SSH
SSH stands for Secure Shell. It is a commonly used protocol that allows you to connect to a remote machine and execute commands on it. Learn more about SSH here (opens in a new tab).
Before proceeding, please make sure that you are a registered user of the WATcloud compute cluster. Not registered? Make a request here).
Quick Start
Here's a tool to help you generate a personalized SSH command. This tool will generate a command that you can copy and paste into your terminal. Note that the commands generated by this tool are only tested on Linux and macOS.
Command Generator
Choose your preferred machine and fill in the fields below to obtain personalized SSH commands.
- Machine
- Compute Cluster Username
- SSH Key Path
Options
Below are options for connecting to delta-ubuntu2. Please choose the option that best fits your use case.
UWaterloo VPN → delta-ubuntu2
Connect to the UWaterloo VPN (opens in a new tab)
Run the following command:
ssh -v -i '__SSH_KEY_PATH__' [email protected]
UWaterloo Campus → delta-ubuntu2
Connect to the UWaterloo network (e.g. on-campus Ethernet or Eduroam Wi-Fi)
Run the following command:
ssh -v -i '__SSH_KEY_PATH__' [email protected]
The generated commands do not require setting up ssh agent1 or ssh config2. However, you may soon find that setting them up will make your life easier. If you are interested in learning more about these tools, please check out Tips and Tricks and the official documentation linked in the footnotes.
Syntax
The general syntax for connecting to the cluster is:
SSH_KEY_PATH="<path_to_ssh_key>"
SSH_USERNAME="<username>"
SSH_HOST="<hostname>"
ssh -v -i "$SSH_KEY_PATH" "$SSH_USERNAME@$SSH_HOST"
or if you are using a jump host:
SSH_KEY_PATH="<path_to_ssh_key>"
SSH_USERNAME="<username>"
SSH_HOST="<hostname>"
SSH_JUMP_HOST="<jump_host>"
ssh -v -o ProxyCommand="ssh -W %h:%p -i \"$SSH_KEY_PATH\" \"$SSH_USERNAME@$SSH_JUMP_HOST\"" -i "$SSH_KEY_PATH" "$SSH_USERNAME@$SSH_HOST"
Tips and Tricks
Additional SSH Keys
To use additional SSH keys, you have the following options:
- Update your profile to add additional SSH keys.
- Manually create
~/.ssh/authorized_keys
and place your SSH keys in there.You'll need to make sure that this file is present in all machines that you want to connect to3.
SSH Agent
SSH agent is useful for many reasons, for example:
- It removes the need to use the
-i
flag to specify the path to your SSH key. - It allows you to use SSH agent forwarding (opens in a new tab).
You can use SSH agent as follows:
# Start an SSH agent if it's not already running
[[ -z "$SSH_AUTH_SOCK" ]] && eval "$(ssh-agent -s)"
# Add your SSH key to the agent. Replace ~/.ssh/id_rsa with the path to your SSH key.
ssh-add ~/.ssh/id_rsa
# Connect to the cluster
ssh -v "<ssh_username>@<ssh_host>" # This is the same as ssh -v -i ~/.ssh/id_rsa "<ssh_username>@<ssh_host>" without SSH agent
# or if you are using a jump host
ssh -v -o ProxyCommand="ssh -W %h:%p \"<ssh_username>@<ssh_jump_host>\"" "<ssh_username>@<ssh_host>"
~/.ssh/config
If you find yourself using the same SSH command over and over again, you can use ~/.ssh/config
to simplify your life.
For example, if you find yourself using the following command often:
ssh -v -o ProxyCommand="ssh -W %h:%p -i \"<ssh_key_path>\" \"<ssh_username>@<ssh_jump_host>\"" -i "<ssh_key_path>" "<ssh_username>@<ssh_host>"
you can add the following to your ~/.ssh/config
:
Host <ssh_jump_host>
HostName <ssh_jump_host>
User <ssh_username>
IdentityFile <ssh_key_path>
Host <ssh_host>
HostName <ssh_host>
User <ssh_username>
IdentityFile <ssh_key_path>
ProxyJump <ssh_jump_host>
and then simply run:
ssh -v <ssh_host>
A real-world example of this is:
Host bastion
HostName bastion.watonomous.ca
User alex
IdentityFile ~/.ssh/id_rsa
Host derek3-ubuntu2
HostName derek3-ubuntu2.cluster.watonomous.ca
User alex
IdentityFile ~/.ssh/id_rsa
ProxyJump bastion
ssh -v derek3-ubuntu2
Footnotes
-
SSH agent (opens in a new tab) is a program that runs in the background and stores your SSH keys. It comes with neat features like SSH agent forwarding (opens in a new tab) that allows you to use your local SSH keys on remote machines. ↩
-
SSH config (opens in a new tab) is a configuration file that allows you to simplify your SSH commands. ↩
-
For example, if you use Bastion to connect to the cluster, you'll need to make sure that
~/.ssh/authorized_keys
is present on both Bastion and the machine you intend to connect to. ↩