NEMO/Login: Difference between revisions
mNo edit summary |
K Siegmund (talk | contribs) |
||
(20 intermediate revisions by one other user not shown) | |||
Line 8: | Line 8: | ||
|} |
|} |
||
The login nodes of the bwHPC clusters are the access point to the compute system, your <code>$HOME</code> directory and your workspaces. |
|||
After completing the [[Registration/bwForCluster|web registration]], the NEMO cluster is ready for your '''SSH''' based login. |
|||
All users must log in through these nodes to submit jobs to the cluster. |
|||
'''Prerequisites for successful login:''' |
|||
You need to have |
|||
⚫ | |||
* completed the 3-step [[registration]] procedure. |
|||
⚫ | |||
* [[Registration/2FA|set up a second factor (one-time password, OTP)]] |
|||
{|style="background:#deffee; width:100%;" |
|||
|style="padding:5px; background:#cef2e0; text-align:left"| |
|||
[[Image:Attention.svg|center|25px]] |
|||
|style="padding:5px; background:#cef2e0; text-align:left"| |
|||
The NEMO registration continues to use the old registration page https://bwservices.uni-freiburg.de, while the second factor (2FA) must be configured on the new registration page https://login.bwidm.de. https://login.bwidm.de is not used for anything else so far! |
|||
|} |
|||
= Login to bwForCluster NEMO = |
|||
Login to bwForCluster NEMO is only possible with a Secure Shell (SSH) client for which you must know your username on the cluster and the hostname of the login nodes. |
|||
⚫ | |||
⚫ | |||
If you want to use the NEMO cluster you need to add a prefix to your local username. |
If you want to use the NEMO cluster you need to add a prefix to your local username. |
||
For prefixes please refer to the [[Registration/Login/Username|'''Username Wiki''']]. |
|||
Example:<br/> |
Example:<br/> |
||
If your local username for the University is <code>vwxyz1234</code> and you are a user from the University of Freiburg this would combine to: |
* If your local username for the University is <code>vwxyz1234</code> and you are a user from the University of Freiburg this would combine to: <code>fr_vwxyz1234</code>. |
||
fr_vwxyz1234 |
|||
= |
== Hostnames == |
||
The system has two login nodes. |
The system has two login nodes. |
||
Line 38: | Line 57: | ||
== Login with SSH command (Linux, Mac, Windows) == |
|||
= SSH clients = |
|||
⚫ | |||
⚫ | |||
⚫ | |||
Then start a terminal, e.g. "xterm", "konsole" or "gnome-terminal" under Linux, the "Terminal" app under Mac OS or under Windows the "Terminal" app (command: 'cmd') or "PowerShell". |
|||
For login use one of the following ssh commands: |
|||
== Login form Linux or Mac == |
|||
⚫ | |||
ssh <username>@login.nemo.uni-freiburg.de |
ssh <username>@login.nemo.uni-freiburg.de |
||
Line 53: | Line 72: | ||
ssh -Y -l <username> login.nemo.uni-freiburg.de |
ssh -Y -l <username> login.nemo.uni-freiburg.de |
||
For better performance, we recommend using |
For better graphical performance, we recommend using the VNC module on the cluster: 'module load vis/turbovnc'. |
||
== Login |
== Login with graphical SSH client (Windows) == |
||
For |
For Windows we suggest using MobaXterm for login and file transfer. |
||
⚫ | |||
After installing a linux system with WSL use the instructions for linux. |
|||
Start ''MobaXterm'', fill in the following fields: |
Start ''MobaXterm'', fill in the following fields: |
||
Line 75: | Line 92: | ||
Proceed as follows: |
Proceed as follows: |
||
# Use SSH for a login node. |
# Use SSH for a login node. |
||
# When you log in for the first time, you must confirm the SSH fingerprint of the login node. |
|||
# The system will ask you for your service password <code>Password:</code>. Please enter it and confirm it with Enter/Return. If you do not have a service password yet or have forgotten it, please create one (see [[Registration/Password]]). |
# The system will ask you for your service password <code>Password:</code>. Please enter it and confirm it with Enter/Return. If you do not have a service password yet or have forgotten it, please create one (see [[Registration/Password]]). |
||
# You will be greeted by the cluster, followed by a shell. |
# You will be greeted by the cluster, followed by a shell. |
||
Line 80: | Line 98: | ||
<pre> |
<pre> |
||
~ $ ssh fr_vwxyz1234@login.nemo.uni-freiburg.de |
~ $ ssh fr_vwxyz1234@login.nemo.uni-freiburg.de |
||
The authenticity of host 'login.nemo.uni-freiburg.de (132.230.222.12)' can't be established. |
|||
ED25519 key fingerprint is SHA256:JDP0H4SjxdnkfYOVpP09xRHAlvB3GCGhAJVMZAmQX5M. |
|||
This key is not known by any other names. |
|||
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes |
|||
Warning: Permanently added 'login.nemo.uni-freiburg.de' (ED25519) to the list of known hosts. |
|||
fr_vwxyz1234@login.nemo.uni-freiburg.de's password: |
fr_vwxyz1234@login.nemo.uni-freiburg.de's password: |
||
Line 123: | Line 148: | ||
fr_vwxyz1234@login1 ~]$ |
fr_vwxyz1234@login1 ~]$ |
||
</pre> |
</pre> |
||
