Using XSEDE SSO Hub As A Jump Host

**PLEASE NOTE: This is NOT the normal mechanism to use the XSEDE SSO Hub as described in the XSEDE SSO documentation:

Users can make use of XSEDE's Single Sign-On (SSO) Login Hub to simplify ssh'ing directly to Jetstream instances WITHOUT adding new keys for each and every host they ever originate from into their Atmosphere settings:


ssh -l <XSEDE_username>
  • enter XSEDE password and perform multi-factor authentication
[<XSEDE_username>@ssohub ~]$ ssh-keygen
**accept defaults and hit return for your password

[<XSEDE_username>@ssohub ~]$ cat .ssh/
**copy the entire entry all the way from “ssh-rsa” through “”

[<XSEDE_username>@ssohub ~]$ exit

From now on, you’ll be able to use the following to connect to your Jetstream instances from any local computer that has ssh but jumping through the XSEDE-SSO host:

ssh -l <XSEDE_username> -J <individual Jetstream instance IP#>

You'll be asked to provide your XSEDE credentials, and authenticate with Duo/Phone, then your ssh-keys with be used to access the instance (if you have a password in your keys, you'll be asked for that at this time).

my_laptop> ssh -l john_public -J
Please login to this system using your XSEDE username and password:
password: ##########
Duo two-factor login for john_public

Enter a passcode or select one of the following options:

 1. Duo Push to XXX-XXX-5555
 2. Phone call to XXX-XXX-5555

Passcode or option (1-2): 1
Enter passphrase for key '/Users/john_public/.ssh/id_rsa': 
Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.15.0-54-generic x86_64)