Access Jobs with SSH¶
Secure Shell (SSH) is a way to securely log in to remote systems, such as UCloud, since all data are encrypted in both directions between the local computer and UCloud.
Using SSH keys is an even more secure way to use SSH to access UCloud as there is no password exchange between the local computer and UCloud. An SSH key pair is generated on the local computer. The key pair consists of a private key which stays on your local computer and a public key which must be uploaded to UCloud.
Software Requirements¶
In the following, we assume that users use PowerShell on Windows machines and Terminal on Linux/Mac machines.
The relevant commands are often similar on Windows and Linux/Mac. When they are identical, only the Linux/Mac command is shown. Otherwise both commands are shown.
Linux and macOS users have an OpenSSH client installed on their system by default and do not need to do anything specific.
Windows users need to check check that OpenSSH client is installed by going to Settings
> System
> Optional features
and see if OpenSSH in in the list. If it is not there, it must be added before proceeding.
Access Existing SSH keys¶
First, start by checking the existing keys on your Linux/Mac
user@laptop:~$ ls -la ~/.ssh/
or Windows
C:\Users\user> ls ~\.ssh/
You should see a list of files in your .ssh
directory if they exist. Check to see whether you already have a public SSH key. By default, filenames of public keys are one of the following:
id_ecdsa.pub
id_ed25519.pub
id_rsa.pub
If you have a file in your ends with .pub
, and also have that file without the .pub
ending (such as id_rsa.pub
and id_rsa
), and you can remember the passphrase for this SSH key pair, then you can skip the part below about generating a new SSH key.
Generate a New SSH Key Pair¶
Run the following command to generate a new SSH key pair. Replace <my_laptop>
with a descriptive text of the computer you are generating the key pair on.
You should use a strong passphrase to protect the key.
user@laptop:~$ ssh-keygen -C <my_laptop>
Tip
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa
Your public key has been saved in /home/user/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:TIaSBm9E9UVn3zhEuMI2xKdW8UwWjIxaNeiMlg1kKlg ucloud-demo
The key's randomart image is:
+---[RSA 3072]----+
| ..E...ooo=*. |
| . =..oO.o |
| . B o +% + . . |
| o o += @ . .|
| .So o |
| |
| |
| |
| |
+----[SHA256]-----+
Note
On Windows machines, C:\Users\<username>\.ssh
is often the default location of SSH keys.
Connecting to Jobs with SSH¶
To access the contents of the public part of the SSH key pair (for example the default id_rsa.pub
), start my navigating to the .ssh/
directory. Then you can copy the public key to the computer's clipboard on a Linux/Mac with
user@laptop:~$ cat id_rsa.pub | pbcopy
and on a Windows with
C:\Users\user> cat id_rsa.pub | clip
When you have added this public part of the SSH key pair to your UCloud account, you can access jobs from your local computer if SSH access is possible for the given app and enabled upon job submission.
When a job with SSH access enabled starts, the command for accessing the job from your local computer via SSH is displayed from the job's progress view.
Paste the command into a Terminal/PowerShell on your own machine. For example:
user@laptop:~$ ssh ucloud@ssh.cloud.sdu.dk -p 1234
Tip
The authenticity of host '[ssh.cloud.sdu.dk]:1234 ([130.225.164.106]:1234)' can't be established.
ED25519 key fingerprint is SHA256:TIaSBm9E9UVn3zhEuMI2xKdW8UwWjIxaNeiMlg1kKlg.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?
Please type 'yes', 'no' or the fingerprint:
Warning: Permanently added '[ssh.cloud.sdu.dk]:1234' (ED25519) to the list of known hosts.
Enter passphrase for key '/home/user/.ssh/id_rsa':
When the correct passphrase has been provided, the encrypted connection between your computer and the job will be established, and you can starting interacting with the job from the console on your computer.
The connection can be closed using the command
ucloud@j-1234567-job-0:~$ exit
Contents