Inloggningsproblem

When I connect with ssh, my client asks me to verify the key is correct, what should it say?

Answer:

Either

hkhuV+0mUDL7N4Jpr8/OWInrORSAL5ZRpvAqfjyg7Jg (RSA)

or

DqWSn29G5iwTpMeo8LZWeZrHKktW3NqtuVlVUJet6LE (DSA)

or

W/MazH3WrH0wKrHBOJpPbDaU4qeYGqiv3FRPsdXIsb4 (ECDSA)

My connection to UPPMAX is dropped / timed out

If you need a long running interactive session to the cluster it might time out after a while if there's no activity over the connection. This is usually due to different network equipment and configurations along the way between your computer and our systems.

A workaround to remedy this is to change your SSH clients "keep alive" settings. On Mac/Linux you can try this by adding the ServerAliveInterval option when connecting:

ssh -AX -o ServerAliveInterval=10 user@milou.uppmax.uu.se

The number 10 tells SSH how many seconds to wait until it will send a keep alive message to the SSH server on Uppmax end. This number might have to be adjusted for each specific occasion, as it depends on what ISP and network the user is using when connecting. But if it appears to help, then a line "ServerAliveInterval 10" can be inserted into the file ~/.ssh/config on the client, that way you don't have to append the option manually each time you're connecting.

If you use PuTTY or MobaXTerm on e.g. Windows, then there should be similar settings available in the menus.

How can I upload and download files from UPPMAX to my computer?

Transfering files to and from your UPPMAX is one of the things we get asked about most. Regardless what operating system or application you use, all connections (including transfer) to UPPMAX muse be made over a secure SSH-connection. Below we have listed for each operating system a couple of ways to transfer your files.

Note: You want to transfer from abroad? Please read this guide first.

Linux and OS X

The rsync tool is available on both Linux and Mac OS X systems and is one of our favourite tools. It is a command-line based fast, versatile and remote file-copying tool. The best thing about it that it can restart a lost connection without copying all files again. That is very handy! The rsync tool is available from the Terminal, which you can search and find from the Launchpad if you are using OS X. For more information on rsync please read the manual ("man rsync") or search for guides on the Internet. There are plenty of information available.

A standard rsync command call looks like this

rsync -flags user@cluster.uppmax.uu.se:/path/to/your/files destination_directory

where -flags is rsync options, and user is your UPPMAX username. Perhaps best explained by a few examples:

Example 1: Transfering files from UPPMAX

rsync -ah jvneumann@rackham.uppmax.uu.se:/proj/snic2017-1-1/nature_pub ~/

The above command connects to the Rackham cluster as user jvneumann and transfer the directory /proj/snic2017-1-1/nature_pub back to my home (~) directory on my machine. If I have not set-up passwordless login I will be prompted to enter my password. The flag "-ah" is short for -a (archive) and -h (human readable, for some nicer formatting).

Example 2: Transfering files to UPPMAX

rsync -ah new_data_dir jwatson@milou.uppmax.uu.se:/proj/b20170101/

Will transfer the directory new_data_dir to the project directory b20170101

For Mac OS X users, if you are having trouble with rsync then the SFTP client Cyberduck is an alternative for graphically browsing and uploading/downloading files. Download it from http://cyberduck.ch/ and follow their instructions to install it on your computer.

Windows

You can use the WinSCP program or MobaXTerm to work with files on UPPMAX.

Please note that when you first login to UPPMAX you will see your home directory. If you are an UPPNEX user and want to access your UPPNEX project's data files then you need to browse to the directory /proj/[project id]/. You can read more about our different file systems and quota limits on our disk storage guide.

Another alternative is to mount e.g. your UPPMAX home directory on your local machine as a network drive using SSHFS. While convenient, it can be tricky to set up and we will not provide support, so we leave the details as an exercise for the reader.

Transfers to NCBI or ENA

Data uploaded to the Nucleotide Archive (ENA) is reflected to NCBI, vice versa. We recommend uploading data to ENA from UPPMAX. Please follow this guide: https://ena-docs.readthedocs.io/en/latest/submit/general-guide.html

Why can't I scp/sftp/rsync to UPPMAX when I can connect with ssh?

It's likely that you output some text in your login scripts.

