Passwordless SSH

Passwordless SSH Setup on SeaWulf

Note: Passwordless SSH allows you to log in without typing your SeaWulf password each time. You must have a SeaWulf account. See Accounts & Project Numbers on SeaWulf for more information.

MacOS and Linux

Generate a public/private key pair from the terminal:

ssh-keygen -t rsa -b 4096 -C "<your_netid>@login.seawulf.stonybrook.edu"

When prompted, name the file (or press Enter for default):

Enter file in which to save the key (/home/<your_netid>/.ssh/id_rsa): <filename>

Create a passphrase (optional but recommended):

Enter passphrase (empty for no passphrase): <passphrase>
Enter same passphrase again: <same passphrase>

Add your private key (the file without the .pub extension) to the ssh-agent:

ssh-add <private key>

Upload your public key to the login node:

ssh-copy-id -i <mykey> <your_netid>@login.seawulf.stonybrook.edu

If ssh-copy-id is not available:

cat ~/.ssh/id_rsa.pub | ssh <your_netid>@login.seawulf.stonybrook.edu 'cat >> .ssh/authorized_keys && echo "Key copied"'

You should now be able to SSH into SeaWulf without entering a password.

Windows: MobaXterm

  1. Download MobaXterm Home Edition.
  2. Open a local terminal via "Start local terminal".
  3. Generate a key pair:
ssh-keygen -t rsa

Press Enter through the prompts or add a passphrase. Output example:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/mobaxterm/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/mobaxterm/.ssh/id_rsa.
Your public key has been saved in /home/mobaxterm/.ssh/id_rsa.pub.

Upload the public key to the login node:

cat ~/.ssh/id_rsa.pub | ssh <your_netid>@login.seawulf.stonybrook.edu "cat - >> ~/.ssh/authorized_keys"
  1. Open a new MobaXterm session: "Session" → "SSH", input the remote host (login.seawulf.stonybrook.edu), check "Specify username" and enter your NetID.
  2. Click "Advanced SSH Settings", check "Use private key", and select your saved key.
  3. Click "OK" to connect; the session should now use passwordless SSH.

Note: If you reconnect to an older session not configured with your private key, MobaXterm will ask for a password. Always use the most recent session or create a new one with your private key configured.

Windows: PuTTY and PuTTYgen

  1. Download PuTTY and PuTTYgen.
  2. Open PuTTYgen, select "SSH-2 RSA" and 4096 bits, then click "Generate". Move your mouse until the key is generated.
  3. Optionally add a passphrase, then save the public and private keys to known locations.
  4. Copy the public key text to your clipboard.
  5. SSH into your account using PuTTY, navigate to ~/.ssh/authorized_keys, and paste the public key in a new line.
  6. Close all active shells, open a new PuTTY session, enter login info, and in "Connection → SSH → Auth" browse to your private key.
  7. Save the session configuration. Connect; PuTTY will now use passwordless SSH.

You should now be able to connect to SeaWulf without entering your password on future logins.