2. ABCI System User Environment
2.1. Create an account
There are three types of ABCI users: "Responsible Person", "Usage Manager", "User". To use the ABCI system, "Responsible Person" needs to register from the ABCI User Portal in advance. For more detail, see the ABCI Portal Guide.
- Account is also issued to "Responsible Person".
- "Responsible Person" can change the "User" to "Usage Manager" using ABCI User Portal.
- "Responsible Person" and "Usage Manager" can add users ("Usage Manager" or "User").
2.2. Connecting to Interactive Node
To connect to the interactive node (es), the ABCI frontend, two-step SSH public key authentication is required.
- Login to the access server (as.abci.ai) with SSH public key authentication, so as to create an SSH tunnel between your computer and es.
- Login to the interactive node (es) with SSH public key authentication via the SSH tunnel.
To connect to the interactive node, you will need the following in advance:
- An SSH client. Your computer most likely has an SSH client installed by default. If your computer is a UNIX-like system such as Linux and macOS, or Windows 10 version 1803 (April 2018 Update) or later, it should have an SSH client. You can also check for an SSH client, just by typing
sshat the command line.
- A secure SSH public/private key pair. ABCI only accepts the following public keys:
- RSA keys, at least 2048bits
- ECDSA keys, 256, 384, and 521bits
- Ed25519 keys
- Registration of SSH public keys. Your first need to register your SSH public key on ABCI User Portal. The instruction will be found at Register Public Key.
If you would like to use PuTTY as an SSH client, please read PuTTY.
Login using an SSH Client
In this section, we will describe two methods to login to the interactive node using a SSH client. The first one is creating an SSH tunnel on the access server first and connecting the interactive node via this tunnel next. The second one, much easier method, is connecting directly to the interactive node using ProxyJump implemented in OpenSSH 7.3 or later.
Login to the access server (as.abci.ai) with following command:
[yourpc ~]$ ssh -i /path/identity_file -L 10022:es:22 -l username as.abci.ai The authenticity of host 'as.abci.ai (0.0.0.1)' can't be established. RSA key fingerprint is XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX. <- Display only at the first login Are you sure you want to continue connecting (yes/no)? <- Enter "yes" Warning: Permanently added 'XX.XX.XX.XX' (RSA) to the list of known hosts. Enter passphrase for key '/path/identity_file': <- Enter passphrase
Successfully logged in, the following message is shown on your terminal.
Welcome to ABCI access server. Please press any key if you disconnect this session.
Be aware! The SSH session will be disconnected if you press any key.
Launch another terminal and login to the interactive node using the SSH tunnel:
[yourpc ~]$ ssh -i /path/identity_file -p 10022 -l username localhost The authenticity of host 'localhost (127.0.0.1)' can't be established. RSA key fingerprint is XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX. <- Display only at the first login Are you sure you want to continue connecting (yes/no)? <- Enter "yes" Warning: Permanently added 'localhost' (RSA) to the list of known hosts. Enter passphrase for key '/path/identity_file': <- Enter passphrase [username@es1 ~]$
If you have OpenSSH 7.3 or later, you can directly connect to the interactive node.
First, add the following configuration to your
Host abci HostName es User username ProxyJump %firstname.lastname@example.org IdentityFile /path/identity_file Host as.abci.ai IdentityFile /path/identity_file
After that, you can log in with the following command only:
[yourpc ~]$ ssh abci
OpenSSH_for_Windows_7.7p1, bundled with Windows 10 version 1803 or later, does not allow you to use ProxyJump and ProxyCommand. They can be used in OpenSSH clients bundled with Windows Subsystem for Linux (WSL).
2.3. File Transfer to Interactive Node
When you transfer files between your computer and the ABCI system, create an SSH tunnel and run the
[yourpc ~]$ scp -P 10022 local-file username@localhost:remote-dir Enter passphrase for key: <- Enter passphrase local-file 100% |***********************| file-size transfer-time
If you have OpenSSH 7.3 or later and already added the configuration to your
$HOME/.ssh/config as described at ProxyJump, you can directly run the
[yourpc ~]$ scp local-file abci:remote-dir
2.4. Change Password
The user accounts of the ABCI system are managed by the LDAP.
You do not need your password to login via SSH,
but you will need your password when you use the User Portal and change the login shell.
To change your password, use the
[username@es1 ~]$ passwd Changing password for user username. Current Password: <- Enter the current password New password: <- Enter the new password Retype new password: <- Enter the new password again passwd: all authentication tokens updated successfully.
Password policies are as follows:
- Specify a character string with more than 15 characters arranged randomly. For example, words in Linux dictionary cannot be used. We recommend generating it automatically by using password creation software.
- Should contain all character types of lower-case letters, upper-case letters, numeric characters, and special characters.
- Do not contain multi-byte characters.
2.5. Login Shell
GNU bash is the login shell be default on the ABCI system.
The tcsh and zsh are available as a login shell.
To change the login shell, use the
The change become valid from the next login.
It will take 10 minutes to update the login shell.
$ chsh [option] <new_shell>
|-l||Display the list of available shells.|
|-s new_shell||Change the login shell.|
Example) Change the current login shell into tcsh
[username@es1 ~]$ chsh -s /bin/tcsh Password for username@ABCI.LOCAL: <- Enter password
When you login to the ABCI system, user environment is automatically set. If you need to customize environment variables such as
LD_LIBRARY_PATH, edit a user configuration file in the following table.
|Login shell||User configuration file|
Make sure to add a new path at the end of
PATH. If you add the new path to the beginning, you may not use the system properly.
The original user configuration files (templates) are stored in /etc/skel.
2.6. Check ABCI Point
To display ABCI point usage and limitation, use the
When your ABCI point usage ratio will reach 100%, a new job cannot be submitted, and queued jobs will become error state at the beginning. (Any running jobs are not affected.)
Example) Display ABCI point information.
[username@es1 ~]$ show_point Group Disk Used Point Used% grpname 5 12,345.6789 100,000 12 `- username - 0.1234 - 0
|Group||ABCI group name|
|Disk||Disk assignment (TB)|
|Used||ABCI point usage|
|Point||ABCI point limit|
|Used%||ABCI point usage ratio|
2.7. Check Disk Quota
To display your disk usage and quota about home area and group area,
Example) Display disk information.
[username@es1 ~]$ show_quota Disk quotas for user username Directory used(GiB) limit(GiB) nfiles /home 100 200 1,234 Disk quotas for ABCI group grpname Directory used(GiB) limit(GiB) nfiles /groups1/grpname 1,024 2,048 123,456
|limit(GiB)||Disk quota limit|
|nfiles||Number of files|
2.8. Communications between compute nodes and external network
Communications between compute nodes and external services/servers are restricted:
Especially, for the outbound (compute nodes -> external) communications which are not currently permitted, we will consider granting a permission for a certain period of time on application basis. For further information, please contact ABCI support if you have any request.