Utilities like scp/rsync and in some cases sftp works only if your login scripts do not produce any output to stdout.

IF you want to produce output you MUST make sure they do it only for interactive logins or send output to stderr.

You can use the following code (assuming bash):

tty -s && echo "Interactive print stuff here"

alternatively

if tty -s; then echo "Interactive print stuff here" fi

You might also want to look at the guide for transferring files when using two factor authentication.

How do I use SSH keys to login to UPPMAX?

To generate a SSH key using OpenSSH:

Run the 'ssh-keygen' command as shown in the following example. Be sure to enter a password for the key, as that will make your key much more secure; omit this passphrase if the key will be used to perform automated (scripted) operations. (Note though that if we find local keys on UPPMAX machines without any passphrase, then they will be deleted; i.e. you can only have this non-passphrase key on your local machine.) Your username is replaced with USERNAME in this example.

$ ssh-keygen -t ed25519 Generating public/private ed25519 key pair. Enter file in which to save the key (/home/username/.ssh/id_ed25519): Created directory '/home/username/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/username/.ssh/id_ed25519. Your public key has been saved in /home/username/.ssh/id_25519.pub. The key fingerprint is: SHA256:0wvR2GgxtvLza4LRUK47+9wyk3NHXL35dEiSWgoK1Vs usernamef@yourcomputer The key's randomart image is: +--[ED25519 256]--+ | .+ | | ..oOE | | ..o*oo . . | | . .++o + o .| | . =S..= + .o| | + .=o.o .oo| | + .o. .o| | +.B.o.. .| | .+oOo. | +----[SHA256]-----+

if you have an old client, chances are ed25519 is not available. In this case you can fall back to RSA (-t rsa instead of -t ed25519 to ssh-keygen).

Copying the public key to the remote server

Once you have generated a key pair, you will need to copy the public key to the remote server so that it will use SSH key authentication. The public key file shares the same name as the private key except that it is appended with a .pub extension. Note that the private key is not shared and remains on the local machine.

Simple method

If your key file is ~/.ssh/id_ed25519.pub you can simply enter the following command.

$ ssh-copy-id username@rackham.uppmax.uu.se

SSH agents

If your private key is encrypted with a passphrase, this passphrase must be entered every time you attempt to connect to an SSH server using public-key authentication. Each individual invocation of ssh or scp will need the passphrase in order to decrypt your private key before authentication can proceed.

An SSH agent is a program which caches your decrypted private keys and provides them to SSH client programs on your behalf. In this arrangement, you must only provide your passphrase once, when adding your private key to the agent's cache. This facility can be of great convenience when making frequent SSH connections.

An agent is typically configured to run automatically upon login on your laptop/workstation running Linux and persist for the duration of your login session. A variety of agents, front-ends, and configurations exist to achieve this effect. This section provides an overview of a number of different solutions which can be adapted to meet your specific needs.

Once ssh-agent is running, you will need to add your private key to its cache.

$ ssh-add Enter passphrase for /home/user/.ssh/id_ed25519: Identity added: /home/user/.ssh/id_ed25519 (/home/user/.ssh/id_ed25519)

If your key is not having the default name or you have more than one key you must specify which key is to be used.

$ ssh-add ~

/

.ssh

/

anothername Enter passphrase for /home/user/.ssh/anothername: Identity added: /home/user/.ssh/anothername (/home/user/.ssh/anothername)

After the identity is successfully added, the ssh-agen will automatically provide your private key for authentication when you ssh or scp to UPPMAX.

Note: If you use GNOME, during the first attempt to login, the "Password and Encription Keys" program will automatically find your key and ask you for the key's password. This is equivalent to the ssh-add command described above.

More information can be found on the ArchLinux wiki page for SSH keys.

Please refer to the following guide about how to use ssh-keys under Windows using PuTTY. If you are using MobaXterm to connect to UPPMAX it has a built in tool for SSH key generation called MobaKeyGen, which can be accessed in the "Tools" menu.

How do I choose a good password for my UPPMAX account?

NSC has a really good webpage about account security. Read the NSC webpage on security.

We have a few tips here as well:

• Don't reuse your password anywhere else.
• Check your password against published lists of known passwords (e.g. this one). If it's there, use a new password.
• Avoid logging in from untrusted networks.