This article tries to explain how to setup a connection to remote computers. A computer is remote when you are not controlling it with an attached mouse or keyboard but indirectly over some kind of network device.
The network protocol used by most computers to securely communicate with other computers is called SSH, or openSSH. This protocol is available by default on almost all operating systems, such as Linux, MacOS, BSD, Unix,… but Windows. The latter has historical reasons, but will change in the near future of Windows 10, where SSH will be shipped by default.
In any case there are two requirements to connect to a remote computer:
There are a number of steps (and programs) necessary to set up a remote connection via SSH. Jump to the section windows, in case you are using this OS. In any other case (non-mobile OS) proceed with the Linux section:
Before continuing with this section, make yourself comfortable with the UNIX command line environment. SSH is a command line tool in its original form. And you'll mostly be only able to work in a command line environment on a remote computer.
the setup should be quite similar to Linux for these OS: Mac/OS, UNIX, BSD
SSH, or Secure Shell, is a protocol used to securely log onto remote systems, such as Neumann. It is the most common way to access remote Linux and Unix-like servers. In this guide, we will discuss how to use SSH to connect to a remote system.
The tool on Linux for connecting to a remote system using SSH is called, unsurprisingly, ssh. The most basic form of the command is:
ssh remote_username@remote_host
The remote_host
in this example is the IP address or domain name (neumann.urz.uni-magdeburg.de for Neumann, 141.44.132.7 for the PC-cluster) that you are trying to connect to.
remote_username
is the user name of your account on the remote server.
Once you have connected to the server, you will probably be asked to verify your identity by providing a password.
Later, we will cover how to generate key pairs to be used instead of passwords.
To log out from a remote terminal run:
exit
Key-based authentication works by creating a pair of keys: a private key and a public key. The private key is located on the client machine and is secured and kept secret. The public key can be given to anyone or placed on any server you wish to access. When you attempt to connect using a key-pair, the server will use the public key to create a message for the client computer that can only be read with the private key. The client computer then sends the appropriate response back to the server and the server will know that the client is legitimate. This entire process is done in the background automatically after you set up keys.
The contents of this section have been adapted from Justin Ellingwood, 2013
licenced under CC BY-NC-SA 4.0
ssh-keygen
. Open a Terminal and type the following command (after the $
character). Now press Enter
three times to use the default location, and to set no passphrase. E.g. StarCCM+ will not be able to connect to a remote computer if you do set passwords for the key. ssh-keygen
Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): press Enter here (only if you don't have a key pair already!) Enter passphrase (empty for no passphrase): press Enter here Enter same passphrase again: press Enter here Your identification has been saved in test. Your public key has been saved in test.pub. The key fingerprint is: SHA256:VbvpxtFz3adfafafasdfasdfp4ScZbiBY+jfh84 user@computer The key's randomart image is: +---[RSA 2048]----+ |B.+o........oo | |BOo . = . .o | | E .. . .| | ..o | +----[SHA256]-----+
id_rsa.pub
) and a private key (id_rsa
) in the hidden .ssh
directory in your home directory. Never share the private key. ssh-copy-id
is available. E.g. run which ssh-copy-id
when a path to the command is shown, then it is available.
ssh-copy-id
is available run the following command to finish quickly. It is a tool which copies your login credentials to a remote machine. ssh-copy-id -i ~/.ssh/id_rsa user@141.44.132.7
After the argument -i
the path to the key pair is expected, by default it should be in ~/.ssh/id_rsa
. If you have changed the location, or used a different name for the key pair, insert the respective path here. The next argument is the remote computer's IP address and your account on the remote computer, such as user
.
ssh-copy-id
, you have to do a bit more manual work:id_rsa.pub
) to the remote computer. scp ~/.ssh/id_rsa.pub user@141.44.132.7:/home/user/
Type your password for the remote computer now, to authorize the file transfer.
ssh user@141.44.132.7
authorized_keys
file cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 .ssh/authorized_keys
ssh-keygen
authorized_keys
: cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
exit
If your private key ever got compromised, repeat these steps to set up a new key. And, delete the old login from authorized_keys
file.
For convenience, it is a good idea to save your login details in the config of ssh of your local computer.
That way you don't have to type username@141.44.132.7 every time you want to login.
Check if a conifg
file is already present
ls ~/.ssh/
If it is not there yet, copy the following file to '~/.ssh/config
':
Host neumann HostName neumann.urz.uni-magdeburg.de IdentityFile ~/.ssh/id_rsa User UsernameOnRemote
Replace UsernameOnRemote
with your username on the remote machine.
Then make sure the 'IdentityFile' directs to your private key.
The location ~/.ssh/id_rsa
is the default.
When you followed the previous section, then there is no need to change this line.
If you delete this line, the remote server will persist to ask for you password (if the default option is not used).
In case you already have a config file, append the content above to your own ssh config
seperated by a empty line.
With this config in place, you can now log in simply with:
ssh neumann Last login: Wed Sep 27 11:21:56 2017 from mylocalcomputer Infos/News: http://www-e.uni-magdeburg.de/urzs/t100/ ...
This will come in handy for the file transfer tools scp, and rsync. Moreover, this step is necessary for StarCCM and possibly other tools to connect to remote computers.
cp
scp -rC [source_files] [destination_files]
explain locations on remote and local, such as:
scp -r ~/dir1 remoteusername@remote_host:/home/remoteuser/
rsync -az [source_files] [destination_files]
Rsync is a very flexible network-enabled syncing tool between remote and local files. It uses an algorithm that minimizes the amount of data copied by only moving the portions of files that have changed. In this part, we will cover the basic usage of this powerful utility. Due to its ubiquity on Linux and Unix-like systems and its popularity as a tool for system scripts, it is included on most Linux distributions by default.
Syncing to a remote system is trivial if you have SSH access to the remote machine and rsync installed on both sides. See above for details on SSH.
Once you have SSH access verified on between the two machines, you can sync the dir1 folder from earlier to a remote computer by using this syntax:
rsync -a ~/dir1 username@remote_host:destination_directory
This is called a “push” operation because it pushes a directory from the local system to a remote system.
The opposite operation is “pull”. It is used to sync a remote directory to the local system. If the dir1 were on the remote system instead of our local system, the syntax would be:
rsync -a username@remote_host:/home/username/dir1 place_to_sync_on_local_machine
Like “cp” and similar tools, the source is always the first argument, and the destination is always the second.
rsync -a username@remote_host:/home/username/dir1 place_to_sync_on_local_machine rsync -a neumann:/home/username/dir1 place_to_sync_on_local_machine
The contents of this section have been slightly adapted from Justin Ellingwood, 2013
licenced under CC BY-NC-SA 4.0
Setting up the SSH connection in a UNIX environment is relatively easy. On a Windows machine(before v10) there is no SSH program installed by default. This problem can be solved in different ways.
PuTTY is an implementation of an SSH client on windows. To use it follow this short guide:
PATH
(for example C:\Program Files (x86)\PuTTY
). PATH
variable. This step is necessary for WinSCP and other advanced tasks. mySSHkey.ppk
. Do not share the private part of your key at any time..pub
, such as: mySSHkey.pub
mySSHkey.ppk
and press open.C:\Program Files (x86)\PuTTY\
pageant.exe
, press Create Shortcut (ger: Verknüpfung erstellen). It might be possible, that you are asked to save the shortcut on the desktop. Confirm in that case.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Startup
folder.Shortcut
, you'll find the field Target. It's marked by default."C:\Program Files (x86)\PuTTY\pageant.exe" C:\Users\user\ssh\mySSHkey.ppk
confusion +1, insanity protection +3
In this section we forward you public key to the remote computer, so that the remote computer can recognize your login and doesn't require you to give a pasword.
neumann.urz.uni-magdeburg.de
141.44.132.7
..ppk
) Neumann
or PC-Cluster
.
