Standard Terminal Setup

Prerequisite

• Have an active account and project.
• Have one of:
  • Built in Linux/Mac terminal
  • Windows Subsystem for Linux
  • VSCode

Warn

The following instructions may not work when using any non-standard terminal client.

First time setup

The login process can be simplified significantly with a few easy configurations.

1. In a new local terminal run; mkdir -p ~/.ssh/sockets this will create a subdirectory in your home directory to store socket configurations.

2. Open your ssh config file (e.g. nano ~/.ssh/config to open with the text editor nano) and add the following (replacing username with your username):

   Host nesilander 
       User username 
       HostName lander.hpc.nesi.org.nz 
       ForwardX11 yes
       ForwardX11Trusted yes
       ServerAliveInterval 300
       ServerAliveCountMax 2
   
   
   Host nesi
       User username 
       Hostname login.hpc.nesi.org.nz
       ProxyCommand ssh -W %h:%p nesilander
       ForwardX11 yes
       ForwardX11Trusted yes
       ServerAliveInterval 300
       ServerAliveCountMax 2
   

   Close and save with ctrl x, ctrl y, Enter

3. Ensure the permissions are correct by running chmod 600 ~/.ssh/config.

4. Run the command.

   ssh nesi
   

5. You will be prompted to approve host authenticity

   The authenticity of host 'lander.hpc.nesi.org.nz (163.7.144.68)' can't be established.
   ECDSA key fingerprint is SHA256:############################################.
   ECDSA key fingerprint is MD5:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##.
   Are you sure you want to continue connecting (yes/no)? 
   

   Type yes and Enter

6. You will be presented with a link.

   Authenticate at https://iam.nesi.org.nz/realms/public/device?user_code=XXXX-XXXX and press ENTER.
   

   Depending on the terminal used, you may have to hold ctrl when clicking to follow the link.

   Double Authentication

   If you set up your .ssh/config as recommended you will be prompted to authenticate again.
   We are working on fixing this.

7. Select your institution, you will be prompted to provide your login details.

8. Click 'Yes' when prompted to trust this device. This will allow you to log in without 2FA for 7 days. The name can be anything. .

9. Scan the QR code with your authenticator app. Then enter the six digit code provided. You may give your device a name.

   

10. Return to your terminal, and press enter.

Subsequent log in

1. ssh nesi
2. Follow the link.
3. You may be prompted for your 6 digit code.
4. Return to your terminal, and press enter.

What Next?

• Moving files to/from a cluster.
• Setting up an X-Server (optional).