Passwordless SSH

Passwordless SSH Setup on SeaWulf

Note: Passwordless SSH allows you to log in without typing your SeaWulf password each time. You must have a SeaWulf account. Request one via the IACS Ticketing System.

MacOS and Linux

Generate a public/private key pair from the terminal:

ssh-keygen -t rsa -b 4096 -C "<your_netid>@login.seawulf.stonybrook.edu"

When prompted, name the file (or press enter for default):

Enter file in which to save the key (/home/<your_netid>/.ssh/id_rsa): <filename>

Create a passphrase (optional but recommended):

Enter passphrase (empty for no passphrase): <passphrase>
Enter same passphrase again: <same passphrase>

Add your private key to the ssh-agent:

ssh-add <private key>

Upload your public key to the login node:

ssh-copy-id -i <mykey> <your_netid>@login.seawulf.stonybrook.edu

If ssh-copy-id is not available:

cat ~/.ssh/id_rsa.pub | ssh <your_netid>@login.seawulf.stonybrook.edu 'cat >> .ssh/authorized_keys && echo "Key copied"'

You should now be able to SSH into SeaWulf without entering a password.

Windows: MobaXterm

  1. Download MobaXterm Home Edition.
  2. Open a local terminal via "Start local terminal".
  3. Generate a key pair:
ssh-keygen -t rsa

Press enter through the prompts or add a passphrase. Output example:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/mobaxterm/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/mobaxterm/.ssh/id_rsa.
Your public key has been saved in /home/mobaxterm/.ssh/id_rsa.pub.

Upload the public key to the login node:

cat ~/.ssh/id_rsa.pub | ssh <netid>@login.seawulf.stonybrook.edu "cat - >> ~/.ssh/authorized_keys"
  1. Open a new MobaXterm session: "Session" → "SSH", input the remote host (login.seawulf.stonybrook.edu), check "Specify username" and enter your NetID.
  2. Click "Advanced SSH Settings", check "Use private key", and select your saved key.
  3. Click "OK" to connect; session should now use passwordless SSH.

Note: If you reconnect to an older session not configured with your private key, MobaXterm will ask for a password. Always use the most recent session or create a new one with your private key configured.

Windows: PuTTY and PuTTYgen

  1. Download PuTTY and PuTTYgen.
  2. Open PuTTYgen, select "SSH-2 RSA" and 2048 bits, click "Generate". Move your mouse until the key is generated.
  3. Optionally add a passphrase, then save the public and private keys to known locations.
  4. Copy the public key text to your clipboard.
  5. SSH into your account using PuTTY, navigate to ~/.ssh/authorized_keys, and paste the public key in a new line.
  6. Close all active shells, open a new PuTTY session, enter login info, and in "Connection → SSH → Auth" browse to your private key.
  7. Save the session configuration. Connect; PuTTY will now use passwordless SSH.