This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
other:ssh [2020/07/08 16:03] jypeter |
other:ssh [2020/07/08 21:56] jypeter [Configuration files] |
||
---|---|---|---|
Line 24: | Line 24: | ||
===== Using ssh ===== | ===== Using ssh ===== | ||
- | ==== On a Linux computer ==== | + | ==== Standard usage ==== |
<WRAP center round tip 60%> | <WRAP center round tip 60%> | ||
- | Note: the following can also work in a //terminal// on a Mac or on a Windows 10 computer (''ssh'' is directly available in any ''Windows Powershell'', ''Windows Terminal'' or the old ''cmd'', but it is not the best way to use ''ssh'' on Windows) | + | Note: the following will work in a **Linux** terminal, but can also work in a //terminal// on a **Mac** or on a **Windows 10** computer (''ssh'' is directly available in ''Windows Powershell'', ''Windows Terminal'' or the old ''cmd'', but it is not the best way to use ''ssh'' on Windows) |
</WRAP> | </WRAP> | ||
Line 36: | Line 36: | ||
* ''-X'': Enable X11 forwarding. This option will allow you to start graphical programs on the remote server | * ''-X'': Enable X11 forwarding. This option will allow you to start graphical programs on the remote server | ||
* If ''-X'' does not work, use ''-Y'' instead (Enable //trusted// X11 forwarding) | * If ''-X'' does not work, use ''-Y'' instead (Enable //trusted// X11 forwarding) | ||
- | * Using this option will automatically define the ''DISPLAY'' environment variable that is required by graphical programs. Otherwise, DISPLAY will not be defined\\ <code>jypeter@lsce5203:~$ echo $DISPLAY | + | * Using the ''-X''/''-Y'' option will automatically define the ''DISPLAY'' environment variable that is required by graphical programs on the remote server. Otherwise, ''DISPLAY'' will not be defined\\ <code>jypeter@lsce5203:~$ echo $DISPLAY |
localhost:0.0 | localhost:0.0 | ||
jypeter@lsce5203:~$ ssh ssh1.lsce.ipsl.fr | jypeter@lsce5203:~$ ssh ssh1.lsce.ipsl.fr | ||
Line 48: | Line 48: | ||
localhost:43.0</code> | localhost:43.0</code> | ||
* In order to display graphical windows, you also need to have a local //X server// running! | * In order to display graphical windows, you also need to have a local //X server// running! | ||
+ | * Linux computer: nothing to do, an X server is already running | ||
* Windows: [[other:win10wsl#installing_an_x_server|install, configure and launch VcXsrv]] | * Windows: [[other:win10wsl#installing_an_x_server|install, configure and launch VcXsrv]] | ||
+ | * Mac: FIXME | ||
* ''-A'': enable agent forwarding. This is useful when you use //ssh keys//, and an //ssh agent// | * ''-A'': enable agent forwarding. This is useful when you use //ssh keys//, and an //ssh agent// | ||
- | * ''-t command'': this option allows you to execute a command on the remote server (without displaying the output of the initial ssh). We use it mostly to chain ssh connections, when we have to go through a specific server to access another one\\ e.g. | + | * ''-t command'': this option allows you to execute a command on the remote server (without displaying the output of the initial ''ssh''). We use this mostly to //chain ssh connections//, when we want to automatically go through a specific //gateway// server to access another server\\ e.g. ''ssh -A -X my_login@ssh1.lsce.ipsl.fr -t ssh -A -X obelix'' |
- | * ''-v'': verbose mode. Use this only option when you can't connect, or things don't seem to work correctly. Analyzing the verbose output when you start ''ssh'' should allow you, or the [[other:newppl:starting#getting_help_from_the_lsce_system_administrators|system administrators]], to find out what is wrong | + | * ''-v'': verbose mode. Use this option only when you can't connect, or things don't seem to work correctly. Analyzing the verbose output when you start ''ssh'' should allow you, or the [[other:newppl:starting#getting_help_from_the_lsce_system_administrators|system administrators]], to find out what is wrong |
- | aliases | + | ==== Useful aliases ==== |
- | ''.ssh/'' | + | If you want to easily use ''ssh'' (with the appropriate options), you should define the following aliases in your ''~/.bashrc'' configuration file |
+ | |||
+ | <code> | ||
+ | alias obelix='ssh -A -X my_LSCE_login@ssh1.lsce.ipsl.fr -t ssh -A -X obelix' | ||
+ | |||
+ | alias ciclad='ssh -A -X my_ciclad_login@ciclad.ipsl.jussieu.fr' | ||
+ | </code> | ||
+ | |||
+ | ==== Configuration files ==== | ||
+ | |||
+ | ''ssh'' will store all its configuration files in the ''~/.ssh/'' directory (''C:\Users\your_windows_login\.ssh'' on Windows 10) | ||
+ | |||
+ | * ''known_hosts'': the first time you connect to a new server, ''ssh'' will ask if you are sure of what you are doing, and then store some unique information about the remote server in the ''known_hosts'' file. It will check this information (without asking you) the next time you connect to the same server, and warn you if something seems wrong\\ <code>PS C:\Users\jypeter> ssh ssh1.lsce.ipsl.fr | ||
+ | The authenticity of host 'ssh1.lsce.ipsl.fr (157.136.66.99)' can't be established. | ||
+ | ECDSA key fingerprint is SHA256:vMAvkidEg0EukP/RZwPAVuo5+TBegQFx1v8WN9pZLXg. | ||
+ | Are you sure you want to continue connecting (yes/no)? yes | ||
+ | Warning: Permanently added 'ssh1.lsce.ipsl.fr,157.136.66.99' (ECDSA) to the list of known hosts. | ||
+ | jypeter@ssh1.lsce.ipsl.fr's password:</code> | ||
+ | |||
+ | * ''config'': an optional configuration file | ||
+ | |||
+ | * ''authorized_keys'', and possibly your private and public //ssh keys// | ||
==== A recommended ssh client for Windows ==== | ==== A recommended ssh client for Windows ==== |