You are here

User Notice: Action required as part of upcoming system security enhancements

To enhance the security of its resources, Compute Canada is modifying the configuration of the SSH security protocol used to connect to its clusters. SSH protects the information transmitted between the user and the cluster, and verifies the identity of both parties. To learn more about SSH, please read the Compute Canada wiki page: https://docs.computecanada.ca/wiki/SSH

The new configuration will affect all users and requires action from you.

For details on the upcoming changes, see the wiki page: https://docs.computecanada.ca/wiki/SSH_security_improvements

Action required

Prior to implementation, users must test their SSH client by connecting to server ssh-test.computecanada.ca using their Compute Canada credentials.

  • If you can’t connect, you will need to update your SSH client (instructions for how to do that can be found on the SSH security improvements wiki page).
  • If you can connect, your SSH client is compatible and no further action is required until the security change implementation date.

Following implementation, all users must update the local copies of the host key, which is used to identify each Compute Canada cluster. Instructions for how to update the host key can be found on the SSH security improvements wiki page.

  • Note: If you use a personal SSH key, you may also have to generate a new key pair. To find out in advance, you can try to use your personal key on the  ssh-test.computecanada.ca test server.

The flowchart below outlines the steps mentioned above:

Implementation date

The changes will be implemented in early September. Users will be notified by email 10 days prior to the start date. Users who haven’t completed the process described above will be unable to connect to Béluga, Cedar, Graham and Niagara.

Questions / support

If you require further assistance or have questions about this process, please email support@computecanada.ca.