SSH
The HPC system is primarily accessed through a Secure Shell (SSH) connection on the login nodes. Most operating systems are shipped with OpenSSH, on Windows we recommend to use WSL with one of the Linux distribution avaible in the MS Store instead of the native OpenSSH client.
SSH gateway
Note for Academic users
The present section is not applicable to you and you must use your university gateway instead to connect to Lucia's login nodes. Please check the Gateway section of the CÉCI documentation website for help on how to use your university gateway.
The SSH gateway is mainly used as a jump host to Lucia's login nodes for Cenaero and industry users. It has its own local authentication system and filesystem, as a consequence, when changing your password or SSH key, you'll have to change it on both, the gateway and one of Lucia's login nodes. As the gateway is basically just a jump host, the disk space is limited, each user has a 10GB quota soft limit and 40GB hard limit with a 7-day grace period, that disk space shouln't be used for anything other than transient transfer.
You should be able to connect to the SSH gateway with the following command:
If it is your initial connection, you'll be requested to change your password. Your password must be at least 12-character long, and must have at least 1 upper case letter, 1 lower case letter, 1 numeric character and 1 special character.Login nodes
Lucia currently has 2 login nodes available through a common host name frontal.lucia.cenaero.be, connections are load-balanced via simple DNS round-robin, so you'll randomly connect to one of the two nodes. You can also directly connect to either of the login nodes, using frontal01.lucia.cenaero.be or frontal02.lucia.cenaero.be.
From the gateway.lucia.cenaero.be gateway (or hosts allowed to directly connect to the login nodes such as the CÉCI's gateways), you should be able to connect to the login nodes with:
SSH host key
Depending on your version of SSH and the type of host key it records in your ~/.ssh/known_hosts file, you may receive a warning message about a man-in-the-middle attack when connecting to frontal.lucia.cenaero.be, this is caused by the fact that you're connecting either to frontal01 and frontal02 and the two have a different ED25519 host key (ECDSA, RSA and DSA keys are the same on both servers).
To avoid this issue, just remove the host key for frontal.lucia.cenaero.be from your ~/.ssh/known_hosts file and use the ECDSA host key instead with a wildcard in the hostname in order to use the same host key for frontal.lucia.cenaero.be, frontal01.lucia.cenaero.be and frontal02.lucia.cenaero.be:
ssh-keygen -f ~/.ssh/known_hosts -R frontal.lucia.cenaero.be
echo "frontal*.lucia.cenaero.be,10.90.0.* ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMsp0o1PqzLFoPBjiURqe0XgzKuO/MvxtN1FawChfo4IICOpX/LNy7s7MIScnr6mVyGZzsQK4v8ehIK2YtcWVWE=" >> ~/.ssh/known_hosts
SSH keypairs
SSH config file example
Note for Academic users
The present section is not applicable to you, please use the ssh_config wizard to help you configure your ~/.ssh/config file, and tick the "Tier1" checkbox.
# Lucia gateway ---------------------------------
Host gwlucia
Hostname gateway.lucia.cenaero.be
Port 22
User <your_username>
IdentityFile ~/.ssh/id_rsa
ForwardAgent yes
# Lucia frontal nodes ---------------------------
Host lucia
Hostname frontal.lucia.cenaero.be
Port 22
User <your_username>
IdentityFile ~/.ssh/id_rsa
ProxyJump gwlucia