| Warning | ||||
|---|---|---|---|---|
After a recent update of hpc-login ecs-login and other aliases, their host key has changed. You may get the following error when connecting:
It is safe to accept the new key. You will need to remove the corresponding entry for hpc-login or ecs-login on your ~/ssh/known_hosts file. For example, you may use the following command to remove the entries for hpc-login:
A similar command may be run for other hostnames with the same problem. After that, a new connection should prompt you to accept the new key. See 2022-08-10 SSH host keys fixed on all nodes and Cron service for more information. |
You can connect for the first time via SSH from another ECMWF platform. If you do so from ECGATE or the Cray HPCF you will not need a password to log in.
| No Format |
|---|
$> ssh hpc-login
# or for users with no formal access to HPC service:
$> ssh ecs-login |
From outside ECMWF, you may use Teleport through our gateway in Bologna, jump.ecmwf.int. Direct access through ECACCESS service is not available.
| No Format |
|---|
$> tsh login --proxy=jump.ecmwf.int $> ssh -J user@jump.ecmwf.int user@hpc-login # or for users with no formal access to HPC service: $> ssh -J user@jump.ecmwf.int user@ecs-login |
For all the details of this connection method please see the Teleport documentation, where you will find how to best configure your SSH settings.
You may also connect via SSH from another ECMWF platform such as the Linux VDI.
...
| No Format |
|---|
$> ssh hpc-login
# or for users with no formal access to HPC service:
$> ssh ecs-login |
| Tip | ||
|---|---|---|
| ||
The first time you log in, we strongly recommend you set up your local SSH key-based authentication with the following command:
This step is required for many tools and applications to work well, such as ecinteractive, ecflow, and ecaccess jobs, as well as convenient access from our VDI service |
...
. |
See also HPC2020: Persistent interactive job with ecinteractive if if you wish to customise the resource limits of your interactive session.
| Info |
|---|
Upon logging in, please take a look at the message of the day displayed on the login nodes (or review /etc/motd). |
You can also open a JupyterLab session through the ECMWF JupyterHub service. See HPC2020: Jupyter Sessions with JupyterHub for more details.
| Tip | ||
|---|---|---|
| ||
If you have not changed your password since 18 January 2021, password access may not work. |
...
You can use the hpc-* or hpc2020-* names in the table below if you just need to use the default HPCF complex, or the specific names for each of the complexes. For ECS, you may use the ecs-* names. Your usual interface to connect would be the *-login names, and for remote submission of jobs we would recommend using the *-batch names as they are dedicated login nodes for job submissions. If you need to set up a cronjob, then the *-cron names are to be used.
| Generic names | Per-complex | |
|---|---|---|
| HPCF Interactive Login | hpc-login hpc2020-login | aa-login ab-login ac-login ad-login |
| ECS Interactive Login | ecs-login | ecs-login |
| HPCF Remote batch job submission | hpc-batch hpc2020-batch | aa-batch ab-batch ac-batch ad-batch ecs-batch |
| ECS Remote batch job submission | ecs-batch | ecs-batch |
| HPCF Cron jobs | hpc-cron hpc2020-cron | - |
| ECS Cron jobs | ecs-cron | - |
Password-less access from / to other platforms
If connecting from a different platform at ECMWF and to enable password-less connections and transfers between different platforms, you will need to enable ssh key authentication.
Check if you have an existing ssh key pair on other ECMWF platforms:
| No Format |
|---|
$> ls ~/.ssh/id_*
~/.ssh/id_rsa ~/.ssh/id_rsa.pub |
If you don't, you may generate them like so:
| No Format |
|---|
$> ssh-keygen # press 'enter' 3 more times |
Make sure it is added into the different platforms to be used
...
...
| - |
...
Copy your key pair onto those platforms so you can make the connections in both directions:
...