SCIENCE HPC Center - High Performance Computing Centre at the University of Copenhagen

	Documentation SLURM Lustre MPI Compilers VGL ssh Visual Studio Dynamic firewall OLD: Shared filesystem OLD: Volume Storage Account How to get an account Contact Contact
			Fingerprints from frontends The current fingerprints for the frontends at HPC/UCPH are: fend01 RSA: MD5:a8:86:d5:d7:47:7d:6a:8c:fd:a0:c2:7a:8d:7c:db:9f SHA256:QsLBmVbCD9c4VLrnFXQCiY7FeHVNUsiGJ67AJCiea1Q ED25519: MD5:31:e2:b4:fa:5c:af:88:93:46:72:01:90:5d:65:dc:9d SHA256:wyU9R8DjcMdGAEDbDlPtuIPRI7DAkFmXV+6oJKGr02M fend02 RSA: MD5:c3:50:19:83:e7:5d:0f:ef:59:87:b1:a7:b9:d9:5f:a7 SHA256:dx4X0otsa7tMXr9UpLOxfFQPe/lz1vbpX4ocaLqmMIY ED25519: MD5:b0:f8:91:c2:f8:2a:63:65:3d:c0:62:9a:77:a9:2c:93 SHA256:Tl75PNd5eSJ/BiG77ROdoLOW2+BZ68H9CWyZowqQ3tg fend05 RSA: MD5:ad:39:cf:98:3e:99:e1:e4:23:d8:de:a5:6d:91:c8:3c SHA256:QYV3CawFbi7yk6AhYrMoITPz4p0Kf2xO4V00zNL9RYc ED25519: MD5:c2:3f:82:41:13:dd:33:45:3d:2f:a8:1e:4e:c5:6e:67 SHA256:kYiCd7CGnCb6uJrfD5JX/8U4XcuHMyg8Ntyv9YYsnQg astro01 RSA: MD5:2e:1c:f8:80:42:b0:12:3e:07:2b:ce:9d:0a:9d:33:50 SHA256:tf1+lClLyL9maSxU5beD3t8HW4Mapt0q73W4g7Tba7U ED25519: MD5:95:c6:30:20:8a:d2:f6:59:32:87:7b:6e:f7:bb:92:92 SHA256:vADa0y+v4hHmEolwueE10yWhsubRuXJm56BTzz/MPSE astro02 RSA: MD5:77:68:b9:39:78:f6:8d:67:a0:61:1d:23:9d:8b:83:e0 SHA256:ttn/opkEFVeJSBte517ZZLPmwgwWh3LXs1AcOLCf9D8 ED25519: MD5:16:68:0d:81:80:9f:b4:b7:c7:0e:27:5e:06:0c:3a:1b SHA256:aSi62fzCXieUs/SlILh9BKu4T1PRpakN4wY69y6conw astro03 RSA: MD5:e1:82:dd:ae:96:82:ab:43:b2:f2:c9:97:e4:3c:b8:b7 SHA256:H+Tnz0lgtQFz2bz0UYrbnAx+uGWW4cOV9ckJVHpbZpM ED25519: MD5:20:35:73:a0:af:94:d9:31:25:28:fd:22:ed:22:0a:ce SHA256:8+21I02zsK12MWLUu9zVeQviiMbMGiIZs4sGB+J3r6k astro04 RSA: MD5:ff:6c:5b:4b:eb:1a:fe:62:b2:1b:42:06:8a:8f:66:87 SHA256:HTR6+3eohK3A1pctx4zI4SUPMwkLdHpTsbFBy2AYluQ ED25519: MD5:d6:40:65:39:1d:87:06:4b:ad:59:49:c7:8e:d2:d6:88 SHA256:fe2Dlbtz7dZaZ1/zTaxtlOXbuhaCHqjSwk9sqR2zUN4 magni RSA: MD5:bf:29:78:d9:57:bf:67:f9:eb:5d:1e:f5:9f:50:f1:bf SHA256:x21aGuZiXFFIpPfA5H9W+Si9oVxMn+ydyiDmRCYk5ts ED25519: MD5:d3:13:ee:a0:2a:53:35:f8:69:4f:82:83:06:fa:35:49 SHA256:MlCr3x5tnx5Pn0rB+9zX850dVGbdu/ov3BB6Iq4zC/g dark01 RSA: MD5:f3:d8:2b:3d:54:77:ef:5a:10:48:da:e5:c1:83:74:dd SHA256:amUYaXAe8MDO9pDKwdRK7QxWnUs+2aZkMMCgPAfd+lQ ED25519: MD5:10:21:a9:ef:3c:62:de:8a:1c:a6:6a:67:88:e1:c1:48 SHA256:eGhpKy08LL+q2N7Dpq9Xd2V6PS9rwYkkGi4Gv7THByw hep01 RSA: MD5:71:18:0d:1a:1e:06:c9:32:81:79:9f:c1:18:7c:c3:d9 SHA256:eCP1MT9hhEdBir1BFdv2PxKmWV/q5xNDzCQNDjxgSyg ED25519: MD5:aa:c7:60:50:b2:67:2a:a5:da:b9:83:4c:7b:ad:ed:81 SHA256:eP4HQOzKE/DlHmzKNh0b506k5V4gELdYZVRMEUaOWVs hep02 RSA: MD5:6c:bd:82:f5:06:83:4c:a9:30:1a:e0:ab:40:b0:20:84 SHA256:yW/Qw9gxQvn/kYZEZKPv8W468lWye/0XDLW1w06JLyc ED25519: MD5:5b:84:53:59:74:8e:43:31:14:96:c6:fd:99:6b:4f:0a SHA256:sS13VBc1xxxx2Eazr7MukBKK7xDlgtBo8UwlzZCBCxo hep03 RSA: MD5:e6:72:17:aa:41:6c:94:10:1f:af:9e:3f:18:8f:21:60 SHA256:kkGOatrooZIS9Qlv53aWWMR8Clnk0Z2dBrMUNaKaDrw ED25519: MD5:6d:13:2a:3b:77:91:0d:a3:02:7e:13:99:9d:94:c3:2e SHA256:5XZwYuz0T+TL946xQICg0EMP48yZGlY03eoVbGjg6ZQ hep04 RSA: MD5:96:20:66:8c:85:5c:f9:ea:c5:37:c4:5c:4f:02:57:04 SHA256:TjNcwg4w/ZcKQwawZyPiBPiw5pKDzQb58pQWA5PXO3A ED25519: MD5:70:2c:53:fb:b2:24:9f:1f:50:b1:8d:dc:63:e7:fe:f1 SHA256:4blUkgafepKzVD503ZjVwXxiirjmNFFRUoLxgiNSh3k otp RSA: MD5:24:eb:cb:74:ac:30:5f:4d:11:22:a4:31:92:64:71:d3 SHA256:vY0i7rfIfWwINzJPjtrUhE40rzHfgqN2rsq+YvcQXug ED25519: MD5:d7:0f:97:70:fb:fb:e5:d8:52:f6:c8:e1:4f:22:0e:5b SHA256:LzIrr4wIlbflszB5q95hk5lTIFuBozX9sZw+I47Tcoo front RSA: MD5:64:21:45:eb:52:99:20:f0:cf:44:47:f2:c6:d1:ec:35 SHA256:uHbXXasbYpHjH11t1L57AJpNIz8N0Pfc5HARECv75Ac ED25519: MD5:4b:7f:28:e6:8e:61:7f:84:73:37:dc:95:65:70:2c:fb SHA256:k3/7UXS+Itt8samNGiS/S0MW7WctYFIE2jgAJCtzrQk Handeling old fingerprints If you have used a frontend before, you should get a warning about a new fingerprint. If the reported fingerprint matches the list abowe, please update -- if it doesn't match, something is wrong and you should try another frontend - and if the problem persist, contact support. Example: $ ssh fend03 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ The RSA host key for fend03.hpc.ku.dk has changed, and the key for the corresponding IP address 10.266.1.13 is unknown. This could either mean that DNS SPOOFING is happening or the IP address for the host and its host key have changed at the same time. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is SHA256:1o/3qHI/ImLYjuME0llmztWy6IuXxZY4sLM0r1NR2hM. Please contact your system administrator. Add correct host key in /path/to/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /path/to/.ssh/known_hosts:433 RSA host key for fend03 has changed and you have requested strict checking. Host key verification failed. If the fingerprint matches the list at the top, update it locally - either by removing the old fingerprint with an editor or by running: `ssh-keygen -R fend03.hpc.ku.dk` Checking the hostkey, I can now connect to fend03 `ssh HPCuser@fend03 The authenticity of host 'fend03 (10.266.1.13)' can't be established. RSA key fingerprint is SHA256:1o/3qHI/ImLYjuME0llmztWy6IuXxZY4sLM0r1NR2hM. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'fend03,10.266.1.13' (RSA) to the list of known hosts. [HPCuser@fend03 ~]$` Disconnects while idle On some networks, the router/firewall will drop what it consider idle/stall (ssh) connection. This can be prevented by adding: `Host * ServerAliveInterval 60` to `.ssh/config` on your local laptop/computer. Windows CMD Users on Windows, might get: `Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to X.X.X.X port 22: message authentication code incorrect` A workaround is to add the flag -m hmac-sha2-512-etm@openssh.com to the ssh command (and -o MACs=hmac-sha2-512-etm@openssh.com to your scp command), or MACs=hmac-sha2-512-etm@openssh.com to your ssh_config for the host(s) where you experience this issue. More information in this upstream issue. OS X Terminal Users on OS X, might get: `-bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory` See a solution here (Method #1 or Method #2) An alternative suggestion is to to add: `export LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8` to .bash_profile on the Mac and restart the shell. Note: We don't have Mac's, so we have not testet this ourself. WARNING: connection is not using a post-quantum key exchange algorithm Users of OpenSSH 10.1 will see the message that: ` WARNING: connection is not using a post-quantum key exchange algorithm. This session may be vulnerable to "store now, decrypt later" attacks. ** The server may need to be upgraded. See https://openssh.com/pq.html` Our SSH-servers are still OpenSSH 8, so they don't yet support the needed "post-quantum" algorithms. If you want to silence the warning, you can add: `WarnWeakCrypto no-pq-kex` to the .ssh/ssh_config file on you local machine.