= SSH Keys on NEMO = |
|||
Interactive SSH keys can be used with a second factor. |
|||
You must copy your public SSH keys into: |
|||
<pre> |
|||
~/.ssh/authorized_keys |
|||
</pre> |
|||
== Workflow and Command SSH Keys == |
|||
This example uses 'rrsync' (see [[Registration/SSH/rrsync|rrsync wiki]]). |
|||
If you want to use workflows and commands without a second factor, you can use SSH command keys. |
|||
The command needs to look like this: |
|||
<pre> |
|||
command="/usr/local/bin/rrsync -ro /home/aa/aa_bb/aa_abc1/",from="10.10.10.0/24" |
|||
</pre> |
|||
Please send the following information to the [[NEMO/Support|'''NEMO support''']]: |
|||
<pre> |
|||
command="/usr/local/bin/rrsync -ro /home/aa/aa_bb/aa_abc1/",from="10.10.10.0/24" ssh-rsa ... username |
|||
</pre> |
|||
This command then will be allowed on '''workflow.nemo.uni-freiburg.de''', example: |
|||
<pre> |
|||
rsync -av workflow.nemo.uni-freiburg.de:remotedir/ localdir/ |
|||
</pre> |
|||
= Allowed Activities on Login Nodes = |
= Allowed Activities on Login Nodes = |
||
Line 136: | Line 192: | ||
|} |
|} |
||
The login nodes of the bwHPC clusters are the access point to the compute system, your <code>$HOME</code> directory and your |
The login nodes of the bwHPC clusters are the access point to the compute system, your <code>$HOME</code> directory and your workspaces. |
||
These nodes are shared with all the users therefore, your activities on the login nodes are limited to primarily set up your batch jobs. |
These nodes are shared with all the users therefore, your activities on the login nodes are limited to primarily set up your batch jobs. |
||
Your activities may also be: |
Your activities may also be: |
||
Line 144: | Line 200: | ||
We advise users to use [[BwForCluster_NEMO_Specific_Batch_Features#Interactive_Jobs|interactive jobs]] for compute and memory intensive tasks like compiling. |
We advise users to use [[BwForCluster_NEMO_Specific_Batch_Features#Interactive_Jobs|interactive jobs]] for compute and memory intensive tasks like compiling. |
||
= |
= Related Information = |
||
⚫ | |||
= De-registration = |
|||
* If you want to reset your service password, consult the [[Registration/Password|Password Guide]]. |
|||
* If you want to de-register, consult the [[Registration/Deregistration|De-registration Guide]]. |
|||
* Configuring your shell: [[.bashrc Do's and Don'ts]] |
Latest revision as of 11:55, 5 November 2024
Access to NEMO is limited to IP addresses from the BelWü network. All home institutions of our current users are connected to BelWü, so if you are on your campus network (e.g. in your office or on the campus WiFi) you should be able to connect to NEMO without restrictions. If you are outside one of the BelWü networks (e.g. at home), a VPN connection to the home institution or a connection to an SSH jump host at the home institution must be established first. |
The login nodes of the bwHPC clusters are the access point to the compute system, your $HOME
directory and your workspaces.
All users must log in through these nodes to submit jobs to the cluster.
Prerequisites for successful login:
You need to have
- completed the 3-step registration procedure.
- set a service password for NEMO.
- set up a second factor (one-time password, OTP)
The NEMO registration continues to use the old registration page https://bwservices.uni-freiburg.de, while the second factor (2FA) must be configured on the new registration page https://login.bwidm.de. https://login.bwidm.de is not used for anything else so far! |
Login to bwForCluster NEMO
Login to bwForCluster NEMO is only possible with a Secure Shell (SSH) client for which you must know your username on the cluster and the hostname of the login nodes. For more general information on SSH clients, visit the SSH clients Guide.
Username
If you want to use the NEMO cluster you need to add a prefix to your local username. For prefixes please refer to the Username Wiki.
Example:
- If your local username for the University is
vwxyz1234
and you are a user from the University of Freiburg this would combine to:fr_vwxyz1234
.
Hostnames
The system has two login nodes. You have to select the login node yourself.
Hostname | Node type |
---|---|
login.nemo.uni-freiburg.de | NEMO first login node alias |
login1.nemo.uni-freiburg.de | NEMO first login node |
login2.nemo.uni-freiburg.de | NEMO second login node |
Login with SSH command (Linux, Mac, Windows)
Most Unix and Unix-like operating systems such as Linux, Mac OS, and *BSD, as well as newer versions of MS Windows 10 and 11, have a built-in SSH client provided by the OpenSSH project. If you want to use the full set of Linux commands on Windows, you can also install the Windows Subsystem for Linux (WSL) on newer Windows 10 and 11 versions very easily. Then start a terminal, e.g. "xterm", "konsole" or "gnome-terminal" under Linux, the "Terminal" app under Mac OS or under Windows the "Terminal" app (command: 'cmd') or "PowerShell".
