SSH directly to Peregrine

Many DOE labs and tightly secured corporate environments have firewalls that don't allow access to VPNs. The peregrine-ssh.nrel.gov access point allows direct SSH access on port 22 to secured Peregrine login nodes for users outside of NREL. Our current jump-node (hpcsh.nrel.gov) does not provide direct-to-peregrine access, making some processes such as the ability to SCP from your workstation more challenging. This peregrine-ssh.nrel.gov solution should help Peregrine users get more work done with fewer hassles.

Prerequisites

Before you can access the peregrine-ssh.nrel.gov SSH access point, you must have:

• An active NREL HPC user account (see Accounts)
• An OTP Token, issued by NREL High Performance Computing and attached to your account (see OTP Token Setup)

Logging into peregrine-ssh.nrel.gov

With your HPC account and your configured OTP token generator ready, simply SSH to peregrine-ssh.nrel.gov.

ssh username@peregrine-ssh.nrel.gov

When you connect, you will be prompted for Password+OTP_Token

For example:

If your password is perfectNorth-Nov11
and the token reads 123456 
you would type: perfectNorth-Nov11123456 

Upon successful login, you'll be presented with a local system message and a prompt. 

Now you should be able to start running jobs on the Peregrine supercomputer!

8-hour Session Limits and Maintenance

Since this system will be Internet-facing, we expect to do patching often and connection interruptions may occur. Also, there is an 8-hour connection limit for external connections. We recommend our external users take advantage of tools such as tmux and screen for session management that will accommodate the ephemeral nature of Internet connected sessions. These security patches may occasionally require a system reboot. If a reboot is necessary, the expected recovery time is approximately 7 minutes.

tmux man page:
 http://man.openbsd.org/OpenBSD-current/man1/tmux.1
screen user's manual:
 https://www.gnu.org/software/screen/manual/screen.html