Differences

This shows you the differences between two versions of the page.

--- remote_access_new [2025/08/25 14:48] – amcguire
+++ remote_access_new [2025/08/29 11:43] (current) – removed amcguire
@@ Line 1: / Line 1: @@
-In addition to other forms of remote access, CS Techstaff provides multifactor SSH access to non-forward-facing hosts through the following pair of bastion (jump) hosts.
-  * ''bastion1.cs.uchicago.edu''
-  * ''bastion2.cs.uchicago.edu''
-To access a host that is not directly connected to the Internet via one of the bastion hosts, you may do the following.
-<code>
-amcguire@Andrews-MacBook-Pro ~ % ssh -J bastion1.cs.uchicago.edu linux1.cs.uchicago.edu
-(amcguire@bastion1.cs.uchicago.edu) Duo two-factor login for amcguire
-Enter a passcode or select one of the following options:
-. Duo Push to XXX-XXX-YYYY
-. Phone call to XXX-XXX-YYYY
-. SMS passcodes to XXX-XXX-YYYY
-Passcode or option (1-3): 1
-Success. Logging you in...
-Last login: Mon Aug 25 00:57:26 2025 from 128.135.164.17
-amcguire@focal1:~$
-</code>
-In the preceding, please observe that ''YYYY'' should be the last four digits of your telephone number that's been enrolled with Duo, while the ''-J'' option is used to specify that ''bastion1'' is the proxy jump host used to "jump" to ''linux1''.  A similar result may be obtained via an entry in ''~/.ssh/config'' such as the following.
-<code>
-amcguire@Andrews-MacBook-Pro ~ % cat .ssh/config
-Host linux1
-  HostName linux1.cs.uchicago.edu
-  ProxyJump bastion1.cs.uchicago.edu
-</code>
-So that then all one need do is,
-<code>
-amcguire@Andrews-MacBook-Pro ~ % ssh linux1
-(amcguire@bastion1.cs.uchicago.edu) Duo two-factor login for amcguire
-Enter a passcode or select one of the following options:
-. Duo Push to XXX-XXX-YYYY
-. Phone call to XXX-XXX-YYYY
-. SMS passcodes to XXX-XXX-YYYY
-Passcode or option (1-3):
-</code>
-eliminating the need for the ''-J'' option.