With the implemenation of two-factor authentication on the ssh protocol at the Observatory, you need to setup two ssh keys to make life easy. These two key are:

1. To login from your laptop to an Observatory machine
2. To login between computers at the Observatory

Below we deal with these two cases.

Login from the internet is usually done from your own personal computer. Of course that is a MacBook, but for all those 'other system' users we describe belog how to setup a private/public key pair to allow seemless lgon to the Observatory computers.

For Windows, you can use putty, MobaXterm or Bitvise Tunnelier to open a terminal session to a Linux desktop or server computer. Below we describe the seutp for each program separately:

• Setup putty
• Setup Bitvise Tunnelier

• Setup key based login from MacOS

• Setup Linux

To setup an ssh key pair to allow you to login password/2fa less between Observatory computers tthat all share the /home directory structure, you can simply create a keypair in your .ssh directory:

$ ssh-keygen -t ecdsa
Generating public/private ecdsa key pair.
Enter file in which to save the key (/home/testuser1/.ssh/id_ecdsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/testuser1/.ssh/id_ecdsa
Your public key has been saved in /home/testuser1/.ssh/id_ecdsa.pub
The key fingerprint is:
SHA256:xb4Rs37UbXt3Wn5cHkdKWy2ZDBbor9F83IYNLhjsfIU testuser1@bree.strw.leidenuniv.nl
The key's randomart image is:
+---[ECDSA 256]---+
|           ...   |
|         .. o    |
|         o=. + o.|
|         o++E.O.+|
|        So+*.=.@o|
|         .=+* BoB|
|          o+.o =O|
|          ..   +B|
|              . o|
+----[SHA256]-----+

and then add the public key to your authorized_keys file:

 cat ~/.ssh/id_ecdsa.pub >> ~/.ssh/authorized_keys

From this point on login into Observatory Lunix computers from Observatory Linux computers is easy.