For login use one of the following ssh commands:
ssh <username>@login.nemo.uni-freiburg.de ssh -l <username> login.nemo.uni-freiburg.de
To run graphical applications, you can use the -X
or -Y
flag to ssh
:
ssh -Y -l <username> login.nemo.uni-freiburg.de
For better graphical performance, we recommend using the VNC module on the cluster: 'module load vis/turbovnc'.
Login with graphical SSH client (Windows)
For Windows we suggest using MobaXterm for login and file transfer.
Start MobaXterm, fill in the following fields:
Remote name : login.nemo.uni-freiburg.de # or login1.nemo.uni-freiburg.de, login2.nemo.uni-freiburg.de Specify user name : <username> Port : 22
After that click on 'ok'. Then a terminal will be opened and there you can enter your credentials.
Login Example
To log in to NEMO, you must provide your service password. Proceed as follows:
- Use SSH for a login node.
- When you log in for the first time, you must confirm the SSH fingerprint of the login node.
- The system will ask you for your service password
Password:
. Please enter it and confirm it with Enter/Return. If you do not have a service password yet or have forgotten it, please create one (see Registration/Password). - You will be greeted by the cluster, followed by a shell.
~ $ ssh fr_vwxyz1234@login.nemo.uni-freiburg.de The authenticity of host 'login.nemo.uni-freiburg.de (132.230.222.12)' can't be established. ED25519 key fingerprint is SHA256:JDP0H4SjxdnkfYOVpP09xRHAlvB3GCGhAJVMZAmQX5M. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'login.nemo.uni-freiburg.de' (ED25519) to the list of known hosts. fr_vwxyz1234@login.nemo.uni-freiburg.de's password: Last login: Thu Sep 8 16:01:18 2022 from host1.nemo.uni-freiburg.de Research Cluster Baden Wuerttemberg bwForCluster ooooo ooo oooooooooooo ooo ooooo .oooooo. `888b. `8' `888' `8 `88. .888' d8P' `Y8b 8 `88b. 8 888 888b d'888 888 888 8 `88b. 8 888oooo8 8 Y88. .P 888 888 888 8 `88b.8 888 " 8 `888' 888 888 888 8 `888 888 o 8 Y 888 `88b d88' o8o `8 o888ooooood8 o8o o888o `Y8bood8P' Neuroscience Elementary Microsystems Materials Particle Engineering Science Physics -------------------------------------------------------------------------------- Node : login1.nemo.uni-freiburg.de OS : CentOS 7.9 (Rev. 23), 3.10.0-1160.76.1 -------------------------------------------------------------------------------- NEMO Info : http://www.nemo.uni-freiburg.de NEMO Status : http://www.nemo.uni-freiburg.de/nemo/stat/ NEMO Support : http://www.nemo.uni-freiburg.de/support/ NEMO News : http://www.nemo.uni-freiburg.de/news/ Central Wiki : http://wiki.bwhpc.de -------------------------------------------------------------------------------- Status : NEMO: normal operation -------------------------------------------------------------------------------- Published : 2022-09-03 by HPC Team Freiburg Security update September applied (CentOS 7.9, Rev. 23). See update log for timestamps /opt/bwhpc/os-revisions/security_update_2022-09. See http://www.nemo.uni-freiburg.de for more information on NEMO. -------------------------------------------------------------------------------- fr_vwxyz1234@login1 ~]$
SSH Keys on NEMO
Interactive SSH keys can be used with a second factor. You must copy your public SSH keys into:
~/.ssh/authorized_keys
Workflow and Command SSH Keys
This example uses 'rrsync' (see rrsync wiki).
If you want to use workflows and commands without a second factor, you can use SSH command keys. The command needs to look like this:
command="/usr/local/bin/rrsync -ro /home/aa/aa_bb/aa_abc1/",from="10.10.10.0/24"
Please send the following information to the NEMO support:
command="/usr/local/bin/rrsync -ro /home/aa/aa_bb/aa_abc1/",from="10.10.10.0/24" ssh-rsa ... username
This command then will be allowed on workflow.nemo.uni-freiburg.de, example:
rsync -av workflow.nemo.uni-freiburg.de:remotedir/ localdir/
Allowed Activities on Login Nodes
To guarantee usability for all the users of clusters you must not run your compute jobs on the login nodes. Compute jobs must be submitted to the queuing system. Any compute job running on the login nodes will be terminated without any notice. Any long-running compilation or any long-running pre- or post-processing of batch jobs must also be submitted to the queuing system. |
The login nodes of the bwHPC clusters are the access point to the compute system, your $HOME
directory and your workspaces.
These nodes are shared with all the users therefore, your activities on the login nodes are limited to primarily set up your batch jobs.
Your activities may also be:
- short compilation of your program code and
- short pre- and post-processing of your batch jobs.
We advise users to use interactive jobs for compute and memory intensive tasks like compiling.
Related Information
- If you want to reset your service password, consult the Password Guide.
- If you want to de-register, consult the De-registration Guide.
- Configuring your shell: .bashrc Do's and Don'ts