SEAS Computing has migrated all HPC hardware to FAS Research Computing (FASRC). New users should obtain a FAS RC account by visiting https://rc.fas.harvard.edu.
Step 1: Apply for a SEAS account
You need a SEAS account to access our resources.
- Apply for one at http://apply.seas.harvard.edu
Forgot your SEAS password? Reset it at https://password.seas.harvard.edu
Step 2: Get FAS VPN (Virtual Private Network) and start your client
Using either your Harvard ID and PIN or your FAS username and password, you can access the following site, download and install a small client on your machine.
- Go to : http://vpn.harvard.edu/ and follow the instructions provided to connect to the vpn with your harvard key and the duo token.
Why do I need a VPN? You need to be connected to a VPN to transfer your public key to our login.seas. server. The only way to access the SEAS login server using password authentication is by connecting through the FAS VPN first; this provides a sort of two-factor authentication, since you need to first perform a PIN authentication before using your password to login.
Step 3: Download PuTTYGen and generate your pair of public and private keys
PuTTYgen is used to create a private/public key pair on the Windows system.
- Download puttygen.exe
- Run PuTTYgen. In the window choose the settings below:
- Type of key to generate: SSH-2 RSA
- Number of bits in a generated key: 2048
- Click on the "Generate" button. You will be prompted to move your mouse to generate some randomness, after which PuTTYgen will generate a new key.
Once you have generated a key, set a comment field and then enter a passphrase for your key. It is strongly recommended that you use a passphrase when generating a private key.
- Press the ‘Save private key’ button. PuTTYgen will put up a dialog box asking you where to save the file. Select a directory, type in a file name, and press ‘Save’.
- Copy the generated text under Key text field starting from "ssh-rsa" and save it into a file, this will be your public key file.
- Close PuTTYGen and you are done with this part!
Step 4: Download PuTTY, run it and configure your system
PuTTY is a freely available ssh client that supports public key authentication, and also provides its own ssh-agent called "Pageant" agent.
- Download putty.exe
- Launch PuTTY via the shortcut, and it will display the configuration dialog box: there are many options here. We'll fill in several to provide for passworded access to the system, then configure for public-key access later.
- Hostname: login.seas.harvard.edu
- Protocol: SSH
- Connection :
- Data :
- Auto-login username: (leave blank)
- When username is not specified : Prompt
- Data :
- SSH :
- Preferred SSH Protocol Version: 2 Only
- SSH :
- Return to "Session" screen, give these set of configurations a name so you can use it to connect at a later time, and click "Save". We gave ours the name "seas_session". Each time you run PuTTY in the future, choose this name and press "Load".
Step 5: Connect to Compute Resources using PuTTy
- Launch PuTTY (if not already open). In the Session section, click on the name of your saved session and click Load. Click Open to launch the connection.
- You will be prompt for your username and password. Use your SEAS username and password.
- Once you are successfully logged-in, use the following commands. Your goal is to create a file named authorized_keys inside .ssh and copy your public key there.
- You need to ensure that your home directory, your
.sshdirectory, and any other files involved (such as
authorization) are not group-writable or world-writable. You can typically do this by using a command such as
Congratulations, you are done!
You are now ready to login into our machines!
Additional Recourses :
For a great overview of what we just did, visit : http://www.unixwiz.net/techtips/putty-openssh.html
Your server should now be configured to accept authentication using your private key. Now you need to configure PuTTY to attempt authentication using your private key. You can do this in any of three ways:
- Select the private key in PuTTY's configuration. See section 4.20.7 for details.
- Specify the key file on the command line with the
-ioption. See section 126.96.36.199 for details.
- Load the private key into Pageant (see chapter 9). In this case PuTTY will automatically try to use it for authentication if it can.
In addition, the secure file transfer program WinSCP uses Pageant to manage ssh keys as well.
Other resources for PuTTY include:
The puTTYgen command can be used to create a private/public key pair on the Windows system. The private key can be installed into puTTY and the public key can be installed on the remote host following the procedure outlined above. Note that a proper public OpenSSH key begins with "ssh-rsa" separated by a space from the rest of the key and concludes with a comment following the rest of the key, separated by a space. If the public key generated by puTTYgen places a comment first (such as "rsa-key-20101005"), edit the file using a text editor to obtain the correct form. Please also see this.
For a more technical general discussion on SSH technology, please see here.
Storing Your SSH Keys
For a discussion how to automate and store the SSH key handling for e.g. server to server connecticity, please see the instructions on SSH agent forwarding .
The following are links to documentation, tutorials and HowTos on SSH
- SSHTutorial For Linux
- SSH: The Basics
- IBM Series on OpenSSH:
- Getting Started withSSH
- An Article on AdvancedSSHUsage
- Comparison ofSSHClients
- CygWin: Linux Tools for Windows
- PuTTY Homepage
- UsingPuTTY with OpenSSH
- Secure Linux/UNIX access with PuTTY and OpenSSH
- UsingSecureCRT with OpenSSH
- TeraTerm: Open Source Windows ssh Client
- eSh: ssh client free for educational use
SSHAgent and Keychain
- Keychain 2.6.8 source at Gentoo
- Article:Usingssh-agent withssh
- RemoteSSHKeys and Keychain