linking
    • conda environments and python virtual environments
    • conda removal
    • creating and using miniforge environments
    • idl
    • jasmin sci software environment
    • jasmin software faqs
    • jaspy envs
    • matplotlib
    • nag library
    • name dispersion model
    • geocat replaces ncl
    • postgres databases on request
    • running python on jasmin
    • running r on jasmin
    • rocky9 migration 2024
    • share software envs
  • data transfer
    • data transfer overview
    • data transfer tools
    • globus transfers with jasmin
    • bbcp
    • ftp and lftp
    • globus command line interface
    • globus connect personal
    • gridftp ssh auth
    • rclone
    • rsync scp sftp
    • scheduling automating transfers
    • transfers from archer2
  • short term project storage
    • apply for access to a gws
    • elastic tape command line interface hints
    • faqs storage
    • gws etiquette
    • gws scanner ui
    • gws scanner
    • gws alert system
    • install xfc client
    • xfc
    • introduction to group workspaces
    • jdma
    • managing a gws
    • secondary copy using elastic tape
    • share gws data on jasmin
    • share gws data via http
    • using the jasmin object store
    • configuring cors for object storage
  • long term archive storage
    • ceda archive
  • mass
    • external access to mass faq
    • how to apply for mass access
    • moose the mass client user guide
    • setting up your jasmin account for access to mass
  • for cloud tenants
    • introduction to the jasmin cloud
    • jasmin cloud portal
    • cluster as a service
    • cluster as a service kubernetes
    • cluster as a service identity manager
    • cluster as a service slurm
    • cluster as a service pangeo
    • cluster as a service shared storage
    • adding and removing ssh keys from an external cloud vm
    • provisioning tenancy sci vm managed cloud
    • sysadmin guidance external cloud
    • best practice
  • workflow management
    • rose cylc on jasmin
    • using cron
  • uncategorized
    • mobaxterm
    • requesting resources
    • processing requests for resources
    • acknowledging jasmin
    • approving requests for access
    • working with many linux groups
    • jasmin conditions of use
  • getting started
    • get started with jasmin
    • generate ssh key pair
    • get jasmin portal account
    • get login account
    • beginners training workshop
    • how to contact us about jasmin issues
    • jasmin status
    • jasmin training accounts
    • tips for new users
    • how to login
    • multiple account types
    • present ssh key
    • reconfirm email address
    • reset jasmin account password
    • ssh auth
    • storage
    • understanding new jasmin storage
    • update a jasmin account
  • interactive computing
    • interactive computing overview
    • check network details
    • login servers
    • login problems
    • graphical linux desktop access using nx
    • sci servers
    • tenancy sci analysis vms
    • transfer servers
    • jasmin notebooks service
    • jasmin notebooks service with gpus
    • creating a virtual environment in the notebooks service
    • project specific servers
    • dask gateway
    • access from vscode
  • batch computing
    • lotus overview
    • slurm scheduler overview
    • slurm queues
    • lotus cluster specification
    • how to monitor slurm jobs
    • how to submit a job
    • how to submit an mpi parallel job
    • example job 2 calc md5s
    • orchid gpu cluster
    • slurm status
    • slurm quick reference
  • software on jasmin
    • software overview
    • quickstart software envs
    • python virtual environments
    • additional software
    • community software esmvaltool
    • community software checksit
    • compiling and linking
    • conda environments and python virtual environments
    • conda removal
    • creating and using miniforge environments
    • idl
    • jasmin sci software environment
    • jasmin software faqs
    • jaspy envs
    • matplotlib
    • nag library
    • name dispersion model
    • geocat replaces ncl
    • postgres databases on request
    • running python on jasmin
    • running r on jasmin
    • rocky9 migration 2024
    • share software envs
  • data transfer
    • data transfer overview
    • data transfer tools
    • globus transfers with jasmin
    • bbcp
    • ftp and lftp
    • globus command line interface
    • globus connect personal
    • gridftp ssh auth
    • rclone
    • rsync scp sftp
    • scheduling automating transfers
    • transfers from archer2
  • short term project storage
    • apply for access to a gws
    • elastic tape command line interface hints
    • faqs storage
    • gws etiquette
    • gws scanner ui
    • gws scanner
    • gws alert system
    • install xfc client
    • xfc
    • introduction to group workspaces
    • jdma
    • managing a gws
    • secondary copy using elastic tape
    • share gws data on jasmin
    • share gws data via http
    • using the jasmin object store
    • configuring cors for object storage
  • long term archive storage
    • ceda archive
  • mass
    • external access to mass faq
    • how to apply for mass access
    • moose the mass client user guide
    • setting up your jasmin account for access to mass
  • for cloud tenants
    • introduction to the jasmin cloud
    • jasmin cloud portal
    • cluster as a service
    • cluster as a service kubernetes
    • cluster as a service identity manager
    • cluster as a service slurm
    • cluster as a service pangeo
    • cluster as a service shared storage
    • adding and removing ssh keys from an external cloud vm
    • provisioning tenancy sci vm managed cloud
    • sysadmin guidance external cloud
    • best practice
  • workflow management
    • rose cylc on jasmin
    • using cron
  • uncategorized
    • mobaxterm
    • requesting resources
    • processing requests for resources
    • acknowledging jasmin
    • approving requests for access
    • working with many linux groups
    • jasmin conditions of use
  1.   Interactive computing
  1. Home
  2. Docs
  3. Interactive computing
  4. Login servers

Login servers

 

Login  
Login  
Share via
JASMIN Help Site
Link copied to clipboard

Login servers

On this page
Available login servers   Features of login servers   Recent changes   How to use the login servers   Connecting to a sci server via a login server  

Available login servers  

There are four login servers available to access resources within JASMIN. Users with the jasmin-login access role can access the following servers via SSH .

