>>> ssh.linux.ucla.edu <<<
Secure Shell (SSH) is an Internet communication protocol used to exchange data between two computers using a secure channel.
Members can access their LUG account remotely via SSH.
Connecting to LUG servers
Note: in the following examples, remember to replace "user" with your actual LUG username.
To initiate a normal SSH session from your terminal:
$ ssh firstname.lastname@example.org
or if you want X11 forwarding (to run graphical applications such as QtOctave):
$ ssh -X email@example.com $ qtoctave
To change your LUG password, ssh into the server and run kpasswd:
$ ssh firstname.lastname@example.org $ passwd
To transfer files and directories, use Secure Copy:
scp <from> <to>.
scp from remote to local (i.e. server to laptop):
$ scp email@example.com:~/homework1.txt ~/Documents $ ls ~/Documents ... homework1.txt ...
scp from local to remote (i.e. laptop to server):
$ scp ~/Documents/lug.jpg firstname.lastname@example.org:~/ $ ssh email@example.com ls ~/ ... lug.jpg ...
man ssh or
man scp to see the complete manuals for these tools.
Download the PuTTY SSH client and run it.
In the Host Name field, enter "ssh.linux.ucla.edu". Now you can connect by clicking Open.
If you want to save the connection settings including the host name, you can enter "LUG" below "Saved Sessions" and click Save. Then next time you can simply double-click on LUG to connect.
If you want to change your LUG password, make sure you've SSH'd into the server, and run:
To transfer files from the server to your local computer or vice versa, see the section below for Windows.
GUI file management/transfer
|KDE (Linux)||GNOME (Linux)||Windows|
SSH can be used to tunnel traffic for specific applications to a proxy. In particular, people often use it as a SOCKS proxy for their browser. To do that, have SSH forward a port locally:
ssh -D 12345 firstname.lastname@example.org
(In Windows, use putty to set it up from Connection->SSH->Tunnels)
Then, configure your browser to use
12345 as the SOCKS host and port.
In the extreme case, you can use SSH to simulate a VPN by routing all traffic through the SSH tunnel. sshuttle is one software that enables you to do that. For long term usage however, it's better to use an actual Virtual private network.
Authenticating using SSH keys
Instead of using a password, you can use SSH keys to authenticate with your account. This is generally more secure as long as you guard your keys well.
Run the following interactive command to generate an SSH key pair:
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): <just hit enter> Enter passphrase (empty for no passphrase): <use a non-empty passphrase> Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: 7a:15:03:8c:e6:0e:ae:06:c2:e1:8d:0a:11:b6:7e:5e user@hostname The key's randomart image is: +--[ RSA 2048]----+ | o. | |.. o .. | |... o o | |.o . . o | |+.+. o S . | |+= o.E.. . | |+.o.. . . | |. o. . | | . | +-----------------+
Note: generate your SSH keys on your personal computer. Your private key does not belong to anybody but yourself.
Now you should have two keys: a public key at
~/.ssh/id_rsa.pub and a corresponding private key at
~/.ssh/id_rsa. Do not share your private key with anybody. Your public key can be copied to any remote account that supports SSH and you will be able to use your private key to authenticate with it.
E.g. copy your public key to your LUG@UCLA account:
$ ssh-copy-id email@example.com
ssh-agent so you don't have to type your passphrase every time you use your private key. In most modern desktop environments (e.g. GNOME, KDE) this is handled in a GUI pop-up when you first use your private key.
man ssh-copy-id, or
man ssh-agent to see the complete manuals for these tools.
The LUG@UCLA SSH endpoint has the following software installed:
||version 6 and 7|
||for programming in Scheme|
||for programming in Common Lisp|
||a full-featured alternative to MatLab|