Skip to content
Snippets Groups Projects

howto ssh

Last edited by Jean-Luc Parouty

Configuring SSH for GRICAD / Jupyter

Here is a procedure to happily configure your SSH environment in only 6 steps in order to access GRICAD's clusters.

Step 0 - Create an account for Gricad using PERSEUS web portal

You should have already received an email given you your Perseus login/passwd to be used during the training sessions.

But for further use, you can create an account and join/create a project on Perseus/Gricad. To do so, check https://perseus.ujf-grenoble.fr/

Step 1 - Generate yours ssh keys

If you don't already have SSH keys, create one with a nice password :

# ssh-keygen

Step 2 - ssh-agent configuration

To avoid having to enter your ssh password all the time, we will use the ssh-agent service.
Try :

# ssh-add

If an error occurs, add this lines in your .bash_profile and restart your session :

# pgrep ssh-agent >/dev/null || ssh-agent -s > ~/.ssh_agent
# . ~/.ssh_agent
# ssh-add -l >/dev/null || ssh-add

Step 3 - Allow your access to the bastions

The bastions are :

  • access-ciment.imag.fr alias rotule.imag.fr
  • access-ciment.ujf-grenoble.fr alias trinity.ujf-grenoble.fr

<perseus_login> is your PERSEUS login (to access GRICAD resources), the password requested is your PERSEUS password.

# ssh-copy-id <perseus_login>@rotule.imag.fr

and

# ssh-copy-id <perseus_login>@trinity.ujf-grenoble.fr

To verify, these two commands must now work :

# ssh <perseus_login>@rotule.imag.fr hostname
rotule
# ssh <perseus_login>@trinity.ujf-grenoble.fr hostname
trinity

If it works, launch one of these commands to retrieve your uid on rotule or trinity : you will need the output result later

# ssh <perseus_login>@rotule.imag.fr id -u
# ssh <perseus_login>@trinity.ujf-grenoble.fr id -u

Step 4 - Configuring access through bastions

Modify (or create if it doesn't exist) your .ssh/config file, with :

ForwardAgent yes

Host *.ciment
  User <perseus_login>
  ProxyCommand ssh -q <perseus_login>@access-rr-ciment.imag.fr "nc -w 60 `basename %h .ciment` %p"
  LocalForward 8889 f-dahu:<your perseus_uid>
  LocalForward 6007 f-dahu:<your perseus_uid + 10000>

Where :

  • <perseus_login> is your PERSEUS login
  • <your perseus_uid> is your uid on rotule or trinity
  • <your perseus_uid + 10000> is your uid + 10000 (if uid=6500, that makes 16500)

Step 5 - Drink a coffee

You've earned it, but courage, it's almost over !

Step 6 - Allow your access to the frontal

As before, the password requested is your PERSEUS password.

# ssh-copy-id f-dahu.ciment
# ssh-copy-id luke.ciment

Fine ! Normally, you can now access the cluster frontal directly - securely and simply - without having to re-enter your password 18 times. :-)
Check it:

# ssh f-dahu.ciment
(...you are on f-dahu...)

If that doesn't work, drink another coffee and check your steps... ;-|