Hprc banner tamu.png

FASTER:Access

From TAMU HPRC
Jump to: navigation, search

Accessing FASTER

Access Using SSH

SSH Login (TAMU)

To connect to HPRC clusters, you must use SSH (Secure Shell). SSH is a client-server software that provides for secure (by encryption) logins and other communication between two hosts. SSH is freely available on the Internet for Linux/Unix and PC Windows (in the guise of MobaXterm).

To initiate SSH connection to target cluster's login node, find the hostname (terra/grace) and credential (userID/password) info from Table 1 below. For example, if you are connecting to Grace cluster from a terminal enter:

[user1@localhost ~]$ ssh NetID@grace.hprc.tamu.edu

where the grace.hprc.tamu.edu address is a DNS round-robin alias for grace[1-4].tamu.edu. You will be prompted for your password in order to establish authentication. Once you login into one of the login nodes, the shell's prompt will be [NetID].grace[1-8].

If, however, you are connecting for the very first time, you will see a message similar to the following before arriving at the password prompt:

The authenticity of host 'grace (165.91.16.18)' can't be established.
ECDSA key fingerprint is SHA256:SfQPtDJW30sj4kG2c4KGFw7LcEduSOFeXGIlsf4WhEA.
ECDSA key fingerprint is MD5:9c:ea:ba:22:0f:6f:1e:b9:0c:21:d4:b6:70:0f:a0:d5.
Are you sure you want to continue connecting (yes/no)? 

Type yes and you will then be presented with the password prompt.

Warning: Permanently added 'grace' (ECDSA) to the list of known hosts.
NetID@grace.hprc.tamu.edu's password:
Table 1: Hostname and credential info of HPRC clusters (NetID login)
Cluster Hostname Number of login nodes Credential (UserID / Password)
Terra terra.tamu.edu 3 (terra1 ~ terra3) NetID / NetID password
Grace grace.hprc.tamu.edu 5 (grace1 ~ grace5) NetID / NetID password
FASTER faster.hprc.tamu.edu 2 (faster1 ~ faster2) NetID / NetID password

Off-campus Access (TAMU)

For connecting to cluster login nodes from outside the campus, you need to activate Virtual Private Network (VPN) first, then initiate SSH connection to the cluster login nodes. You can find VPN installation instructions from TAMU ServiceNow Knowledge Base page on VPN.

WSL and Windows Users Attention: If the above off-campus access method does not work, the following options are available:

1. Download the Cisco AnyConnect client from the Microsoft Store. Credential entry will be identical to logging into other TAMU resources utilizing CAS authentication.

2. PowerShell: you will use syntax similar to when you use WSL. For example: To access Grace, you will use "ssh [NetID]@grace.hprc.tamu.edu"

3. Shell Access via the portal: you will access portal.hprc.tamu.edu and choose portal (Grace or Terra. On the top bar, choose "Clusters" then choose the "Shell Access" option.

Two-Factor Authentication Requirement (TAMU)

Starting October 1, 2018, the Division of Information Technology will require use of Duo NetID Two Factor Authentication on its Virtual Private Network (VPN) (connect.tamu.edu) service.

Duo provides a second layer of security to Texas A&M accounts.


If you are not already enrolled in Duo and plan to use VPN, you can enroll now at duo.tamu.edu. Enrolling is as easy as 1-2-3:

1. Choose your device and download the Duo Mobile app. (We strongly recommend the mobile app as the most user-friendly option.)

2. Start your enrollment at https://gateway.tamu.edu/duo-enroll/;

3. Remember: Once you sign up, you will need your Duo-enrolled device when you log in to most Texas A&M resources.

For more information, consult IT's knowledge base article for Duo: https://u.tamu.edu/KB0012105

ACCESS (formerly XSEDE) users

External users (non-TAMU) can apply for an ACCESS ID to gain access to HPRC FASTER and ACES resources. See the Resource Provider (RP) page in the ACCESS documentation to learn how to apply.

Portal login

ACCESS users can login to FASTER through the ACCESS FASTER Portal

https://portal-faster-access.hprc.tamu.edu

ssh login

As of August 31st, ssh login to FASTER for ACCESS users transitioned from the XSEDE sso hub to the faster jump host.

