SLAC PEP-II
BABAR
SLAC<->RAL
Babar logo
HEPIC E,S & H Databases PDG HEP preprints
Organization Detector Computing Physics Documentation
Personnel Glossary Sitemap Search Hypernews
Unwrap page!
Comp. Search
Who's who?
Meetings
FAQ Homepage
Archive
Environment
Administration
New User Info.
Web Info/Tools
Monitoring
Training
Tools & Utils
Programming
C++ Standard
SRT, AFS, CVS
QA and QC
Remedy
Histogramming
Operations
PromptReco
Simulation Production
Online SW
Dataflow
Detector Control
Evt Processing
Run Control
Calibration
Databases
Offline
Workbook
Coding Standards
Simulation
Reconstruction
Prompt Reco.
BaBar Grid
Data Distribution
Beta & BetaTools
Kanga & Root
Analysis Tools
RooFit Toolkit
Data Management
Data Quality
Event display
Event Browser
Code releases
Databases
Check this page for HTML 4.01 Transitional compliance with the
W3C Validator
(More checks...)

Using ssh-agent

The transfer machines at SLAC are accessible using ssh. In order to make the access more convenient ssh keys and ssh-agent are used. This allows to type the passphrase, that protects a key only once

1) Create ssh keys

The ssh keys are stored in the $HOME/.ssh directory. If keys don't exists yet they are created using
ssh-keygen -t rsa1
This will create the two files, identity and identity.pub which are the private and public key respectively. The private key has to be protected so that nobody except youself is able to read it. The keys have to be protected choosing a passphrase. As with normal passwords this one should be secure. Instead of creating rsa1 on could also use other keys for example rsa:
ssh-keygen -t rsa
This will create two keys: id_rsa and id_rsa.pub

2) Add Public-Key to authorized_keys File

Add the public-key to the $HOME/.ssh/authorized_keys file on the host that you want to access. Either copy and paste it or if the public key is accessible do : cat <public-key> >> authorized_keys (If you copy and paste the key make sure that it is one line in the authorized_keys file)

3) Start ssh-agent

On your local host start the ssh agent either by: 

eval `ssh-agent -c|-s`      -c(-s) for csh(sh) like shells
or 
 ssh-agent tcsh       or bash,sh instead of tcsh

The first invocation sets evironment variables in the current shell whereas the second call starts a new shell and sets the environment variables in that shell.

An ssh-agent is kill by running

ssh-agent -k

4) Load keys to ssh-agent

On your local host run:

ssh-add

This will load all the keys in your ~/.ssh directory (identity, id_rsa, id_dsa). You have to type in the passphrase that protects these keys.

In order to list the keys that are loaded in the agent run:

ssh-add -l

wilko@slac.stanford.edu
Last modified: Wed Sep 27 07:23:14 PDT 2006