other:ssh
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision Next revision Both sides next revision | ||
|
other:ssh [2020/07/08 10:28] jypeter created |
other:ssh [2020/07/10 07:45] jypeter [Useful aliases] Improved |
||
|---|---|---|---|
| Line 13: | Line 13: | ||
| * More precisely ''ssh'' is an //SSH client// using the //SSH protocol// | * More precisely ''ssh'' is an //SSH client// using the //SSH protocol// | ||
| - | * We assume below that you have a ''my_login'' account on the remote ''some_server'' computer, and you know your password | + | * We assume below that you have a ''my_login'' account on the remote ''remote_server'' computer, and you know your password |
| * This page will also show some examples using the LSCE and IPSL (ciclad) servers | * This page will also show some examples using the LSCE and IPSL (ciclad) servers | ||
| Line 20: | Line 20: | ||
| * Many programs are said to //work over ssh// when they implicitly use the //ssh protocol// to securely transfer their data from one server to another: ''scp'' (copy remote directories and files), ''rsync'' (synchronize remote directories and files), ... | * Many programs are said to //work over ssh// when they implicitly use the //ssh protocol// to securely transfer their data from one server to another: ''scp'' (copy remote directories and files), ''rsync'' (synchronize remote directories and files), ... | ||
| - | * Before you were born, and the word and internet were a safer place, people used less secure programs like ''telnet'', ''rlogin'', ''rsh'', ''ftp'', ... | + | * Some history: before you were born, and the world and internet were a safer place, people used less secure programs like ''telnet'', ''rlogin'', ''rsh'', ''ftp'', ... |
| ===== Using ssh ===== | ===== Using ssh ===== | ||
| - | ==== On a Linux computer ==== | + | ==== Standard usage ==== |
| + | <WRAP center round tip 60%> | ||
| + | Note: the following will work in a **Linux** terminal, but can also work in a //terminal// on a **Mac** or on a **Windows 10** computer (''ssh'' is directly available in ''Windows Powershell'', ''Windows Terminal'' or the old ''cmd'', but it is not the best way to use ''ssh'' on Windows) | ||
| + | </WRAP> | ||
| + | |||
| + | * **''ssh [options] [my_login@]remote_server''** | ||
| + | * If your login is the same on the local and remote computer, you can omit the optional ''my_login@'' part:\\ e.g. just use ''ssh ssh1.lsce.ipsl.fr'' | ||
| + | * The **first time** you connect to a **new server**, ''ssh'' will ask if you are sure of what you are doing, and then store some unique information about the remote server in the ''known_hosts'' file ([[#configuration_files|details]]). ''ssh'' will check this security information (without asking you) each time you connect to the same server, and warn you if something seems wrong\\ <code>PS C:\Users\my_login> ssh ssh1.lsce.ipsl.fr | ||
| + | The authenticity of host 'ssh1.lsce.ipsl.fr (157.136.66.99)' can't be established. | ||
| + | ECDSA key fingerprint is SHA256:vMAvkidEg0EukP/RZwPAVuo5+TBegQFx1v8WN9pZLXg. | ||
| + | Are you sure you want to continue connecting (yes/no)? yes | ||
| + | Warning: Permanently added 'ssh1.lsce.ipsl.fr,157.136.66.99' (ECDSA) to the list of known hosts. | ||
| + | my_login@ssh1.lsce.ipsl.fr's password:</code> | ||
| + | |||
| + | * Most common options: | ||
| + | * ''-X'': Enable X11 forwarding. This option will allow you to start graphical programs on the remote server | ||
| + | * If ''-X'' does not work, use ''-Y'' instead (Enable //trusted// X11 forwarding) | ||
