Generate SSH Keys and Activate Your OSG Login¶
OSG Connect requires SSH-key-based logins. You need to follow a two-step process to set up the SSH key to your account.
Generate a SSH key pair.
Add your public key to the submit host by uploading it to your OSG Connect user profile (via the OSG Connect website).
After completing the process, you can log in from a local computer (your laptop or desktop) to the OSG Connect login node assigned using either ssh or an ssh program like Putty -- see below for more details on logging in.
NOTE: Please do not edit the authorized keys file on the login node.
Step 1: Generate SSH Keys¶
We will discuss how to generate a SSH key pair for two cases:
- "Unix" systems (Linux, Mac) and certain, latest versions of Windows
- Older Windows systems
Please note: The key pair consist of a private key and a public key. You will upload the
public key to OSG Connect, but you also need to keep a copy of the private key to log in!
You should keep the private key on machines that you have direct access to, i.e. your local computer (your laptop or desktop).
Unix-based operating system (Linux/Mac) or latest Windows 10 versions¶
We will create a key in the .ssh directory of your computer. Open a terminal on your local computer and run the following commands:
mkdir ~/.ssh chmod 700 ~/.ssh ssh-keygen -t rsa
For the newer OS versions the .ssh directory is already created and the first command is redundant. The last command will produce a prompt similar to
Generating public/private rsa key pair. Enter file in which to save the key (/home/<local_user_name>/.ssh/id_rsa):
Unless you want to change the location of the key, continue by pressing enter. Now you will be asked for a passphrase. Enter a passphrase that you will be able to remember and which is secure:
Enter passphrase (empty for no passphrase): Enter same passphrase again:
When everything has successfully completed, the output should resemble the following:
Your identification has been saved in /home/<local_user_name>/.ssh/id_rsa. Your public key has been saved in /home/<local_user_name>/.ssh/id_rsa.pub. The key fingerprint is: ...
The part you want to upload is the content of the
.pub file (~/.ssh/id_rsa.pub)
The following video demonstrates the key generation process from the terminal
Windows, using Putty to log in¶
If you can connect using the
ssh command within the Command Prompt (Windows 10 build version 1803 and later), please follow the Mac/Linux directions above. If not,
continue with the directions below.
PuTTYgenprogram. You can download
PuttyGenhere: PuttyGen Download Page, scroll down until you see the
For Type of key to generate, select RSA or SSH-2 RSA.
Click the "Generate" button.
Move your mouse in the area below the progress bar. When the progress bar is full, PuTTYgen generates your key pair.
Type a passphrase in the "Key passphrase" field. Type the same passphrase in the "Confirm passphrase" field. You can use a key without a passphrase, but this is not recommended.
Click the "Save private key" button to save the private key. You must save the private key. You will need it to connect to your machine.
Right-click in the text field labeled "Public key for pasting into OpenSSH authorized_keys file" and choose Select All.
Right-click again in the same text field and choose Copy.
Step 2: Add the public SSH key to login node¶
To add your public key to the OSG Connect log in node:
Go to www.osgconnect.net and sign in with the institutional identity you used when requesting an OSG Connect account.
Click "Profile" in the top right corner.
Click the "Edit Profile" button located after the user information in the left hand box.
Copy/paste the public key which is found in the
.pubfile into the "SSH Public Key" text box. The expected key is a single line, with three fields looking something like
ssh-rsa ASSFFSAF... user@host. If you used the first set of key-generating instructions it is the content of
~/.ssh/id_rsa.puband for the second (using PuTTYgen), it is the content from step 7 above.
Click "Update Profile"
The key is now added to your profile in the OSG Connect website. This will automatically be added to the login nodes within a couple hours.
Can I Use Multiple Keys?¶
Yes! If you want to log into OSG Connect from multiple computers, you can do so by generating a keypair on each computer you want to use, and then adding the public key to your OSG Connect profile.
After following the steps above to upload your key and it's been a few hours, you should be able to log in to OSG Connect.
Determine which login node to use¶
Before you can connect, you will need to know which login node your account is assigned to. You can find this information on your profile from the OSG Connect website.
Go to www.osgconnect.net and sign in with your CILogin.
Click "Profile" in the top right corner.
The assigned login nodes are listed in the left side box. Make note of the address of your assigned login node as you will use this to connect to OSG Connect.
For Mac, Linux, or newer versions of Windows¶
Open a terminal and type in:
It will ask for the passphrase for your ssh key (if you set one) and then you should be logged in.
For older versions of Windows¶
On older versions of Windows, you can use the Putty program to log in.
PutTTYprogram. If necessary, you can download PuTTY from the website here PuTTY download page.
Type the address of your assigned login node as the hostname (see "Determine which login node to use" above).
In the left hand menu, click the "+" next to "SSH" to expand the menu.
Click "Auth" in the "SSH" menu.
Click "Browse" and specify the private key file you saved in step 5 above.
Return to "Session".
a. Name your session
b. Save session for future use
- Click "Open" to launch shell. Provide your ssh-key passphrase (created at Step 4 in PuTTYgen) when prompted to do so. The following video demonstrates the key generation and login process from the Putty
For assistance or questions, please email the OSG Research Facilitation team at email@example.com or visit the help desk and community forums.