Connecting to HPC3 via ssh
|You must either be on the campus network or connected to the UCI campus VPN to access HPC3.|
To use ssh, you need to use one of Terminal applications and depending on a user laptop they can be:
|MobaXterm users DO NOT enable Remote monitoring! This is an experimental feature of MobaXterm that runs unnecessary multiple processes on login node under your account. These processes add to the overall load on the cluster. None of the information they collect you can use for your work on the cluster.|
SSH is the only way to directly log in to HPC3 for interactive use. Use your UCINetID and associated password to connect to an HPC3 login node (which are several load-balanced, systems) hpc3.rcic.uci.edu.
Your login name can be specified as ether user@hostname or given with the -l option, for example a user with UCINetID panteater can use:
ssh email@example.com or ssh hpc3.rcic.uci.edu -l panteater
|It is a requirement per our Acceptable Use Policy that your ssh-keys have a non-empty passphrase. Use ssh-agent (macOS/Linux) or PuTTYgen (Windows) as a convenient way for you to not keep re-entering your passphrase. For more information about SSH passphrases see SSH Academy.|
|Once you have logged in on the cluster, there is no ssh connection to the compute nodes. See SLURM tutorial which explains how to use slurm commands to achieve the same.|
2.2. Multifactor Authentication (Duo)
After the June 15, 2022 maintenance, HPC2/HPC3 will require multifactor authentication using UCI’s Duo infrastructure for all password-based logins. When DUO is active, you will be prompted to enter a code (backup or generated by your DUO device) or request a push to your enrolled DUO-enabled device. A prompt looks similar to
ssh firstname.lastname@example.org Password: Duo two-factor login for panteater Enter a passcode or select one of the following options: 1. Duo Push to XXX-XXX-1212 Passcode or option (1-1): 1 Success. Logging you in... Last login: ....
2.3. SSH Keys (and Duo)
The design/implementation of the DUO-supplied PAM module makes it possible to use an SSH-key to login without entering a DUO code or receiving a DUO push. HPC3 supports the use of ssh-keys for remote login
We have written local guides for:
In essence, the system from which you are initiating ssh (e.g. your laptop or workstation) should have a locally-generated and password protected ssh private key. The public key corresponding to that private key is placed on HPC2/HPC3 in your .ssh/authorized_keys file. Please use the following principles
Every user-generated ssh private key that you generated MUST be password protected.
Generate a different private key and password for each device you plan to use regularly to access from HPC3. For example, if you two different laptops, generate a private key for each laptop.
Treat all of your ssh private keys with care. If you are on a shared system (e.g. a lab workstation), make sure that file permissions are set such you (and only you) can read and unlock the key with its passphrase
Never add a different user’s ssh public into your authorized_keys file. This is a violation of account sharing.
2.4. FileZilla and DUO
If you use FileZilla (Windows users) for files transfer you will need to change your login type to interactive in FileZilla Site Manger settings. For exact instructions please see Filezilla Site Manger
2.5. MobaXterm and DUO
If you use MobaXterm you need to make sure that at in your mobaxterm settings in SSH tab in Advanced ssh settings and set your Remote Environment to Interative shell:
3. Quick Links
Please see guides below that provide more information and explain how to get help and how to use HPC3: