Skip to content
Contact Support

Standard Terminal Setup

Prerequisite

Warn

The following instructions may not work when using any non-standard terminal client.

First time setup

The login process can be simplified significantly with a few easy configurations.

  1. In a new local terminal run; mkdir -p ~/.ssh/sockets this will create a subdirectory in your home directory to store socket configurations.

  2. Open your ssh config file (e.g. nano ~/.ssh/config to open with the text editor nano) and add the following (replacing username with your username):

    Host nesilander 
        User username 
        HostName lander.hpc.nesi.org.nz 
        ForwardX11 yes
        ForwardX11Trusted yes
        ServerAliveInterval 300
        ServerAliveCountMax 2
    
    
    Host nesi
        User username 
        Hostname login.hpc.nesi.org.nz
        ProxyCommand ssh -W %h:%p nesilander
        ForwardX11 yes
        ForwardX11Trusted yes
        ServerAliveInterval 300
        ServerAliveCountMax 2
    

    Close and save with ctrl x, ctrl y, Enter

  3. Ensure the permissions are correct by running chmod 600 ~/.ssh/config.

  4. Run the command.

    ssh nesi
    
  5. You will be prompted to approve host authenticity

    The authenticity of host 'lander.hpc.nesi.org.nz (163.7.144.68)' can't be established.
    ECDSA key fingerprint is SHA256:############################################.
    ECDSA key fingerprint is MD5:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##.
    Are you sure you want to continue connecting (yes/no)? 
    

    Type yes and Enter

  6. You will be presented with a link.

    Authenticate at https://iam.nesi.org.nz/realms/public/device?user_code=XXXX-XXXX and press ENTER.
    

    Depending on the terminal used, you may have to hold ctrl when clicking to follow the link.

    Double Authentication

    If you set up your .ssh/config as recommended you will be prompted to authenticate again.
    We are working on fixing this.

  7. Select your institution, you will be prompted to provide your login details.

  8. Click 'Yes' when prompted to trust this device. This will allow you to log in without 2FA for 7 days. The name can be anything. alt text.

  9. Scan the QR code with your authenticator app. Then enter the six digit code provided. You may give your device a name.

    alt text

  10. Return to your terminal, and press enter.

Subsequent log in

  1. ssh nesi
  2. Follow the link.
  3. You may be prompted for your 6 digit code.
  4. Return to your terminal, and press enter.

What Next?