Generating and using SSH Keys for access to CAE computing

An overview on how to generate and make use of ssh-keys for access to CAE resources, primarily the Linux Lab machines.

To make an ssh key, you can use the ssh-keygen command from a terminal on Linux or MacOS:

ssh-keygen -t ed25519

Other key types are available, including RSA, DSA and ECDSA (simply pass one of those as an argument to the "-t" flag). The command will give you some prompts to answer, including what file to save the key to under your homedirectory (in ~/.ssh/), and whether to protect your key with a passphrase.

To use your ssh key with CAE computers, you will need to add your ssh key to the CAE linux lab machines. To do so, run the following command:

ssh-copy-id -i <ssh-keyfile> <your-cae-username>@best-tux.cae.wisc.edu

The argument given to the "-i" should be the file that you created above. This command will prompt for your username and password and add your ssh key to the Linux Lab machines at CAE. Now you can use your ssh key instead of a password to try logging in to best-tux (or a linux lab machine) by using the "-i" flag with ssh.

ssh -i <ssh-keyfile> <your-cae-username>@best-tux.cae.wisc.edu

Note: The use of ssh keys to access CAE Linux lab machines will not require the additional use of MFA Duo authentication. This means that ssh keys can be used for ease of connection, or automated access, where multi-factor authentication is unavailable.