Configuring SSH

OpenSSH, sftp, rsync, VSCode, …

The OpenSSH configuration file is a plain text file that defines Hosts with short, easy to type names and corresponding full DNS names (or IPs) and advanced configuration options, which private key to use, etc. This file being picked up and read by multiple SSH clients or other applications that use the SSH protocol to connect to the cluster. Most clients let you override the defaults in this file for any given login.

Config file location

It is usually located in your home directory or user profile directory under .ssh/config, i.e.

OpenSSH config location

~/.ssh/config
/home/$USERNAME/.ssh/config

~/.ssh/config
/User/$USERNAME/.ssh/config

%USERPROFILE%\.ssh\config
C:\Users\your_username\.ssh\config

OpenSSH config file format

After general options that apply to all SSH connections, you can define a line Host my_shorthand, followed by options that will apply to this host only, until another Host xyz line is encountered. See the OpenSSH documentation for a full list of available options.

Simple configuration examples

Here are different blocks of configuration options you can copy-paste into your config file. You can mix-and-match these, choose the ones you need. Just make sure to replace User xyz with your respective username and if necessary, the path/filename of your private key.

Emmy / Grete (NHR and SCC)

While “Emmy” was originally the name of our NHR/HLRN CPU cluster, we will sometimes refer to it as a generic term for all our CPU partitions. For example, the scc-cpu partition is integrated with Emmy Phase 3 from a technical standpoint, thus Emmy-p3 is the recommended login for SCC users. The same applies to “Grete”, which can be used as the generic login if you want to use any of our GPU partitions.

Host Emmy
	Hostname glogin.hpc.gwdg.de
	User u12345
	IdentityFile ~/.ssh/id_ed25519

Host Emmy-p2
	Hostname glogin-p2.hpc.gwdg.de
	User u12345
	IdentityFile ~/.ssh/id_ed25519

Host Emmy-p3
	Hostname glogin-p3.hpc.gwdg.de
	User u12345
	IdentityFile ~/.ssh/id_ed25519

Host Grete
	Hostname glogin-gpu.hpc.gwdg.de
	User u12345
	IdentityFile ~/.ssh/id_ed25519

KISSKI

Host KISSKI
	Hostname glogin-gpu.hpc.gwdg.de
	User u56789
	IdentityFile ~/.ssh/id_ed25519

Legacy SCC

The legacy SCC login nodes are not reachable from outside GÖNET. You can use the generic login nodes as jumphosts, to avoid the need for VPN if you want to connect from the outside.

Host jumphost
	Hostname glogin.hpc.gwdg.de
	User jdoe1
	IdentityFile ~/.ssh/id_ed25519

Host SCC-legacy
	Hostname login-mdc.hpc.gwdg.de
	User jdoe1
	IdentityFile ~/.ssh/id_ed25519
	ProxyJump jumphost

Tip

You can leave out the jumphost block and ProxyJump jumphost if you always connect from within GÖNET (basically the extended campus network in Göttingen) or use VPN.

Advanced configuration examples

Here are more advanced example configuration for all our clusters with convenient shortcuts for advanced users. Adapt to your needs. To understand this, remember ssh parses it’s config top-down and first-come-first-serve.

That means, if for a given Host the same option appears multiple times, the first one counts and subsequent values are ignored. But for options that were not defined earlier, values will apply from successive appearances. Note that if Hostname is not specified, the Host value (%h) is used.

All frontend nodes, individually specified

# NHR, SCC Project-Portal and KISSKI users
Host glogin*
	Hostname %h.hpc.gwdg.de
	User u12345
	IdentityFile ~/.ssh/id_ed25519


# Use the main login nodes as jumphosts to restricted login nodes
Host jumphost
	Hostname glogin.hpc.gwdg.de
	User jdoe1
	IdentityFile ~/.ssh/id_ed25519

# legacy SCC login nodes
Host gwdu101 gwdu102 login-mdc
	Hostname %h.hpc.gwdg.de
	User jdoe1
	IdentityFile ~/.ssh/id_ed25519
	ProxyJump jumphost

# CIDBN
Host login-dbn*
	Hostname %h.hpc.gwdg.de
	User u23456
	IdentityFile ~/.ssh/id_ed25519
	ProxyJump jumphost

# Cramer/Soeding
Host ngs01
	Hostname ngs01.hpc.gwdg.de
	User u34567
	IdentityFile ~/.ssh/id_ed25519
	ProxyJump jumphost

Complex example using config file tricks

Host myNHRproject1
	User u10123
Host myNHRproject2
	User u10456
Host NHR myNHRproject1 myNHRproject2
	Hostname glogin.hpc.gwdg.de
	IdentityFile ~/.ssh/id_ed25519
Host kisski
	Hostname glogin-gpu.hpc.gwdg.de
	User u10789
	IdentityFile ~/.ssh/id_ed25519
Host glogin* glogin-gpu glogin-p3
	Hostname %h.hpc.gwdg.de
	User nimjdoe
	IdentityFile ~/.ssh/id_ed25519

Host jumphost
	Hostname glogin.hpc.gwdg.de
Host SCC-legacy
	Hostname login-mdc.hpc.gwdg.de
Host SCC-legacy gwdu101 gwdu102 jumphost
	Hostname %h.gwdg.de
	User jdoe1
	IdentityFile ~/.ssh/id_ed25519
Host SCC-legacy gwdu101 gwdu102
	ProxyJump jumphost