Secure Shell

From Wiki | LUG@UCLA
Jump to: navigation, search

>>> ssh.linux.ucla.edu <<<

Secure Shell (SSH) is an Internet communication protocol used to exchange data between two computers using a secure channel.

Members can access their LUG account remotely via SSH.

Connecting to LUG servers[edit]

Note Note: in the following examples, remember to replace "user" with your actual LUG username.

From the terminal[edit]

To initiate a normal SSH session from your laptop:

$ ssh user@ssh.linux.ucla.edu

or if you want X11 forwarding (to run graphical applications such as QtOctave):

$ ssh -X user@ssh.linux.ucla.edu
$ qtoctave

To change your LUG password, ssh into the server and run kpasswd:

$ ssh user@ssh.linux.ucla.edu
$ kpasswd

To transfer files and directories, use Secure Copy: scp <from> <to>.

e.g. scp from remote to local (i.e. server to laptop):

$ scp user@ssh.linux.ucla.edu:~/homework1.txt ~/Documents
$ ls ~/Documents
... homework1.txt ...

or scp from local to remote (i.e. laptop to server):

$ scp ~/Documents/lug.jpg user@ssh.linux.ucla.edu:~/
$ ssh user@ssh.linux.ucla.edu ls ~/
... lug.jpg ...

Type man ssh or man scp to see the complete manuals for these tools.

From the GUI[edit]

KDE (Linux) GNOME (Linux) Windows Mac
  1. open Dolphin
  2. Add Entry to Places panel
    caption
  3. in "Location" enter: fish://user@ssh.linux.ucla.edu
    caption
  1. open File Manager
  2. click "Connect to Server"
    caption
  3. enter: sftp://user@ssh.linux.ucla.edu
    caption
  4. optionally bookmark the server
    caption
  •  ???

Using SSH keys[edit]

Instead of using a password, you can use SSH keys to authenticate with your account.

Run the following interactive command to generate an SSH key pair:

$ ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): <just hit enter>
Enter passphrase (empty for no passphrase): <use a non-empty passphrase>
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
7a:15:03:8c:e6:0e:ae:06:c2:e1:8d:0a:11:b6:7e:5e user@hostname
The key's randomart image is:
+--[ RSA 2048]----+
|       o.        |
|..    o ..       |
|...  o    o      |
|.o  . .    o     |
|+.+. o  S .      |
|+= o.E.. .       |
|+.o.. . .        |
|. o.   .         |
| .               |
+-----------------+

Note Note: use a passphrase for your key, not a password. It should contain multiple words (i.e. a phrase). Learn more about passphrases. (relevant xkcd comic)

Note Note: generate your SSH keys on your personal computer. Your private key does not belong to anybody but yourself.

Now you should have two keys: a public key at ~/.ssh/id_rsa.pub and a corresponding private key at ~/.ssh/id_rsa. Do not share your private key with anybody. Your public key can be copied to any remote account that supports SSH and you will be able to use your private key to authenticate with it.

E.g. copy your public key to your LUG@UCLA account:

$ ssh-copy-id user@ssh.linux.ucla.edu

Consider using ssh-agent so you don't have to type your passphrase every time you use your private key. In most modern desktop environments (e.g. GNOME, KDE) this is handled in a GUI pop-up when you first use your private key.

Type man ssh-keygen, man ssh-copy-id, or man ssh-agent to see the complete manuals for these tools.

Available software[edit]

The LUG@UCLA SSH endpoint has the following software installed:

Operating System[edit]

Debian stable

Installed Packages[edit]

Name Executable Notes
GCC gcc
Python python, python2.7, python3
OpenJDK java, javac version 6 and 7
OCaml ocaml
GNU Prolog gprolog
Racket racket for programming in Scheme
CLISP clisp for programming in Common Lisp
GNU Octave octave a full-featured alternative to MatLab
LaTeX latex, pdflatex
Vim vim
GNU Emacs emacs
Git git
Mercurial hg