ProxyJump ssh not working on Baobab

HPC Technical
15

Hi @Tomke.Schroeer

I did the procedure again starting from the begening and it’s working.

  1. On your local machine, Save old ssh key and create a new one
mkdir ~/.ssh/old
mv ~/.ssh/*  ~/.ssh/old
ssh-keygen

On the cluster, make sure you have not id_rsa key (make a back up too)

  1. Copy the rsa.pub in https://my-account.unige.ch/main/home end wait for 5-10 min the synchronisation with AD is done.

3 On your local machine configure the proxyjump:

[alberta@localhost .ssh]$ cat ~/.ssh/config

host bao
   HostName login2.baobab.hpc.unige.ch
   User alberta
Host cpu*
   HostName %h
   User alberta
   ProxyJump bao
  1. copy your public in the authorized_key_file by running:
[alberta@localhost .ssh]$ ssh-copy-id -f login2.baobab.hpc.unige.ch
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/alberta/.ssh/id_rsa.pub"

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'login2.baobab.hpc.unige.ch'"
and check to make sure that only the key(s) you wanted were added.

I check and my authorized key files contains my last key (and others)

  1. Alloc a test job and open a new tab on your local machine and try to connect on the allocated node:

:warning: Make sure your test is on Baobab cluster

On baobab:

(baobab)-[alberta@login2 ~]$ salloc
salloc: Pending job allocation 5574654
salloc: job 5574654 queued and waiting for resources
salloc: job 5574654 has been allocated resources
salloc: Granted job allocation 5574654
salloc: Waiting for resource configuration
salloc: Nodes cpu001 are ready for job

On your local machine:
( My first test was on cpu026 this is the message a i got)

[alberta@localhost .ssh]$ ssh cpu026
The authenticity of host 'cpu026 (<no hostip for proxy command>)' can't be established.
RSA key fingerprint is SHA256:tKqp4nljL+EGVKl8T0VF2nS36DkHVFMpLxQOPg/gKvg.
RSA key fingerprint is MD5:8f:75:c4:18:8a:75:f1:f1:19:4d:85:92:3b:b6:2a:e1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'cpu026' (RSA) to the list of known hosts.
Last login: Tue Oct 24 10:49:29 2023
Installed: Thu Aug 17 14:40:08 CEST 2023

But working on cpu001 too:

[alberta@localhost ~]$ ssh cpu001
Last login: Mon Oct 23 16:43:34 2023
Installed: Thu Aug 17 14:28:26 CEST 2023
(baobab)-[alberta@cpu001 ~]$