Skip to content

1. Get Started

1.0 Who can access ScienceCloud?

Access to the ScienceCloud is open for all researchers at the University of Zurich. Access can also be provided to external collaborators if they are "sponsored" by a researcher affiliated with the UZH.

1.1 Sign up for ScienceCloud

Ask for access by emailing help@s3it.uzh.ch. We will contact you to arrange a meeting for an introduction to the system.

You need to be affiliated with a University of Zurich research group (that we call Project) and have an identity in the ITIM Identity Manager system.

Once you have access to ScienceCloud

  • Open a web browser and go to https://cloud.s3it.uzh.ch (Javascript and Cookies must be enabled)
  • Log in with your UZH webpass (the usual shortname and password)

For more information on the ScienceCloud Web Interface, refer to the next section of the User Guide.

1.2 What can you do with ScienceCloud and what restrictions are in place ?

  • Every user belongs to a Project that normally corresponds to an existing UZH research group.
  • Every Project has a quota that limits the total amount of resources that can be allocated (e.g., instances, CPUs, memory, disk space, network IPs, etc)
  • All members of the same Project are accounted against the Project's quota.
  • All members of the same Project have control over each other's resources. In other words, every user can terminate someone else's instances within a given Project.
  • All Projects on ScienceCloud can access the same physical infrastructure underneath; 
    • if physical resources are exhausted, a Project will not be able to allocate new resources even if its actual usage is currently below its defined quota.

1.3 Configure access for instances

Like most of the available Infrastructure_as_a_Service (Iaas) cloud systems, on ScienceCloud users have to upload their own ssh public key so that it can be passed to new instances when they are launched.

When you create an instance, you can select a key pair (i.e., an ssh public_key). This key is then injected in the running instance when it boots up so that you (and only you) can use the ssh public key authentication mechanism to log into the running instances via the ssh command.

You may either create a new key pair or use an existing one if you already have one; consult the options below according to your operating system.

In Ubuntu 16.04 LTS, several pieces of weak and unsafe cryptography such as DSA public key algorithm are disabled. Thus we recommend using an RSA public key with a 2048 bits key length.

Linux / MacOS / Windows: Create a key pair (from the web interface)

You can create a new key pair directly from the ScienceCloud web interface. This is a viable variant especially if you are running on a Windows system.

  • Log in to https://cloud.s3it.uzh.ch, choose Access & Security under the Compute dropdown menu.

  • Click the Key Pairs tab, which shows the key pairs that are available for this project.

  • Click Create Key Pair.

  • In the Create Key Pair dialog box, enter a name for your key pair then click Create Key Pair.

  • A file called after the name you have chosen as the key pair name will be downloaded on your computer, with the .pem extension.

  • The file downloaded on your computer must be kept secret and protected. If you are using Linux, MacOS, or any other Unix machine, open a terminal and run the following command:

    $ chmod 400 path/to/file.pem

    (you need to replace path/to/file.pem with the full path of the file you just downloaded). This command will change the file permissions so that you and only you can read the file.

  • To make the key pair known to your SSH tools, run the ssh-add command:

    $ ssh-add path/to/file.pem

  • The dashboard will then list the key pair on the Access & Security tab.

Windows: Import a created key pair (from the web interface)

If you are a Windows user and wish to use a Linux VM on ScienceCloud, you can use the following page to create a keypair and connect to the VM using PuTTY: 

Linux / MacOS: Import a created key pair (from the web interface)

On Linux and MacOS systems, the command ssh-keygen is used to create a pair of ssh public/private keys. These keys are usually saved in your home directory under a subdirectory called .ssh. The public key is a file usually named id_rsa.pub or id_dsa.pub, and the corresponding private key has the same name but without the .pub extension.

For example, this command creates a new ssh key of the 'rsa' type:

$ ssh-keygen -t rsa

If you already have an ssh key created using the ssh-keygen command, you can import it as follows:

  • Log in to https://cloud.s3it.uzh.ch, choose Access & Security under the Compute dropdown menu.

  • Click the Key Pairs tab, which shows the key pairs that are available for this project.

  • Click Import Key Pair.

  • From the wizard, click on the Key Pair Name input.

    • the Key Pair Name will be used to identify the specific key pair being passed to the running instances (please note that the key pair name may only contain letters, numbers, underscores, and hyphens).
  • Paste in the Public Key text section the content of your ssh public key (e.g., your id_rsa.pub file); for example, the following command:

    $ cat ~/.ssh/id_rsa.pub

    • Will return the following (example) output/content, which should be pasted in its entirety into the Public Key text section:

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyUgocr/D2yg1URqUmXVAZVGYdLGOi8UR9iEuQ2TYdWPI8YQSrj6IRaS+OvWJkPj9hHOl8bFAp6KOn7/TyhQZGx6UXXFzqPcFvevZkngZo0rcEuMFv/sRv677m1oRFC+dk65F6osDwTHhickbFBSe5h1GCG0YQoatdyR0fwifuKuJI08ygijlvj/yAJGKhYQh3yEtRph8g+nhERAYdtRtNE2o7r2FrRNAoDjbiFKaLZEoHXS2T+WUC1trS5+uT07prgciNTKTXgS3yOb8Bq3SAMtzXUi9O6WUD7luUGHj7N63E2fw+tNJ0cL28NvWdjGhLLUCrz2OrbSyZkuqPPMMt

  • The dashboard will then list the key pair on the Access & Security tab.


Last update: July 30, 2021