Test your connection now!
Select a saved session and press load.
Make sure once that the settings done above are already set with the session loaded.
mySSHkey.pub
, with Notepad.exe on your (windows) computer.<CTRL + a>
and <CTRL + c>
sequentially.nano mySSHkey.pub
It will open a text editor. Unless you know better press only the keys specified below.
<SHIFT + Insert>
<CTRL + o>
, then confirm with <Enter>
<CTRL + x>
ssh-keygen -i -f mySSHkey.pub > myopenssh_key
myopenssh_key
) to the authorized_keys
file in the ~/.ssh/
directory of the remote server: cat myopenssh_key >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh
Level up! range +15, intelligence +1, persistance +3
As a good measure you should do the following steps on the remote computer:
<Enter>
three times after running this command: ssh-keygen
authorized_keys
by running: cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
If your private key ever got compromised, repeat these steps to set up a new key. And, delete the old login from authorized_keys
file.
Note, that SSH was set up only for a single direction of connection, from the Windows machine to the Linux machine. The other way is typically not needed and is cumbersome to set up. Avoid it, if neccessary. Go here if unix→windows is neccessary.
You might find the CLI environment to transfer files inconvenient at the moment. For this purpose there are tools with graphical interface available. For example WinSCP. Advanced users might also try MobaXterm. For WinSCP, you ideally have set up PuTTY already. Especially, the PATH system variable should contain the directory of your PuTTY installation.
SCP
neumann.urz.uni-magdeburg.de
for Neumann, or 141.44.132.7
for the PC Cluster). Remember our HPC servers are only available within the university network. Use VPN if your are connecting from outside.
For more information, be refered to the documentation of WinSCP.
WinSCP also has shortcuts to an own terminal and PuTTY.
Don't use the WinSCP's own terminal!
It's plain garbage!
Use PuTTY only.
PuTTY can be opened from WinSCP, too (Ctrl + P).
To transfer files, PuTTY brings the tool pscp
which works similar to the linux scp
.
pscp
runs in the command prompt of windows (DOS prompt). To make pscp available in the prompt, PuTTY needs to be added in the system's PATH variable. See above.
The syntax of pscp
is very similar to linux' scp
> pscp [options] [user@]host:source target
An example to copy a file from windows to a remote linux server. The command is run on the windows computer:
> pscp c:/star.sim username@141.44.132.7:/home/username/myfolder
And the other way; requesting a file from a remote server and save it locally:
> pscp username@neumann.urz.uni-magdeburg.de:/home/username/myfolder/star.sim c:/
Installation Guide for Windows Subsystem for Linux (Use the Guide for For Anniversary Update and Creators Update: Install using lxrun)
The linux subsystem is an interesting feature introduced to windows 10 ( More about here). It can run an ubuntu system natively in windows, and other distributions, such as opensuse. This means you run a bash in windows with (almost) all the features of a native linux system. However, this feature is still beta.
If you installed it, you can follow the instructions for Linux. However, if you want to set up WinSCP too, you might have to setup PuTTY (and it's key pair), too.
Suggested only to advanced users, or users eager to learn how to use it. Don't bother googling it if you “just want to get things done”.
It is simply said a linux environment compiled in the MS windows environment. This has the advantage that you can work in a linux-like environment on windows, and even with other windows programs. However, this comes at a cost, it's a crude environment to setup for the beginner. You sometimes have to fix uncommon issues yourself, or compile rarely used programs yourself. This makes the tool for advanced, or enthusiastic users only. Moreover, cygwin starts to be superseded by the Windows Subsystem available on Windows 10.
For a brief overview anyway have a look at this Cygwin introduction.
The environment installer can be downloaded here:
Cygwin
Most commands from linux are available, such as:
ssh scp rsync
therefore, continue with the Linux section.
Others might have to be installed additionally. Use the setup.exe to install openssl, and cygwin/X.