-
Notifications
You must be signed in to change notification settings - Fork 2
Convenient SSH access to Jasmin
This quick guide explains how to set up a convenient SSH access to Jasmin (via the SSH config file and proxy jumps) that makes developing on Jasmin feel like you're developing on your local machine.
- Jasmin account (registered and approved)
- Jasmin SSH access (approved)
This step is only needed, if you are using JASMIN from outside the university network (e.g. from your home). As long as you're logged into eduroam or the university or college wifi, you do not need a VPN and can ignore this step.
This brief tutorial on the Cambridge VPN will help you to set up the VPN if you have not already done so.
Next, you will need to set up SSH access to Jasmin. If you have already uploaded an SSH key to your Jasmin account, you can skip this step.
To generate a new SSH key, use:
ssh-keygen -t rsa -b 2048 -C "[email protected]" -f ~/.ssh/id_rsa_jasminThere's a private key (id_rsa_jasmin) and a public key (id_rsa_jasmin.pub) file.
Next, upload the content of the id_rsa_jasmin.pub file (PUBLIC KEY ONLY!) on your JASMIN profile here. You can simply paste it in the "SSH key" section.
Next, we need to add the ssh key to the key chain. This can be done with the commands
eval $(ssh-agent -s) # starts SSH agent
ssh-add ~/.ssh/id_rsa_jasmin # adds the id_rsa_jasmin key. Rename to your key's name
# Check current keys
ssh-add -l # If successful you should see the name of your key after this commandTo log into jasmin, you can now simply use this command (username is your jasmin username)
ssh -A [email protected] # -A: enables agent forwardingThe -A flag enables agent forwarding, which means that it essentially passes along your SSH keys to the current session on the Jasmin login server when logging in. This is important, because we will need to SSH on from the login server to e.g. one of the Sci servers and for this we need the SSH key again. Agent forwarding also allows you to push and pull directly from GitHub without needing to add yet another SSH key to your GitHub account.
To see that your keys were indeed forwarded, simply list the added keys on the login server via
# Demonstrate key forwarding via
ssh-add -l
# You should see your id_rsa_jasmin key (or equivalent)From the login server, we can SSH onwards to one of the Sci servers. Here, let's SSH to sci1 for exapmle. The Jasmin wiki has a list of all available sci servers and theis specifications.
The command to log in is
ssh [email protected] # note: this needs to be called from the login serverWe can avoid to do this two step process to log into Jasmin servers with the help of an SSH config.
For dealing with the SSH more conveniently, let's generate an ssh config in ~/.ssh/config
Open (create if it doesn't exist yet) the file ~/.ssh/config in your favourite editor. Then copy paste the following snippet and
substitute PATH-TO-SSH-KEY by the path to your id_rsa_jasmin key and YOUR_JASMIN_USERNAME by your Jasmin username:
Host jasmin-login
HostName login1.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
User YOUR_JASMIN_USERNAME
ForwardAgent yes
Host jasmin-sci1
HostName sci1.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
ProxyJump jasmin-login
User YOUR_JASMIN_USERNAME
ForwardAgent yes
Host jasmin-sci2
HostName sci2.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
ProxyJump jasmin-login
User YOUR_JASMIN_USERNAME
ForwardAgent yes
Host jasmin-sci3
HostName sci3.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
ProxyJump jasmin-login
User YOUR_JASMIN_USERNAME
ForwardAgent yes
Host jasmin-sci4
HostName sci4.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
ProxyJump jasmin-login
User YOUR_JASMIN_USERNAME
ForwardAgent yes
Host jasmin-sci5
HostName sci5.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
ProxyJump jasmin-login
User YOUR_JASMIN_USERNAME
ForwardAgent yes
Host jasmin-sci6
HostName sci6.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
ProxyJump jasmin-login
User YOUR_JASMIN_USERNAME
ForwardAgent yes
Host jasmin-sci8
HostName sci8.jasmin.ac.uk
IdentityFile PATH-TO-SSH-KEY
ProxyJump jasmin-login
User YOUR_JASMIN_USERNAME
ForwardAgent yesNow we can conveniently log into sci servers via
ssh jasmin-sci1If you use VSCode as an editor, you can download the Remote SSH development extension and simply open the VSCode on the remote machine for convenient development. VSCode even automatically forward the ports for you, so that you can even run jupyter notebooks on the remote and code in the familiar jupyter notebook environment on the browser of your local.