Set Up an SSH Key¶
SSH keys allow you to conveniently authenticate to remote computers by allowing you to connect to them without entering your passsword each time.
This procedure is meant to be done on your local machine.
This procedure should work for Windows, MacOS and Linux users. If you are on Windows and the command below does not work in PowerShell, you must install Git Bash.
1) Generate the Key¶
Open the git bash command line and enter:
Follow the prompts. It is highly recommended that you use a secure password for your key. It is recommended that you use the default location suggested to stopre the key. You should see something like this:
Generating public/private rsa key pair. Enter file in which to save the key (/c/Users/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /c/Users/user/.ssh/id_rsa. Your public key has been saved in /c/Users/user/.ssh/id_rsa.pub. The key fingerprint is: SHA256:2mrihQwvnsIx8gDp8pO01EmCT4PgnTSVgv8Xj1vKNOg user@May2015b The key's randomart image is: +---[RSA 2048]----+ | . ... | |.. + . | |o++ + | |=.++. . | |oo.=... S | |++++o+ B o | |+*+o= * * | |.o*o.E.= | | .oo.o. | +----[SHA256]-----+
We can check the contents of the
.ssh directory with
$ ls ~/.ssh id_rsa id_rsa.pub
id_rsa is the private key and
id_rsa.pub is the public key
2) Add key to
Start the agent by running
$ eval "ssh-agent"
Add the key
# Windows and Linux $ ssh-add ~/.ssh/id_rsa # or wherever your private key is stored
# MacOS $ ssh-add -K ~/.ssh/id_rsa # or wherever your private key is stored
For MacOS to remember your private key password, create a file called
and input the following:
Host * UseKeychain yes
3) SSH agent forwarding¶
~/.ssh/config does not already exist, create it. Add to the file the following:
Host cedar Hostname cedar.computecanada.ca User username ForwardAgent yes Host graham Hostname graham.computecanada.ca User username ForwardAgent yes Host beluga Hostname beluga.computecanada.ca User username ForwardAgent yes Host alder Hostname alder.arc.ubc.ca User username ForwardAgent yes
username is your username on the remote computer. You can add other blocks like these
for other remote computers if you wish.
Now, you should be able to log in to a remote machine using only
ssh <host> instead of
ssh <email@example.com> e.g.
$ ssh alder
$ ssh firstname.lastname@example.org
4) Install your ssh public key on the remote machines¶
Copy your public key to each of the remote machines in your
~/.ssh/config file, for instance:
$ ssh-copy-id -i $HOME/.ssh/id_rsa alder
You will be prompted for your password on the remote machine and the key will be installed.
Once your key is installed, you should be able to run commands like
without having to enter your password.
You may be prompted for the password to your key when you first log into the remote server via