SSH Key Generation & SFTP

Overview

This page describes the methodology of firstly generating a Secure Shell (SSH) Keypair, and secondly, how to Secure File Transfer Protocol (SFTP) into a storage device. 

The same method that works for STFP into a Storage Device can also be used to SFTP into a Running job (which can be useful in some scenarios).

Prerequisites – SSH Key Generation

Important: Storage Devices that were setup BEFORE adding your public key to Rescale, will need the key adding manually. Storage devices setup AFTER adding your public key to Rescale will automatically be attached to the storage device, and any job.

Software Required (Windows)

Putty & Putty Key Gen

https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

If you have administrator privileges, download the “package files” compatible with your machine (likely to be 64-bit x86). Install using default methods unless there is a need to change it. 

If you don’t have administrator privileges, download the alternative binary files for putty.exe and puttygen.exe.

Generating SSH Keys

  1. Launch puttygen, either directly from the exe downloaded, or search in the Start Menu for “puttygen.”
  2. Under the Key menu, ensure that SSH-2 RSA Key is selected (it should be by default).

G 3pSnrfrydh3tQUEABHSU xiXl4AfY8B8TeID BRVJPB3zur9Aky o20cwR1XJPbgEj9EuNMcJq 1cZx YF46cmEYZ1eQ0vyUoK8yOM07EQB 6zmGPo4KBLcQQqQ0N7E7wEQf8 FOTinJUk3KSaLqwBNwLFeihID5TwugPzric6A

  1. Press Generate and move your cursor around inside the window until the green bar fills. Note that this is using the randomness of your cursor movements to generate a sufficiently randomized key.
Screen Shot 2022 11 18 at 4.30.15 PM
  1. Once filled, save the public key to a known location, and give the key a name “putty_key_username.pub”.
    • This location should be somewhere persistent, so avoid saving to the Downloads folder or similar. Replace username with your username (or something similar).
    • Recommended location: C:/Users/USERNAME/ssh (create ssh folder if this doesn’t already exist).
  1. To save the private key, click the Conversions menu and then click Export OpenSSH Key.
    • Save the key without a passphrase by clicking Yes.
    • Save the key in the same location as the public key giving the name putty_key_username (note the removal of the .pub extension).

Add Your Public Key to Your Rescale User Profile

  1. Log into Rescale, and in the top right of the screen, hover over your email address and navigate to User Profile Settings.

aiH8ydkgyOz vTe56DHbN4yet4pP2WqFV9Rm5wymU0LdItzW lWg0ABmSWaUiqWfDLD5T24Vs6gdm1Ljmmag G5IASPyExEKfrhLxgsZ yRhxRyS5vFNhsiI8ZI9sUi ZOfU7FVT gI1 JplFgr4FIZOZn9JHpKz1sGlGDVbHC6Q1 K8Y gPTY

  1. Open your public key with notepad or a similar text editor.
    • Copy and paste your key, starting from the text that states “ssh-rsa” to the end of the string. 

n2SAbSJBTyyWeecHq3J4Mdp9Y1e9B4jRE8iL8xR7N6O6VlsXiFA3MAfaAoHsJ EJgo4CeMMRhVP wroJphUXlDNFd3To00FOfcv1K6kw CoUMkN cDB ofLlZc0LIKU9o7QxmBEGC2Ht87qQSMX319hfehsiCtwC3pc4yji

  1. Ensure your Access Restriction is set to Everywhere.
  1. Select Save.

You have successfully added your public key to your Rescale User Profile.

Starting a Storage Device

Start a test Storage Device to determine if the key has been successfully generated.

Adding Additional Keys to Existing Storage Device

In order to enable access for additional users to the storage device, their public keys must be added to the device after it has been launched.

After Storage Device Started

1Yhu9G98j3kPv 5a41 Lp7IYYjRHL kN58rQUyCXSUvyC0t0t834SPuMNewlVUTyWbhfEg7xYQV6p1Dp8E2JOa34s6wq zrMBmz Il3xyYWfenKm5YxqIE08aOcydMGqdr

After Additional Keys Have Been Added

84p3vKhWN1x1rcuEvazub29UsvRhENkJdO6tpgfL0BI0aXoeXQaB3SMbGfDUbBATFaRWN1ZFAVVxuZckzETLaEbl yPrQ eYwwwCLhmL93fbpfwj55nU7jwIcYZ99sOG3VyKyN5ISsn

Steps

  1. Navigate to the work folder of the Storage Device, via the Files tab, and create a new folder called temp_keys.
o99p2ptsAweSmX53bK221J6TTPtxAu9G56KPI66r4wzw8ELDmNxcW3nJNZR qoDX0FFxoGgXhB7D0QfgbI32ZZZ8sFzmNWLNWGMUX3eML5r1OTRlpdFSJDukvngixDcg4st g1 joyYC204cRPIaAWZfVBNc0wFyqG 99pWDKG26dDwCSlsiiedlLnYYNA

0JYbi21cCZ4aF9nB2hT7FoxbOqHEpqFZo E BubSSfmNL8htoIJ8K3r7syovwCHK2Ta179lLZym7 OzqYVV2Z3LGdT5uyNQDKYtZWJIGDs87eizk3AiPMwnjSsAYsTP1e1Iz39dlNdih

  1. Upload the public keys that you want to add to the Storage Device via the Upload from this computer button. Ensure you have the temp_keys folder selected in the tree structure on the left. 

