SSH Access: Difference between revisions

From Lsdf
Jump to navigationJump to search
mNo edit summary
mNo edit summary
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Access to LSDF consoles and administrative interfaces is via SSH only. All administrative access is tunneled through a jumphost. Currently the jumphost is named '''scc-cn-r164.scc.kit.edu'''. The jumphost has physical interfaces to the different consoles in the LSDF. Check with the admin of the jumphost to receive a login. He will ask you for your key (either private with password or public) that will be copied in your home directory of the 'jumphost'.
Access to LSDF consoles and administrative interfaces is via SSH only. All administrative access is tunneled through a jumphost. Currently the jumphost is named
<pre>

scc-cn-r164.scc.kit.edu
</pre>
The jumphost has physical interfaces to the different consoles in the LSDF. Check with the admin of the jumphost to receive a login. He will ask you for your key (either private with password or public) that will be copied in your home directory of the 'jumphost'.


=== Common SSH problems ===
=== Common SSH problems ===
Most people have already access to different machines using SSH. Here are some things that may be less known but help if you have trouble accessing machines via ssh:
Most people have already access to different machines using SSH. Here are some things that may be less known but help if you have trouble accessing machines via ssh. Especially if you are on Windows this may help.

1) there are 2 different public (!) key file formats: OpenSSH and SSH2. Both formats use the same key encryption sequence and you could use an editor to convert one format to the other. Per default ssh-keygen on UNIX/Linux generates a SSH protocol 2 format public key.


2) As said above, the private key sequence is the same in both OpenSSH and SSH protocol 2. Its just the format that is different.
1) there are 2 different public (!) key file formats: OpenSSH and SSH2. Both formats use the same key encryption and you could use an editor to convert one format to the other. Per default ssh-keygen on UNIX/Linux generates a
SSH protocol 2 format public key.


3) Your permissions must be set very strict. The '''.ssh''' directory (in your home) must have 700, the file with the private key must have 600. SSH refuses (silently) otherwise.
2) As said above, the private key is the same in both OpenSSH and SSH protocol 2


4) Windows users that use '''putty''' must be aware that '''putty''' has its own key format. Trying to read the OpenSSH key you have on Unix/Linux will fail. You have to ''import'' your private key using '''puttygen''', then save the '''putty''' key. Alternatively you can create a key pair with '''puttygen'''. From the puttygen window you can copy the public key which then goes into the .ssh/authorized_keys dir on the remote host.
3) Your permissions must be set very strict. .ssh must have 700, the private key file must have 600. SSH refuses (silently ) otherwise.

Latest revision as of 22:31, 17 October 2014

Access to LSDF consoles and administrative interfaces is via SSH only. All administrative access is tunneled through a jumphost. Currently the jumphost is named

scc-cn-r164.scc.kit.edu

The jumphost has physical interfaces to the different consoles in the LSDF. Check with the admin of the jumphost to receive a login. He will ask you for your key (either private with password or public) that will be copied in your home directory of the 'jumphost'.

Common SSH problems

Most people have already access to different machines using SSH. Here are some things that may be less known but help if you have trouble accessing machines via ssh. Especially if you are on Windows this may help.

1) there are 2 different public (!) key file formats: OpenSSH and SSH2. Both formats use the same key encryption sequence and you could use an editor to convert one format to the other. Per default ssh-keygen on UNIX/Linux generates a SSH protocol 2 format public key.

2) As said above, the private key sequence is the same in both OpenSSH and SSH protocol 2. Its just the format that is different.

3) Your permissions must be set very strict. The .ssh directory (in your home) must have 700, the file with the private key must have 600. SSH refuses (silently) otherwise.

4) Windows users that use putty must be aware that putty has its own key format. Trying to read the OpenSSH key you have on Unix/Linux will fail. You have to import your private key using puttygen, then save the putty key. Alternatively you can create a key pair with puttygen. From the puttygen window you can copy the public key which then goes into the .ssh/authorized_keys dir on the remote host.