SSH
You have mastered the shell on your own machine. Now, it is time to leave your laptop behind. In computational biology, your personal computer is rarely powerful enough to do the heavy lifting. Instead, we use it merely as a remote control. The actual work happens on massive, customized supercomputers located in data centers hundreds of miles away.
To bridge the gap between your laptop (the client) and the supercomputer (the server), we use the Secure Shell (SSH) protocol. SSH creates an encrypted tunnel through the internet. When you run SSH, your terminal window stops talking to your local operating system and starts sending your commands through this tunnel to the remote server.
Because the interface looks identical (a black box with text), it is dangerously easy to forget which machine you are controlling. You might think you are deleting a temporary test file on your laptop, only to realize you just wiped a critical dataset on the lab server. Always check your prompt.
Authentication: Keys vs. Passwords
How do you prove to the remote server that you are allowed inside? Historically, you would type a username and a password. In professional engineering, we reject this method.
- Passwords can be brute-forced or stolen.
- You cannot write a script to upload data at 3:00 AM if a human needs to wake up and type a password.
Instead, we use Cryptographic Key Pairs.
Alex’s Soap Box
Post-quantum cryptography has been making some very interesting progress, especially with the release of standardized post-quantum algorithms from NIST.
Think of this system like a custom physical lock and a key.
- The Public Key (The Lock): You upload this to the server. You can give this to anyone. It is effectively saying, “Here is a lock that only I can open. Please install this on your door.”
- The Private Key (The Key): This lives on your laptop. You never give it to anyone. It is the only thing in the universe that can turn the lock.
When you try to log in, the server sees your username and looks at the Public Key (lock) you installed. It challenges your laptop: “I am locking this message. If you are who you say you are, use your Private Key to unlock it.” Your laptop solves the puzzle instantly and returns the result. The server grants you access without you ever having to type a password.
We will generate an Ed25519 key pair. This is the modern, high-performance standard that replaces the older RSA keys. It is smaller, faster, and more secure.
id_ed25519) is your digital identity.
NEVER email it.
NEVER upload it to GitHub.
NEVER share it with a collaborator.
If you expose this file, you must treat your identity as compromised, delete the key, and generate a new one immediately.Learning Resources
GitHub Docs: Generating a new SSH key
Follow the instructions for your specific OS. When asked for the key type, select Ed25519. You do not need to add the key to GitHub yet; we just need the file generated on your machine.
DigitalOcean: SSH Essentials
Read the “SSH Overview” section. Pay close attention to the diagrams explaining the encryption tunnel and the handshake process.