SSH client on macOS and Linux

Significant changes to authentication coming in April 2025

Starting April 14 2025, SSH login to Puhti and Mahti will only work using SSH keys added in MyCSC. Password authentication and public keys stored in users' personal ~/.ssh/authorized_keys file on the supercomputer will no longer work. This authentication method is already in use on LUMI.

Read the detailed instructions on setting up and using SSH keys.

On Unix-based systems like macOS and Linux, it is recommended to connect to CSC supercomputers using the pre-installed terminal program.

Basic usage

The OpenSSH client typically comes pre-installed on macOS and Linux systems. You can create a remote SSH connection by opening the terminal and running:

# Replace <username> with the name of your CSC user account and
# <host> with "puhti" or "mahti"

ssh <username>@<host>.csc.fi

Graphical connection

Displaying graphics, such as GUIs and plots, over an SSH connection requires a window system. Most macOS and Linux systems have a server program for the X window system (X11) installed by default.

To enable displaying graphics over SSH, use the -X (X11 forwarding) or -Y (trusted X11 forwarding) option when launching the SSH client:

ssh -X <username>@<host>.csc.fi

For more information about the X11 forwarding options, run man ssh in the terminal.

Generating SSH keys

On macOS and Linux, you can use the ssh-keygen command-line utility for generating SSH keys:

ssh-keygen -o -a 100 -t ed25519

You will be asked to type a passphrase. Please choose a secure passphrase. It should be at least 8 characters long and contain numbers, letters and special characters. Never leave the passphrase empty!

Using SSH keys

See the page on setting up SSH keys for general information about using SSH keys for authentication.

Copying public key to supercomputer

Starting April 14 2025, the only way to copy a public key to a supercomputer is through the MyCSC customer portal. Read the instructions here.

Authentication agent

To avoid having to type your passphrase every time you connect to a CSC supercomputer, the ssh-agent utility can hold your keys in memory. The program's behavior depends on your system:

• On Linux systems, ssh-agent is typically configured and run automatically at login and requires no additional actions on your part.

• On macOS systems, you should add the following lines to the ~/.ssh/config file:

  Host *
      UseKeychain no
      AddKeysToAgent yes
  

For more information about ssh-agent, see the relevant SSH Academy tutorial.

Do you find this page useful?

Yes

Thank you for your feedback!

No

Thank you! Your feedback is appreciated.

Please let us know how we could improve this page by contacting us or by creating an issue in GitHub. You can also edit this page yourself and contribute your improvements by creating a pull request.