SSH Keys

Introduction

Using SSH (secure shell) cryptographic keys instead of passwords for authentication offers several advantages:

  • Enhanced Security: Cryptographic keys provide a more secure authentication method. Unlike passwords, which can be guessed or brute-forced, cryptographic keys are nearly impossible to crack.

  • Automated Processes: SSH keys are essential for automated processes, such as scripts or multiple, sequential logins.

  • Convenience: Once set up, SSH keys simplify the login process. When used with SSH agents or keychain tools that cache your passphrase, you can enjoy password-less logins after the initial use.

  • Gitlab Access:Our local GitLab instance does not allow password authentication for cloning repositories or pushing changes. SSH keys offer a more convenient and secure alternative to short-lived tokens.

What can I use SSH Keys for?

Once configured, your SSH keys will provide secure access to:

  • HPC & HTC Clusters: Eureka2, AISurrey, and other compute systems

  • SSH Gateway: Central access point for multiple systems, in case you cannot used the GlobalProtect VPN

  • GitLab & GitHub: Version control for your code and research projects

How does it work?

The generated SSH keys consist of two elements, both of which are files stored on computers:

Public key:

This key is distributed to the systems you wish to log in to. It is considered safe to share, as it cannot be used to gain unauthorised access.

Private key:

This key remains securely on the system from which you connect. If stolen, it is compromised, and both the private and public keys must be replaced. To prevent unauthorised use, the private key should always be protected by a passphrase.

When you attempt to authenticate, the private key on your system is used to sign a challenge, swhich the remote system verifies against the corresponding public key, granting access if they match. Learn more about the underlying technology here.