| + | * Using the ''-X''/''-Y'' option will automatically define the ''DISPLAY'' environment variable that is required by graphical programs on the remote server. Otherwise, ''DISPLAY'' will not be defined\\ <code>my_login@lsce5203:~$ echo $DISPLAY | ||
| + | localhost:0.0 | ||
| + | my_login@lsce5203:~$ ssh ssh1.lsce.ipsl.fr | ||
| + | Last login: Wed Jul 8 14:45:31 2020 from 176-142-31-75.abo.bbox.fr | ||
| + | [my_login@ssh1 ~]$ echo $DISPLAY | ||
| + | DISPLAY: Undefined variable. | ||
| + | [my_login@ssh1 ~]$ logout | ||
| + | Connection to ssh1.lsce.ipsl.fr closed. | ||
| + | my_login@lsce5203:~$ ssh -X ssh1.lsce.ipsl.fr | ||
| + | [my_login@ssh1 ~]$ echo $DISPLAY | ||
| + | localhost:43.0</code> | ||
| + | * In order to display graphical windows, you also need to have a local //X server// running! | ||
| + | * Linux computer: nothing to do, an X server is already running | ||
| + | * Windows: [[other:win10wsl#installing_an_x_server|install, configure and launch VcXsrv]] | ||
| + | * Mac: FIXME | ||
| + | * ''-A'': enable agent forwarding. This is useful when you use //ssh keys//, and an //ssh agent// | ||
| + | * ''-t command'': this option allows you to execute a command on the remote server (without displaying the output of the initial ''ssh''). We use this mostly to //chain ssh connections//, when we want to automatically go through a specific //gateway// server to access another server\\ e.g. ''ssh -A -X my_login@ssh1.lsce.ipsl.fr -t ssh -A -X obelix'' | ||
| + | * ''-v'': verbose mode. Use this option only when you can't connect, or things don't seem to work correctly. Analyzing the verbose output when you start ''ssh'' should allow you, or the [[other:newppl:starting#getting_help_from_the_lsce_system_administrators|system administrators]], to find out what is wrong | ||
| + | |||
| + | ==== Useful aliases ==== | ||
| + | |||
| + | If you want to easily use ''ssh'' (with the appropriate options), you should define the following aliases in your ''~/.bashrc'' configuration file | ||
| + | |||
| + | <code> | ||
| + | # Connecting to LSCE from outside the LSCE network | ||
| + | alias sobelix='ssh -A -X my_LSCE_login@ssh1.lsce.ipsl.fr -t ssh -A -X obelix' | ||
| + | |||
| + | # Connecting to LSCE from a computer on the LSCE network | ||
| + | alias obelix='ssh -A -X my_LSCE_login@obelix' | ||
| + | |||
| + | # Connecting to ciclad @ IPSL | ||
| + | alias ciclad='ssh -A -X my_ciclad_login@ciclad.ipsl.jussieu.fr' | ||
| + | </code> | ||
| + | |||
| + | ==== Configuration files ==== | ||
| + | |||
| + | ''ssh'' will store all its configuration text files in the ''~/.ssh/'' directory (''C:\Users\your_windows_login\.ssh'' on Windows 10) | ||
| + | |||
| + | * ''known_hosts'': the file were ''ssh'' stores security information about all the servers you have connected to (from the local computer) | ||
| + | |||
| + | * ''config'': an optional configuration file | ||
| + | |||
| + | * ''authorized_keys'', and possibly your private and public //ssh keys// | ||
| ==== A recommended ssh client for Windows ==== | ==== A recommended ssh client for Windows ==== | ||
| + | |||
| + | [[other:win10apps#putty_pageant|Putty]] is a nice and convenient //ssh client// for Windows | ||
| ===== Just transferring files ===== | ===== Just transferring files ===== | ||
| + | Sometimes you just need to copy files from one server to the other. The files can be securely copied //over ssh// with the ''scp'' command | ||
| + | |||
| + | Note: if you work with big data files, you should keep the files were they are instead of duplicating them, and move the data processing (your scripts, etc...) to the server where the files are located (e.g. the ciclad server) | ||
| ===== Using ssh keys ===== | ===== Using ssh keys ===== | ||
other/ssh.txt · Last modified: 2023/05/03 08:32 by jypeter
