wiki:SSH
Last modified 5 years ago Last modified on 02/01/13 14:05:25

Connecting to remote hosts

SSH is a program that allows you to connect to the CS machines from your dorm room or home. It is considered secure because all communications done through ssh are encrypted. This means anyone monitoring the network traffic (i.e., sniffing) will only see encrypted text going by, and not what you are actually typing (like your password). The machine you are connecting from will need an SSH client. Macs and Linux machines have this installed by default. For Windows, the easiest way is to install PuTTY and optionally WinSCP.

The command line syntax for connecting to a remote host is

ssh username@lab.cs.swarthmore.edu

Replace username with your login name to connect to the CS network. If you are already on the CS network, you can connect to another machine by just specifying its name, e.g., ssh lime. You will be prompted for your password on the remote host when connecting. If you are connecting to the CS network, this is your CS password.

Transferring files with scp

To copy from your CS account to your home or local machine, use the following example

scp username@lab.cs.swarthmore.edu:cs21/labs/02/puppies.py  ./

To go in the other direction

scp puppies.py username@lab.cs.swarthmore.edu:cs21/labs/02/

You can copy entire directories using the -r option

scp -r username@lab.cs.swarthmore.edu:cs21/labs ./

The example above copies all folders in the labs directory to the current directory on your local machine

Connecting using SSH Keys

Typing your password all the time can be annoying, especially if you are connecting to many machines. SSH allows you to set up keys so that you only need to type your key password once per session, and then you can ssh to other machines that know about your key without a password. To use this method, you must first create a key pair and setup your keys. Afterward, you will only need to authenticate once when starting a new session.

Create a new key pair

If you previously created a key pair, you should have the following files in your ~.ssh/ directory

$ ls ~/.ssh
authorized_keys id_rsa id_rsa.pub

If you do not have these files, create them with ssh-keygen. You should always create a passphrase for your SSH keys. This should not be the same as your CS password.

ssh-keygen

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.

Once you have generated your key pair, copy or append your public key to your authorized_keys file

$ cd ~/.ssh
$ cat id_rsa.pub >> authorized_keys

SSH Host Aliases

You may also want to edit/create a ssh config file to add host aliases for machines you connect to often. A sample config is below

$ cat ~/.ssh/config
  
Host swat
  HostName lab.cs.swarthmore.edu
  User swatuser

Host *
  ForwardX11 yes
  ForwardAgent yes
  
HashKnownHosts yes

Replace swatuser with your Swarthmore CS user name.

Using your ssh keys

SSH keys are managed during your login session via an ssh-agent. To add your key to the agent, use ssh-add and type in the passphrase for your key. Now you should be able to run ssh lime and not use a password. If you have the config file above with ForwardAgent enabled, you should be able to ssh from lime to other hosts without typing in your ssh passphrase again. Enjoy your password free logins!

See also

CS Dept Access

Man pages for ssh ssh-add ssh-agent ssh-keygen