Site Policy
2017 年 05 月 28 日

For enhanced security, users who log in to the supercomputer system are requested to register public keys.

The procedure for making this transition is as follows:

1. Create a key pair at the user terminal.   Windows (Putty) / Windows (TeraTerm) / Mac/Linux 

2. Place the public key on the NIG gateway node.   Direct input form / File upload form 

3. Check that you can connect via SSH (login) to the NIG gateway node.

The transition procedure may differ depending on the type of user terminal. Please refer to the transition procedure for the terminal you are using.

Your registered public key will be added to the file ~/.ssh/authorized_keys on the supercomputer system.

If you need to make revisions, please edit this file yourself.

If you are unable to login or experience any other difficulties, please contact us here.

 

TRANSITION PROCEDURE FOR VARIOUS USER TERMINALS

Please follow the instructions below for the user terminal and software you are using.

If you use multiple types of terminals, then you will need to complete the transition procedure for each terminal type.

- Windows (Putty)

- Windows (TeraTerm)

- Mac/Linux

 

Windows (Putty)    back to top

(1) Create a key pair from the user terminal

To create keys in Putty, launch the program puttyegen.exe included in the Putty distribution.

putty1

For key type, select SSH-2 RSA. For Number of bits, select 2048. Then click Generate to create the keys.

 

putty2

Following the on-screen instructions, move your mouse in the white region of the window. The key will be created after a few tens of seconds.

 

putty3

After entering the key passphrase, click Save private key (save to id_rsa file) to create the file id_rsa.

 

(2) Placing your public key on the NIG gateway node

putty4

The upper portion of the dialog box (red frame) is the public key. Select all and copy, then paste directly into the input form to register the public key.

Direct input form

sshdirectjpg

Paste the key you copied above into the red-framed region at the bottom of the screen. Then click Public Key at the bottom of the page to register your key.

 

(3) Checking SSH connections to the NIG gateway node

Note: In the screen shots that follow, content not suitable for public release is replaced by asterisks (*****).

Connect from Windows (Putty)

putty c1

Open the Session page and enter

Host Name: gw.ddbj.nig.ac.jp / gw2.ddbj.nig.ac.jp

Port: 22

putty c2

Open the Connection-Auth page and check Try keyboard-interactive authentication (SSH-2)(I).

Select the private key you created using puttygen.

putty c3

To eliminate the need to configure settings in the future, enter a name into the Saved Sessions, then click Save to save your settings.

Then, the next time you launch Putty, select the appropriate session from the list, then click Load to retrieve your saved settings.

putty c4

After configuring settings, click Open to connect to the supercomputer system.

putty c5

Enter the User ID you use to login to the supercomputer system.

putty c6

Enter the passphrase you specified when creating keys using puttygen.

putty c7

This completes your login to the supercomputer system.

 

 

Windows (TeraTerm)    back to top

(1) Create a key pair from the user terminal

To create keys using TeraTerm, start by launching TeraTerm.

teraterm1

Select Setup-SSH KeyGenerator to create keys.

 

teraterm2

Set the key type to RSA and the Key Bits to 2048, then click Generate to create keys.

teraterm3

After entering your key passphrase, select Save Public Key (save to file id_rsa.pub) and then Save Private Key (save to file id_rsa) to create the files id_rsa and id_rsa.pub.

 

(2) Placing your public key on the NIG gateway node

Use the upload form to upload the file id_rsa.pub created in the previous step.

File upload form

sshupload

In the lower portion of the screen, click Select (framed in red). Select the file to upload from the file-selection window. Then click Register public key in the red-framed region at the bottom of the page.

 

(3) Checking SSH connections to the NIG gateway node

Start by launching TeraTerm.

teraterm c1

Enter the following input

Host Name: gw.ddbj.nig.ac.jp / gw2.ddbj.nig.ac.jp

Port: 22

Service: SSH

SSH version: SSH2

Then click OK.

teraterm c2

Enter the User name you use to login to the supercomputer system and the passphrase you specified when creating keys.

Select Use RAS/DSA key. Then select the Private key file you created and click OK.

teraterm c3

This completes your login to the supercomputer system.

 

 

Mac/Linux    back to top

(1) Create a key pair from the user terminal

Check whether OpenSSH is installed on the client you will be using. If it is not, please install it before proceeding.

To create keys on a Mac or Linux system, we will use the ssh-keygen command.

$ ssh-keygen -t rsa -b 2048                                                      (1)
Generating public/private rsa key pair.
Enter file in which to save the key (/home/temp/.ssh/id_rsa):                    (2)
Enter passphrase (empty for no passphrase):                                      (3)
Enter same passphrase again:                                                     (4)
Your identification has been saved in /home/temp/.ssh/id_rsa.
Your public key has been saved in /home/temp/.ssh/id_rsa.pub.
The key fingerprint is:
e5:23:f0:fc:b7:60:70:80:79:91:f2:f1:6d:a8:ae:90 temp@host

  (1) Create RSA version 2 keys of length 2048 bits.

  (2) Where to save key pair: Enter a path here only if you need to modify the default. To leave the default unchanged, just hit Enter.

  (3) Enter a passphrase.

  (4) Re-enter the same passphrase.

 

(2) Placing your public key on the NIG gateway node

$ ls ~/.ssh
id_rsa  id_rsa.pub
$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAznOdmkDHzjDpsNIhkl2VNjUXBlC3QePKDAzmu3FDCMgBYUDyiXAXLf85q25cylVq66gLUP63nlFJz4/SLO13w2Qf3Gyyj7ADJJZR3sD+Sf8vdlt2hShAT0kkKBmToBqv2Pqx2SfzRVedlyCE4YFieUVmZUkz95dxwSUklGXmQSvigkqCG86r0NlxCSMjYitDGWAyGMu37cvBYzH0+C2uthtbqTd1VYHfjtvewySSZsvbVVnjLme0Ah2cAyifVaSN4uslDBqkN62b3vaijoXPy9ieUzSP0/dgBhKN/m7yhnM/1s+foJnRI3wfDdqXPw3yOqPC/9EXrjnmdpEmpgMJTw== temp@host
$ 

Check the directory in which key pairs were saved to verify that the files id_rsa and id_rsa.pub were created.

The file id_rsa.pub is the public key. You may copy the content of this file and paste it into the direct input form to register your public key.

Alternatively, you may use the file upload form to upload the file id_rsa.pub.

Direct input form

sshdirectjpg

Paste the key you copied above into the red-framed region at the bottom of the screen. Then click Public Key at the bottom of the page to register your key.

File upload form

sshupload

In the lower portion of the screen click Select (framed in red). Select the file to upload from the file-selection window. Then click Register public key in the red-framed region at the bottom of the page.

(3) Checking SSH connections to the NIG gateway node

Use the ssh command to connect to the supercomputer system.

$ ssh <username>@gw.ddbj.nig.ac.jp
Enter passphrase for key '/    home/username/.ssh/id_rsa':
Last login: Fri Sep 19 13:28:19 2014 from gw.ddbj.nig.ac.jp
---------------------------------------------------------------------
Thank you for using supercomputer system.
This node is in use for login service only. Please use 'qlogin'.
---------------------------------------------------------------------
[username@gw ~]$

If you are asked to enter a passphrase, enter the passphrase you specified when creating keys.

When the authentication is complete, you have successfully logged in to the supercomputer system.

If you have stored your private key in a directory other than ~/.ssh/id_rsa, you may specify the private-key path using the -i command-line option to ssh.