other:ssh
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision Next revision Both sides next revision | ||
|
other:ssh [2020/07/08 10:28] jypeter created |
other:ssh [2020/07/08 21:56] jypeter [Configuration files] |
||
|---|---|---|---|
| Line 13: | Line 13: | ||
| * More precisely ''ssh'' is an //SSH client// using the //SSH protocol// | * More precisely ''ssh'' is an //SSH client// using the //SSH protocol// | ||
| - | * We assume below that you have a ''my_login'' account on the remote ''some_server'' computer, and you know your password | + | * We assume below that you have a ''my_login'' account on the remote ''remote_server'' computer, and you know your password |
| * This page will also show some examples using the LSCE and IPSL (ciclad) servers | * This page will also show some examples using the LSCE and IPSL (ciclad) servers | ||
| Line 20: | Line 20: | ||
| * Many programs are said to //work over ssh// when they implicitly use the //ssh protocol// to securely transfer their data from one server to another: ''scp'' (copy remote directories and files), ''rsync'' (synchronize remote directories and files), ... | * Many programs are said to //work over ssh// when they implicitly use the //ssh protocol// to securely transfer their data from one server to another: ''scp'' (copy remote directories and files), ''rsync'' (synchronize remote directories and files), ... | ||
| - | * Before you were born, and the word and internet were a safer place, people used less secure programs like ''telnet'', ''rlogin'', ''rsh'', ''ftp'', ... | + | * Some history: before you were born, and the world and internet were a safer place, people used less secure programs like ''telnet'', ''rlogin'', ''rsh'', ''ftp'', ... |
| ===== Using ssh ===== | ===== Using ssh ===== | ||
| - | ==== On a Linux computer ==== | + | ==== Standard usage ==== |
| + | <WRAP center round tip 60%> | ||
| + | Note: the following will work in a **Linux** terminal, but can also work in a //terminal// on a **Mac** or on a **Windows 10** computer (''ssh'' is directly available in ''Windows Powershell'', ''Windows Terminal'' or the old ''cmd'', but it is not the best way to use ''ssh'' on Windows) | ||
| + | </WRAP> | ||
| + | |||
| + | * ''ssh [options] [my_login@]remote_server'' | ||
| + | * If your login is the same on the local and remote computer, you can omit the optional ''my_login@'': e.g. just use ''ssh ssh1.lsce.ipsl.fr'' | ||
| + | |||
| + | * Most common options: | ||
| + | * ''-X'': Enable X11 forwarding. This option will allow you to start graphical programs on the remote server | ||
| + | * If ''-X'' does not work, use ''-Y'' instead (Enable //trusted// X11 forwarding) | ||
| + | * Using the ''-X''/''-Y'' option will automatically define the ''DISPLAY'' environment variable that is required by graphical programs on the remote server. Otherwise, ''DISPLAY'' will not be defined\\ <code>jypeter@lsce5203:~$ echo $DISPLAY | ||
| + | localhost:0.0 | ||
| + | jypeter@lsce5203:~$ ssh ssh1.lsce.ipsl.fr | ||
| + | Last login: Wed Jul 8 14:45:31 2020 from 176-142-31-75.abo.bbox.fr | ||
| + | [jypeter@ssh1 ~]$ echo $DISPLAY | ||
| + | DISPLAY: Undefined variable. | ||
| + | [jypeter@ssh1 ~]$ logout | ||
| + | Connection to ssh1.lsce.ipsl.fr closed. | ||
| + | jypeter@lsce5203:~$ ssh -X ssh1.lsce.ipsl.fr | ||
| + | [jypeter@ssh1 ~]$ echo $DISPLAY | ||
| + | localhost:43.0</code> | ||
| + | * In order to display graphical windows, you also need to have a local //X server// running! | ||
| + | * Linux computer: nothing to do, an X server is already running | ||
| + | * Windows: [[other:win10wsl#installing_an_x_server|install, configure and launch VcXsrv]] | ||
| + | * Mac: FIXME | ||
| + | * ''-A'': enable agent forwarding. This is useful when you use //ssh keys//, and an //ssh agent// | ||
| + | * ''-t command'': this option allows you to execute a command on the remote server (without displaying the output of the initial ''ssh''). We use this mostly to //chain ssh connections//, when we want to automatically go through a specific //gateway// server to access another server\\ e.g. ''ssh -A -X my_login@ssh1.lsce.ipsl.fr -t ssh -A -X obelix'' | ||
| + | * ''-v'': verbose mode. Use this option only when you can't connect, or things don't seem to work correctly. Analyzing the verbose output when you start ''ssh'' should allow you, or the [[other:newppl:starting#getting_help_from_the_lsce_system_administrators|system administrators]], to find out what is wrong | ||
| + | |||
| + | ==== Useful aliases ==== | ||
| + | |||
| + | If you want to easily use ''ssh'' (with the appropriate options), you should define the following aliases in your ''~/.bashrc'' configuration file | ||
| + | |||
| + | <code> | ||
| + | alias obelix='ssh -A -X my_LSCE_login@ssh1.lsce.ipsl.fr -t ssh -A -X obelix' | ||
| + | |||
| + | alias ciclad='ssh -A -X my_ciclad_login@ciclad.ipsl.jussieu.fr' | ||
| + | </code> | ||
| + | |||
| + | ==== Configuration files ==== | ||
| + | |||
| + | ''ssh'' will store all its configuration files in the ''~/.ssh/'' directory (''C:\Users\your_windows_login\.ssh'' on Windows 10) | ||
| + | |||
| + | * ''known_hosts'': the first time you connect to a new server, ''ssh'' will ask if you are sure of what you are doing, and then store some unique information about the remote server in the ''known_hosts'' file. It will check this information (without asking you) the next time you connect to the same server, and warn you if something seems wrong\\ <code>PS C:\Users\jypeter> ssh ssh1.lsce.ipsl.fr | ||
| + | The authenticity of host 'ssh1.lsce.ipsl.fr (157.136.66.99)' can't be established. | ||
| + | ECDSA key fingerprint is SHA256:vMAvkidEg0EukP/RZwPAVuo5+TBegQFx1v8WN9pZLXg. | ||
| + | Are you sure you want to continue connecting (yes/no)? yes | ||
| + | Warning: Permanently added 'ssh1.lsce.ipsl.fr,157.136.66.99' (ECDSA) to the list of known hosts. | ||
| + | jypeter@ssh1.lsce.ipsl.fr's password:</code> | ||
| + | |||
| + | * ''config'': an optional configuration file | ||
| + | |||
| + | * ''authorized_keys'', and possibly your private and public //ssh keys// | ||
| ==== A recommended ssh client for Windows ==== | ==== A recommended ssh client for Windows ==== | ||
other/ssh.txt · Last modified: 2023/05/03 08:32 by jypeter
