How do I?

User Tools

Site Tools

You are here: start » remote_access_new
remote_access_new

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
remote_access_new [2025/08/25 15:36] amcguireremote_access_new [2025/08/29 11:43] (current) – removed amcguire
Line 1: Line 1:
-====== Bastion (Jump) Access ====== 
  
-In addition to other forms of remote access, CS Techstaff provides multifactor SSH access to non-forward-facing hosts through the following pair of bastion (jump) hosts. 
- 
-  * ''bastion1.cs.uchicago.edu'' 
-  * ''bastion2.cs.uchicago.edu'' 
- 
-**In order to attain access, CS Techstaff will require access to your SSH public key in order to install it on the jump servers. At no time will CS Techstaff ask for your private key.** After this step has been completed, in order to access a host that is not directly connected to the Internet via one of the bastion hosts, you may do the following. 
- 
-<code> 
-amcguire@Andrews-MacBook-Pro ~ % ssh -J bastion1.cs.uchicago.edu linux1.cs.uchicago.edu 
-(amcguire@bastion1.cs.uchicago.edu) Duo two-factor login for amcguire 
- 
-Enter a passcode or select one of the following options: 
- 
- 1. Duo Push to XXX-XXX-YYYY 
- 2. Phone call to XXX-XXX-YYYY 
- 3. SMS passcodes to XXX-XXX-YYYY 
- 
-Passcode or option (1-3): 1 
-Success. Logging you in... 
-Last login: Mon Aug 25 00:57:26 2025 from 128.135.164.17 
-amcguire@focal1:~$  
-</code> 
- 
-In the preceding, please observe that ''YYYY'' should be the last four digits of your telephone number that's been enrolled with Duo, while the ''-J'' option is used to specify that ''bastion1'' is the proxy jump host used to "jump" to ''linux1'' A similar result may be obtained via an entry in ''~/.ssh/config'' such as the following. 
- 
-<code> 
-amcguire@Andrews-MacBook-Pro ~ % cat .ssh/config  
-Host linux1 
-  HostName linux1.cs.uchicago.edu 
-  ProxyJump bastion1.cs.uchicago.edu 
-</code> 
- 
-So that then all that needs to be done is 
- 
-<code> 
-amcguire@Andrews-MacBook-Pro ~ % ssh linux1 
-(amcguire@bastion1.cs.uchicago.edu) Duo two-factor login for amcguire 
- 
-Enter a passcode or select one of the following options: 
- 
- 1. Duo Push to XXX-XXX-YYYY 
- 2. Phone call to XXX-XXX-YYYY 
- 3. SMS passcodes to XXX-XXX-YYYY 
- 
-Passcode or option (1-3):  
-</code> 
- 
-eliminating the need for the ''-J'' option. 
/var/lib/dokuwiki/data/attic/remote_access_new.1756154181.txt.gz · Last modified: 2025/08/25 15:36 by amcguire
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki