SSH Access: Difference between revisions
mNo edit summary |
mNo edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 4: | Line 4: | ||
</pre> |
</pre> |
||
The jumphost has physical interfaces to the different consoles in the LSDF. Check with the admin of the jumphost to receive a login. He will ask you for your key (either private with password or public) that will be copied in your home directory of the 'jumphost'. |
The jumphost has physical interfaces to the different consoles in the LSDF. Check with the admin of the jumphost to receive a login. He will ask you for your key (either private with password or public) that will be copied in your home directory of the 'jumphost'. |
||
=== Common SSH problems === |
=== Common SSH problems === |
||
Line 13: | Line 12: | ||
2) As said above, the private key sequence is the same in both OpenSSH and SSH protocol 2. Its just the format that is different. |
2) As said above, the private key sequence is the same in both OpenSSH and SSH protocol 2. Its just the format that is different. |
||
3) Your permissions must be set very strict. '''.ssh''' must have 700, the private key |
3) Your permissions must be set very strict. The '''.ssh''' directory (in your home) must have 700, the file with the private key must have 600. SSH refuses (silently) otherwise. |
||
4) Windows users that use '''putty''' must be aware that '''putty''' has its own key format. Trying to read the OpenSSH key you have on Unix/Linux will fail. You have to ''import'' your key using '''puttygen''', then save the '''putty''' key. Alternatively you can create a key with '''puttygen''' |
4) Windows users that use '''putty''' must be aware that '''putty''' has its own key format. Trying to read the OpenSSH key you have on Unix/Linux will fail. You have to ''import'' your private key using '''puttygen''', then save the '''putty''' key. Alternatively you can create a key pair with '''puttygen'''. From the puttygen window you can copy the public key which then goes into the .ssh/authorized_keys dir on the remote host. |
Latest revision as of 22:31, 17 October 2014
Access to LSDF consoles and administrative interfaces is via SSH only. All administrative access is tunneled through a jumphost. Currently the jumphost is named
scc-cn-r164.scc.kit.edu
The jumphost has physical interfaces to the different consoles in the LSDF. Check with the admin of the jumphost to receive a login. He will ask you for your key (either private with password or public) that will be copied in your home directory of the 'jumphost'.
Common SSH problems
Most people have already access to different machines using SSH. Here are some things that may be less known but help if you have trouble accessing machines via ssh. Especially if you are on Windows this may help.
1) there are 2 different public (!) key file formats: OpenSSH and SSH2. Both formats use the same key encryption sequence and you could use an editor to convert one format to the other. Per default ssh-keygen on UNIX/Linux generates a SSH protocol 2 format public key.
2) As said above, the private key sequence is the same in both OpenSSH and SSH protocol 2. Its just the format that is different.
3) Your permissions must be set very strict. The .ssh directory (in your home) must have 700, the file with the private key must have 600. SSH refuses (silently) otherwise.
4) Windows users that use putty must be aware that putty has its own key format. Trying to read the OpenSSH key you have on Unix/Linux will fail. You have to import your private key using puttygen, then save the putty key. Alternatively you can create a key pair with puttygen. From the puttygen window you can copy the public key which then goes into the .ssh/authorized_keys dir on the remote host.