SSH/SFTP Access#
QHub provides a secure method for users to login while also providing additional ways to connect to the cluster through
jupyterhub-ssh. This allows users to access a cluster and a JupyterLab environment via
ssh. In addition, users can easily transfer files back and forth via
sftp. And for users who prefer terminal based editors, such as emacs or vim, they can log in and automate tasks on the
cluster without browser access. For more detailed information on using jupyterhub-ssh, please refer to the
documentation.
In order to login via ssh a user needs to generate an API token. Visit https://<qhub-url>/hub/token. Where <qhub-url> is the domain name of your QHub cluster. You will be
shown a screen similar to the one below. You need only generate the API token once; it can be reused going forward. To revoke the API token, simply return to this page and click
revoke.
To request a new token, add a short description, such as ssh login token, and click on Request new API token. Copy and save the generated api token (in this case
f0b80688484a4ac79a21b38ec277ca08).
You can now log into the QHub cluster via the terminal using ssh. Note that you will use your QHub username, shown in the top right-hand corner of the screen. You will need to
provide this username explicitly when connecting via ssh. See the example below on using the -o option with ssh, and notice the ports used by QHub for ssh and sftp.
sshuses port8022
sftpuses port8023
$ ssh -o User=costrouchov@quansight.com training.qhub.dev -p 8022
The authenticity of host '[training.qhub.dev]:8022 ([35.223.107.201]:8022)' can't be established.
RSA key fingerprint is SHA256:mKy546LpI0cbqm/IY8dQR0B5QcbEziWLjLglern5G+U.
This key isn't known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[training.qhub.dev]:8022' (RSA) to the list of known hosts.
(costrouchov@quansight.com@training.qhub.dev) Password:
costrouchov@quansight.com@jupyter-costrouchov-40quansight-2ecom:~$