FASTER:

[user@localhost ~]$ ssh -J [username]@faster-jump.hprc.tamu.edu:8822 [username]@login.faster.hprc.tamu.edu

ACES login:

[user@localhost ~]$ ssh -J [username]@aces-jump.hprc.tamu.edu:8822 [username]@login.aces.hprc.tamu.edu

You can find your username under your ACCESS profile: https://allocations.access-ci.org/profile

Generating SSH Keys

If you do not already have an ed25519 type key-pair you can use the below instructions to generate your ssh-keys on the host you will use to login from. The keys should automatically be generated in $HOME/.ssh/ Do NOT change the name of the generated keys or the location

Instructions for Windows users

Please use the Windows PowerShell to generate your keys.

Powersell.png

Once you have launched the Windows PowerShell App type:

 ssh-keygen -t ed25519

The command will output the following text:

 Generating public/private ed25519 key pair.  
 Enter file in which to save the key (C:\Users\username/.ssh/id_ed25519):

If you already have a .ssh directory, the follow text will not be displayed.

 Created directory 'C:\Users\username/.ssh'.     

Hit Enter at the following prompt.

 Enter passphrase (empty for no passphrase):   

Hit Enter at the following prompt.

 Enter same passphrase again: 

More text output:

 Your identification has been saved in C:\Users\username/.ssh/id_ed25519.                                                 
 Your public key has been saved in C:\Users\username/.ssh/id_ed25519.pub.                                                 
 The key fingerprint is:                                                                                                
 SHA256:long_string_of_text_here                                                
 The key's randomart image is: 
(many lines of characters here)
Instructions for Linux and Mac users

Launch a terminal on your Linux or Mac system and type:

 ssh-keygen -t ed25519

The command will output the following text:

 Generating public/private ed25519 key pair.
 Enter file in which to save the key (/home/abhinand/.ssh/id_ed25519):

If you already have a .ssh directory, the follow text will not be displayed.

 Created directory '/Users/username/.ssh'     

Hit Enter at the following prompt.

 Enter passphrase (empty for no passphrase):   

Hit Enter at the following prompt.

 Enter same passphrase again: 

More text output:

 Your identification has been saved in /Users/username/.ssh/id_ed25519.                                                 
 Your public key has been saved in /Users/username/.ssh/id_ed25519.pub.                                                 
 The key fingerprint is:                                                                                                
 SHA256:long_string_of_text_here                                                
 The key's randomart image is: 
(many lines of characters here)


How to submit your id_ed25519.pub key ?

Type the following command to show the contents of the id_ed25519.pub file.

cat $HOME/.ssh/id_ed25519.pub

The cat command should output a single line of text that starts with

ssh-ed25519   many_characters_here username@host

This should be strings of text specific to your key and system:

Copy the output text from the above cat command and include it in the email to keys@hprc.tamu.edu or attach the file id_ed25519.pub in your email

Do NOT send your private key. You will be notified by email when your pub key has been installed and your account is active.

ACCESS MobaXterm users

MobaXterm offers the capability to use a jump host to connect to a server in a secured network zone. You can configure your SSH session to use a jump host to save time with the login process.

Click on the Session tab to create a new session. Next click SSH in the top ribbon.

Enter login.faster.hprc.tamu.edu into the Remote host * box.

Enter your ACCESS username in the Specify username box.

Open the Advanced SSH Settings tab check the Use Private Key box. Then enter the path to your private key.

Mobax-jump-1.PNG

Go to the Network Settings tab and enable Connect through SSH gateway (jump host) and enter respective login data. The gateway host should be faster-jump.hprc.tamu.edu and port should be 8822. Click OK.

Start the session by double clicking the session login.faster.hprc.tamu.edu (username) in the left hand ribbon or under the Sessions tab.

Mobax-jump-2.PNG
Mobax-jump-3.PNG

Detailed Access Information

For more in-depth information on accessing the TAMU HPRC clusters and guides for configuring your SSH client, see the Detailed Access page.

FASTER-Specific Information

Login Nodes

There are a total of 3 FASTER login nodes (2 for TAMU Users and 1 for ACCESS/XSEDE Users). Connecting to faster.hprc.tamu.edu will direct you to one of the 2 TAMU nodes based on a round-robin queue.

You can connect to a particular node by utilizing the node-specific names. For example, to connect to FASTER login node 2:

[user1@localhost ~]$ ssh [NetID]@faster2.hprc.tamu.edu

To see information on the FASTER login node configurations, see the FASTER Login Node Hardware section of the FASTER Hardware Introduction page.