This is not required material
SSH keys allow you to log on to a remote server (like CLAC!) using a public-key cryptosystem for authentication. This allows you to log on without typing your password!
In a public-key cryptosystem your local machine has an encrypted private key (which should be kept secret) while the server has a corresponding encrypted public key. This keypair lets you log in securely without a password. These keys are traditionally encrypted using RSA encryption, but in recent years a newer encryption algorithm, Ed25519, has gained in popularity.
We recommend Github’s SSH key guide. You should follow the steps up to (but not including) the section titled “Generating a new SSH key for a hardware security key”.
Please note the following:
Once you have created your keypair, you’ll need to copy your public key over to CLAC, using the following command. Make sure you replace your uni in the commands below and note that it will prompt you for your password.
Replace the public key path with your own path (most likely something like ~/.ssh
) and make sure you are copying over id_ed25519.pub
ssh-copy-id -i ~/.ssh/id_ed25519.pub uni@clac.cs.columbia.edu
If you do not have the ssh-copy-id
command on your system you can run the following command to copy the public key over:
cat ~/.ssh/id_ed25519.pub | ssh uni@clac.cs.columbia.edu “mkdir -p ~/.ssh; cat >> ~/.ssh/authorized_keys”
Again, if you created an RSA keypair instead of an Ed25519 keypair, replace all instances of ‘ed25519’ with ‘rsa’.
Now you should be able to type ssh uni@clac.cs.columbia.edu
and it will log in without requiring a password! You can copy over one public key to many computers if you are logging into many different computers/accounts from one main computer.
It is also recommended to set up a config file for ssh on your local machine. This config file will allow you to use ssh clac
as a shorthand to ssh into your CLAC account. In addition, this will allow commands built on top of the SSH protocol (such as SFTP and rsync) to authenticate using your SSH keys instead of a password.
Please add the following lines to a file called config
in your ~/.ssh
directory (on your local machine):
Host clac
HostName clac.cs.columbia.edu
User <your-UNI-here>
AddKeysToAgent yes
The AddKeysToAgent
option tells your local computer to add any keys you have to its ssh-agent
which is a program used to determine which keys can be used as authentication when ssh-ing.
As always, feel free to stop by during office hours or start a thread on the listserv if you want help setting any of this up.