Log in to Nova with SSH Client

SSH versus Nova OnDemand

While Nova OnDemand provides a convenient way to log in to Nova using a web browser, many users prefer to use a dedicated SSH client, especially when doing a lot of work from the command line.  These instructions will guide you through setting up SSH on Nova.

Topics

• Must Be On-Campus or on VPN
• Install an Authenticator App
• Choose an SSH Client (OpenSSH Preferred)
• Connect to Nova head node
• First Time Connect and E-mail
• Install MFA Key in MS Authenticator

Must Be On-Campus or on VPN

To connect to Nova you must either be on-campus or connected to the campus VPN (https://vpn.iastate.edu).

Install an Authenticator App

You will need install an Authenticator App on your phone (or your desktop) that can be used to generate your time-based verification code that Nova uses for mutli-factor authentication (MFA).  You may already have MS Authenticator installed for other ISU services.  That is recommended.  Google Authenticator also works.

Choose an SSH Client (OpenSSH Preferred)

If you have a Mac or Linux computer, you already have the ssh client from OpenSSH installed.   If you open a Terminal window and type:

$ ssh -V
it should return something like:
OpenSSH_8.7p1, OpenSSL 3.0.7 1 Nov 2022

If you are using Windows, we recommend installing Windows Subsystem for Linux (WSL) from Microsoft.   WSL provides a familiar Linux experience that can be useful when using Nova. 

Connect to Nova head node

From Terminal or console window, use one of the following commands to connect to Nova:

$  ssh <netid>@nova.its.iastate.edu       (The normal Nova head node)

or

$  ssh <netid>@vs-code.its.iastate.edu   (Head node for VS-code users)
 

where the <netid> is your ISU NetID.

First Time Connection and E-mail

The first time you connect, the system should detect that your MFA key has not been generated.  It will then generate an e-mail that gets sent to your ISU e-mail address that includes your MFA key as a QR code and instructions on how to install it.   You should see this message displayed:

    ******** Your GA was not setup yet. ********
    Please check your email and follow the instructions there before attempting to login again.
    ****** Please check your email ******

Install MFA Key on MS Authenticator

The Nova MFA key for is different from the one used by https://login.iastate.edu .
Follow the steps below to add your Nova key to MS Authenticator (other authenticator apps work similarly):

1. Open MS Authenticator and click the + upper right
   
2. Click Work or school account
   
3. Click "Scan QR code"
   
   1. You may be asked to give permission to use the camera so it can scan the QR code, you don't have to allow it, but it is quicker and more accurate to use the QR Code.
   2. Scan the code from the email or enter the seed code manually.
   3. You should now see the 6 digit authentication codes Nova will be asking for.
      

4. You should now be able to login to nova using Nova MFA code and ISU password. Note that neither your Verification code or password will print out.

   $ ssh your-netid@nova.its.iastate.edu
   (your-netid@nova.its.iastate.edu) Verification code:
   (your-netid@nova.its.iastate.edu) Password:
   Last login: Fri Sep 27 13:19:50 2024 from 129.186.XX.XXX