PCX 3R7mEGNhyTZbkfI8xyWFtEBStvln6YFgL8 CZrFSJMdH9x0frlb9ZIAaez995eWRK gN6FvKI3oODDDQ5DQGVZm4Kjw zfzXbiX8uO65XHqVyhKOXnR Lm5cLicMF 4xu878qfJXTd43sMKyGYSjGL7 Ew FSy5yncUfE4 I9h6yV6LJmMg59IbB9g

  1. Navigate to the Status tab and launch an In-Browser SSH Window by clicking on the Server IP address.

SpuACpuc8aGwCMQnviJscpBKEJ5R Cm KmDzub37eD46UWopgOWIMrjkIqkEyrKNKte7aT3kqH0BLbOTfmNjxu9E4ylT6I8 IhiCSV7nZcD9gdpvA9VfFgTJgcRO EFLNGYcyuwhkxrdhwBYkXQ0Y B6rAyCG164288u9kE9wWr0uZ4dtHGnzpeVQTnDIg

    >
  1. Navigate to the temp_keys folder in the SSH window via cd ~/work/temp_keys.
  2. Modify the following command:
    • Replace KEY_FILE_NAME with the name of the file uploaded to temp_keys.
    • Replace HOST_NAME_IP with the username & IP from the SSH window. This will take the form udeprod.XXXXXX@XX.XX.XX.XX
cat KEY_FILE_NAME | ssh HOST_NAME_IP  'cat > 
~/tmp_id_rsa.pub && mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat 
~/tmp_id_rsa.pub >> ~/.ssh/authorized_keys && chmod 600 
~/.ssh/authorized_keys && rm ~/tmp_id_rsa.pub && echo “Done”'
Example
KEY_FILE_NAME = putty_key_bob.pub
HOST_NAME_IP = udeprod.ttooPb@ip-10-54-7-67
cat putty_key_bob.pub | ssh udeprod.ttooPb@ip-10-54-7-67  'cat > 
~/tmp_id_rsa.pub && mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat 
~/tmp_id_rsa.pub >> ~/.ssh/authorized_keys && chmod 600 
~/.ssh/authorized_keys && rm ~/tmp_id_rsa.pub && echo “Done”'

This is to be repeated for each key that needs to be added.

Tip: The Clipboard icon is the way to copy and paste things from the in-browser terminal. Text highlighted in the terminal will appear in the clipboard, and can then be highlighted, copied from there.

The process also works in the opposite way. Pasting text into the clipboard, and then right clicking on the ssh session; this will paste whatever was in the clipboard into the terminal.

A successful operation will result in the feedback “/five”.

Overcheck
  1. Navigate to ~/.ssh/ via the in browser terminal. 
    • cd ~/.ssh/
  1. show contents of the file “authorised_keys”
    • cat authorised_keys
  1. You should be able to see the public key at the bottom of this file. 

Tip: Typing the first few characters of an item in terminal, then pressing Tab will auto-complete the item. Refusal to auto-complete indicates there is more than one item with the characters you have typed.

You have successfully added an additional key to the Storage Device.

Connecting to Storage Device with an SFTP Client

There are many SFTP clients available on the web. The two recommended are FileZilla & WinSCP. 

FileZilla – https://filezilla-project.org/ (Cross Platform)

To use FileZilla:

  1. Launch FileZilla after Installation.
  2. Go to File > Site Manager
  3. Click New Site.
  4. Protocol is SFTP.
  5. Enter IP Address of Storage Device as the Host.
  6. Enter the Host ID (takes the form udeprod.XXXXX) as the User.
  7. Set Logon Type to Key File. The Key File is the Private Key.

Details from Status Page of Storage Device

C2bSgCH0pDf9ugrNcX9e1g8jXuhzjRSqYa67FGuRufogmX0G ZZos5OHqj2 0wDmhVUOwIEeQQfwOxd 9OSJK13sZguzwyhAWyk v2S6B2aHC7nYbdM1OTcY1p3WV7YEy4TXTY66dEnaY6932gMzOCVqphwQVQTcmLlhTp28rch67qOzzcrE4CuRCt7VcQ

Example Screen

ER0n86yJNhkZPI0Wqh2VGpjV9lszA8oFOWad3QxGwytp81YH7T3q5Fe6l4iemoRBlpVRBI3tEmmHOVUUZyvyXwmvB80QUjZg5iokGUOSpD0ALDq6oqBBVlUD038 iTgyeYUk1rTP3Kzjh 4zSu6icqQn7NswIrEBRFrif eDAOmbNi0OJ6Vg 7h1mDnKrg