Skip to end of metadata
Go to start of metadata

SEAS Computing has migrated all HPC hardware to FAS Research Computing (FASRC). New users should obtain a FAS RC account by visiting https://rc.fas.harvard.edu.

 Windows

Step 1:  Apply for a SEAS account

You need a SEAS account to access our resources. 

Forgot your SEAS password? Reset it at https://password.seas.harvard.edu

Step 2: Get FAS VPN (Virtual Private Network) and start your client

Using either your Harvard ID and PIN or your FAS username and password, you can access the following site, download and install a small client on your machine.

  •  Go to : http://vpn.harvard.edu/ and follow the instructions provided to connect to the vpn with your harvard key and the duo token.

 Why do I need a VPN? You need to be connected to a VPN to transfer your public key to our login.seas. server. The only way to access the SEAS login server using password authentication is by connecting through the FAS VPN first; this provides a sort of two-factor authentication, since you need to first perform a PIN authentication before using your password to login. 

Step 3: Download PuTTYGen and generate your pair of public and private keys 

PuTTYgen is used to create a private/public key pair on the Windows system.  

  • Run PuTTYgen. In the window choose the settings below:
     
    • Type of key to generate: SSH-2 RSA
    • Number of bits in a generated key: 2048

 

Note

A proper public OpenSSH key begins with "ssh-rsa" separated by a space from the rest of the key and concludes with a comment following the rest of the key, separated by a space.  If the public key generated by puTTYgen places a comment first (such as "rsa-key-20101005"), edit the file using a text editor to obtain the correct form.

  • Click on the "Generate" button. You will be prompted to move your mouse to generate some randomness, after which PuTTYgen will generate a new key.
  • Once you have generated a key, set a comment field and then enter a passphrase for your key. It is strongly recommended that you use a passphrase when generating a private key. 

  • Press the ‘Save private key’ button. PuTTYgen will put up a dialog box asking you where to save the file. Select a directory, type in a file name, and press ‘Save’. 
  • Copy the generated text under Key text field starting from "ssh-rsa" and save it into a file, this will be your public key file. 
  • Close PuTTYGen and you are done with this part! 

Step 4: Download PuTTY, run it and configure your system

PuTTY is a freely available ssh client that supports public key authentication, and also provides its own ssh-agent called "Pageant" agent.

  • Download putty.exe

  • Launch PuTTY via the shortcut, and it will display the configuration dialog box: there are many options here. We'll fill in several to provide for passworded access to the system, then configure for public-key access later.

  • Session:
    • Hostname: login.seas.harvard.edu
    • Protocol: SSH

  • Connection :
    • Data :
      • Auto-login username: (leave blank)
      • When username is not specified : Prompt


    • Connection
      • SSH :
        • Preferred SSH Protocol Version: 2 Only

  • Return to "Session" screen, give these set of configurations a name so you can use it to connect at a later time, and click "Save". We gave ours the name "seas_session". Each time you run PuTTY in the future, choose this name and press "Load".

Step 5: Connect to Compute Resources using PuTTy

  • Launch PuTTY (if not already open). In the Session section, click on the name of your saved session and click Load. Click Open to launch the connection.
  • You will be prompt for your username and password. Use your SEAS username and password.

  • Once you are successfully logged-in, use the following commands. Your goal is to create a file named authorized_keys inside .ssh and copy your public key there.
  • You need to ensure that your home directory, your .ssh directory, and any other files involved (such as authorized_keysauthorized_keys2 or authorization) are not group-writable or world-writable. You can typically do this by using a command such as

 

Congratulations, you are done!

You are now ready to login into our machines! 

 


Additional Recourses :

 For a great overview of what we just did, visit : http://www.unixwiz.net/techtips/putty-openssh.html

Your server should now be configured to accept authentication using your private key. Now you need to configure PuTTY to attempt authentication using your private key. You can do this in any of three ways:

  • Select the private key in PuTTY's configuration. See section 4.20.7 for details.
  • Specify the key file on the command line with the -i option. See section 3.8.3.18 for details.
  • Load the private key into Pageant (see chapter 9). In this case PuTTY will automatically try to use it for authentication if it can.

In addition, the secure file transfer program WinSCP uses Pageant to manage ssh keys as well.

Other resources for PuTTY include:

The puTTYgen command can be used to create a private/public key pair on the Windows system.  The private key can be installed into puTTY and the public key can be installed on the remote host following the procedure outlined above.  Note that a proper public OpenSSH key begins with "ssh-rsa" separated by a space from the rest of the key and concludes with a comment following the rest of the key, separated by a space.  If the public key generated by puTTYgen places a comment first (such as "rsa-key-20101005"), edit the file using a text editor to obtain the correct form.  Please also see this.

  • SSH technology

For a more technical general discussion on SSH technology, please see here.

  • Storing Your SSH Keys

For a discussion how to automate and store the SSH key handling for e.g. server to server connecticity, please see the instructions on SSH agent forwarding .

  • Additional Resources

The following are links to documentation, tutorials and HowTos on SSH

  File Modified
PNG File putty7.png Oct 21, 2013 by eleni
PNG File putty6.png Oct 21, 2013 by eleni
PNG File putty5.png Oct 21, 2013 by eleni
PNG File putty4.png Oct 21, 2013 by eleni
PNG File putty3.png Oct 21, 2013 by eleni
PNG File putty2.png Oct 21, 2013 by eleni
PNG File putty1.png Oct 21, 2013 by eleni
PNG File vpn2.png Oct 21, 2013 by eleni
PNG File vpn3.png Oct 21, 2013 by eleni
JPEG File vpn1.jpg Oct 21, 2013 by eleni
JPEG File putty.jpg Oct 15, 2013 by eleni
JPEG File putty copy.jpg Oct 15, 2013 by eleni
GIF File putty_connect.gif Sep 24, 2013 by eleni
GIF File putty.gif Sep 24, 2013 by eleni
File keychain SSH keychain script for automated handling of agent forwarding Sep 23, 2013 by eleni