 
All four login servers now have identical configuration and should be accessible from any network.
name
login-01.jasmin.ac.uk
login-02.jasmin.ac.uk
login-03.jasmin.ac.uk
login-04.jasmin.ac.uk

Features of login servers  

Login servers have minimal resources and software installed. They provide:

  • a means to access other resources within JASMIN (inside the STFC firewall)
  • access to your home directory (/home/users/<username>)
  • no analysis software
  • no access to group workspaces

Recent changes  

  • There is no longer any requirement for forward/reverse DNS lookup or any restriction by institutional domain.
  • You no longer need to register non-*.ac.uk domains with the JASMIN team.
  • This means all users can access all login servers (previously some users could only use particular ones)
  • As before, no filesystems other than the home directory are mounted.
  • Use only as a “hop” to reach other servers within JASMIN.
  • Make sure your SSH client is up to date. Check the version with ssh -V. If it’s significantly older than OpenSSH_8.7p1, OpenSSL 3.0.7, speak to your local admin team as it may need to be updated before you can connect securely to JASMIN.

See also How to login and other articles in the Getting started category.

See also NoMachine NX service which provides login to a graphical Linux desktop, rather than a single terminal window.

How to use the login servers  

For full details of how to log in, including making onward connections to other machines, please see the article “How to login”.

 

Users are not permitted to execute commands which require administrative privileges. This applies to all hosts in the managed part of JASMIN where users have SSH login access (for example login, nx, sci, xfer and hpxfer machines).

In other words, the use of su and sudo is not permitted.

Please be careful when typing commands, particularly if you have multiple terminal windows open on your own computer, that you do not accidentally attempt sudoon a JASMIN machine: expect some follow-up from the JASMIN team if you do!

Connecting to a sci server via a login server  

The connection via a login server can be done either with 2 hops, or using a login server as a Jump Host (-J):

  • 2 hops method:

ssh -A fred@login-01.jasmin.ac.uk
ssh fred@sci-vm-01.jasmin.ac.uk
# no -A needed for this step, if no onward connections from sci server
# now on sci server

  • Jump Host method:

ssh -A fred@sci-vm-01.jasmin.ac.uk -J fred@login-01.jasmin.ac.uk
# now on sci server

Alternatively, the same effect can be achieved with a ProxyJump directive in your local ~/.ssh/config file:

Host Sci1ViaLogin01
  User fred
  ForwardAgent yes
  HostName sci-vm-01.jasmin.ac.uk
  ProxyJump fred@login-01.jasmin.ac.uk

You could then simply connect to Sci1ViaLogin01:

ssh Sci1ViaLogin01
# now on sci server

If you don’t want to have to set up a separate alias for each machine that you want to log into, you can also set up a wildcard, for example:

Host *.jasmin.ac.uk
  User fred
  ForwardAgent yes

Host *.jasmin.ac.uk !login*.jasmin.ac.uk !xfer*.jasmin.ac.uk !nx*.jasmin.ac.uk
  ProxyJump login-01.jasmin.ac.uk

Then you when you connect to any JASMIN host (other than a login or transfer host), it will go via login-01:

ssh sci-vm-01.jasmin.ac.uk
# now on sci server

If on your local machine you have also set up a domain search path for hostname lookups that includes jasmin.ac.uk so that you can use short hostnames e.g. ssh sci-vm-01, then you will also need to add the following lines so that ssh converts these to full hostnames – otherwise the above wildcard will not match when you do this.

CanonicalizeHostname yes
CanonicalDomains jasmin.ac.uk

This sort of configuration is useful for connections needed by remote editing/development tools such as VSCode. The example above relies on having your key loaded locally in an ssh-agent.

An alternative is to include a line specifying the location of your key, so you’ll then be prompted for your passphrase whenever you connect:

Host Sci1ViaLogin01
  User fred
  ForwardAgent yes
  HostName sci-vm-01.jasmin.ac.uk
  ProxyJump fred@login-01.jasmin.ac.uk
  IdentityFile ~/.ssh/id_ecdsa_jasmin
Last updated on 2025-02-05 as part of:  Update login-servers.md (5748988bd)
On this page:
Available login servers   Features of login servers   Recent changes   How to use the login servers   Connecting to a sci server via a login server  
Follow us

Social media & development

   

Useful links

  • CEDA Archive 
  • CEDA Catalogue 
  • JASMIN 
  • JASMIN Accounts Portal 
  • JASMIN Projects Portal 
  • JASMIN Cloud Portal 
  • JASMIN Notebooks Service 
  • JASMIN Community Discussions 

Contact us

  • Helpdesk
UKRI/STFC logo
UKRI/NERC logo
NCAS logo
NCEO logo
Accessibility | Terms and Conditions | Privacy and Cookies
Copyright © 2025 Science and Technology Facilities Council.
Hinode theme for Hugo licensed under Creative Commons (CC BY-NC-SA 4.0).
JASMIN Help Site
Code copied to clipboard