How do I?

User Tools

Site Tools

You are here: start » remote_access
remote_access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
remote_access [2019/04/25 10:52] – [Advanced Usage] kauffmanremote_access [2021/04/30 12:03] (current) – number of linux servers changed ctopper
Line 14: Line 14:
   * linux2.cs.uchicago.edu   * linux2.cs.uchicago.edu
   * linux3.cs.uchicago.edu   * linux3.cs.uchicago.edu
 +  * linux4.cs.uchicago.edu
 +  * linux5.cs.uchicago.edu
 +  * linux6.cs.uchicago.edu
 +  * linux7.cs.uchicago.edu
  
 === Specs === === Specs ===
Line 113: Line 117:
  
 However, if you do this, you have recreated the original problem you were trying to solve! You have just replaced typing an account password with typing a key passphrase every time you wish to authenticate. There is a solution though, that will make everyone happy, using programs called ssh-agent and keychain. Using them is the subject of the next section. However, if you do this, you have recreated the original problem you were trying to solve! You have just replaced typing an account password with typing a key passphrase every time you wish to authenticate. There is a solution though, that will make everyone happy, using programs called ssh-agent and keychain. Using them is the subject of the next section.
 +
 +==== SSH configuration ====
 +
 +Remembering all the options you need for SSH or scrolling in history to find the command might be cumbersome. Instead you can specify the type off connection in you SSH config file. This is located in ~/.ssh/config. Each entry contains a Host and a hostname. Additional arguments can be specified. Example for linux.cs.uchicago.edu:
 +
 +  Host uchicago
 +      Hostname linux.cs.uchicago.edu
 +      User <CNet ID>
 +      IdentityFile ~/.ssh/id_rsa
 +  
 +  Host desktop
 +      Hostname <desktop hostname>   # Do not include .uchicago.edu
 +      User <CNet ID>
 +      IdentityFile ~/.ssh/id_rsa
 +      ProxyJump uchicago
  
 ==== Passphrase-protected SSH Keys using ssh-agent and keychain ==== ==== Passphrase-protected SSH Keys using ssh-agent and keychain ====
Line 128: Line 147:
  
 keychain, by default, is quite verbose. Once you are sure that it is working the way you intend, add a -q option onto the keychain invocation to silence it. keychain, by default, is quite verbose. Once you are sure that it is working the way you intend, add a -q option onto the keychain invocation to silence it.
 +
 +
 +====== PHD Desktops ======
 +Some desktops will require you to use a jump host to get ssh access.
 +
 +<code>
 +ssh -J <cnetid>@linux2.cs.uchicago.edu <cnetid>@<host>.a.cs.uchicago.edu
 +</code>
 +
 +
 +You will want to setup ssh keys in your home directory or you it will ask for your password twice:
 +<code>
 +$ ssh -J cnetid@linux2.cs.uchicago.edu cnetid@<host>.a.cs.uchicago.edu
 +cnetid@linux2.cs.uchicago.edu's password:
 +cnetid@<host>.a.cs.uchicago.edu's password:
 +cnetid@<host>:~$
 +</code>
 +
 +
 +If you haven't done so already you'll need to generate ssh keys:
 +
 +<code>
 +cnetid@linux2:~$ ssh-keygen -t ed25519
 +Generating public/private ed25519 key pair.
 +Enter file in which to save the key (/home/cnetid/.ssh/id_ed25519):
 +Created directory '/home/cnetid/.ssh'.
 +Enter passphrase (empty for no passphrase):
 +Enter same passphrase again:
 +Your identification has been saved in /home/cnetid/.ssh/id_ed25519.
 +Your public key has been saved in /home/cnetid/.ssh/id_ed25519.pub.
 +The key fingerprint is:
 +...
 +</code>
 +<code>
 +cnetid@linux2:~$ cat $HOME/.ssh/id_ed25519.pub >> $HOME/.ssh/authorized_keys
 +</code>
 +
 +# success! we can ssh without a password.
 +<code>
 +cnetid@linux2:~$ ssh linux3
 +Last login: Sat May 18 21:57:18 2019 from 73.208.67.252
 +cnetid@linux3:~$
 +</code>
 +
/var/lib/dokuwiki/data/attic/remote_access.1556207568.txt.gz · Last modified: 2019/04/25 10:52 by kauffman
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki