Differences

This shows you the differences between two versions of the page.

--- techsupport:guides:ssh [2023/02/14 20:54] – kjohns23
+++ techsupport:guides:ssh [2023/09/07 15:35] (current) – kjohns23
@@ Line 1: / Line 1: @@
- ===== SoCS SSH Access =====
+ ====== SoCS SSH Access ======
+===== What is SSH =====
-==== The Basics ====
+SSH is a program that allows you to log in to and run programs on a remote server. It is used in the School of Computer Science to allow access to our Linux Servers from your own computer, where you can edit, compile, and run code for your labs and assignments. SSH comes in two part - the client and the server.
-SSH is a program that allows you to log in to and run programs on a remote server. It is used in the School of Computer Science to allow access to our Linux Servers where you can edit, compile, and run code for your labs and assignments.
+**The SSH Server:** The ssh server is a piece of software that runs on a remote computer and listens for connections from the SSH client.
-==== Accessing your SSH Client ====
+**The SSH Client:** The SSH client runs on your own machine and allows you to connect to the server.
-To use SSH to connect to SoCS Servers, you will first need an SSH client. SSH is available on all three main operating systems.
+===== Required Software =====
+To use SSH to connect to SoCS Servers, you must have an SSH Client installed. SSH is available for the most common operating systems: Windows, MacOS, and Linux.
+==== Check if an SSH Client is Installed ====
 === Windows ===
-A built in client is now available on Windows. You can access it by opening Windows Powershell.
+A built in client is available on Windows, and can be accessed by opening the Windows Powershell application.
 To check if ssh is installed, Open Windows Powershell, and type "ssh" followed by enter. You should see the following:
-{{:techsupport:guides:ssh_windows_client.png?400|SSH Command Output}}
+{{:techsupport:guides:ssh_windows_client.png?400|SSH Windows Command Output}}
-This client should be available by default, but if it is missing, follow the instructions in the Install SSH on Windows section below.
+This client should be available by default, but if it is missing, follow the instructions in the [[ssh#Install SSH on Windows|Install SSH on Windows]] section.
 === Mac OS ===
-The SSH client comes automatically installed as part of Mac OS. To access the ssh client, open the Terminal application.
+The SSH client comes automatically installed as part of Mac OS. To access the ssh client, open the Terminal application, then type "ssh" followed by enter. You should see the following:
+{{:techsupport:guides:macsshtest.png?400|SSH Mac Command Output}}
 === Linux ===
-The OpenSSH Client is available through your Package Manager on all major Linux Distributions. To install the client on a Debian/Ubuntu based distribution using Apt, install the openssh-client package. To install on a RedHat based distribution using Yum, install the openssh-clients package. Once installed you can access ssh through your distribution's terminal application.
+The SSH client is usually installed on most Linux distributions. To check that it is installed, open your Terminal application, then type "ssh" followed by enter. You should see the following:
-==== SSH from Off-Campus ====
+===== Connecting to the SSH Server =====
-As of October 2022, new restrictions are in place when connecting from off campus.
-  - All ssh connections from off campus must first be to portkey.socs.uoguelph.ca. Once connected to portkey you can then ssh to the SoCS server you are trying to reach (likely linux.socs.uoguelph.ca)
-  - An SSH Key is required to access Portkey from off campus. See the section below for details on setting one up.
 ==== Connecting to a Server ====
@@ Line 43: / Line 46: @@
 From Mac OS or Linux:\\ {{:techsupport:guides:ssh_user_linuxmac.png?400|}}
-==== Common Problems and Errors====
+==== SSH from Off-Campus ====
-=== Time Out ===
+SSH connections from off campus are restricted by the campus firewall.
-== Problem ==
-After entering the ssh command there is a blinking cursor with no response, or the following error <code>ssh: connect to host linux.socs.uoguelph.ca port 22: Operation timed out</code>
-== Solution ==
+  - **Preferred** SSH Connections are enabled off-campus while running the Campus VPN. Follow the [[https://uoguelphca.sharepoint.com/sites/ccs/SitePages/anyconnect-vpn-user-guide.aspx|VPN Setup Guide]] to install. Once the VPN is running, ssh to the server as you would from on campus.
-If you are connecting from off campus, the most likely issue is that you are trying to connect directly to linux.socs.uoguelph.ca. You must first set up SSH keys (see the section below), and then from off campus you should first ssh to portkey.socs.uoguelph.ca, and from there to linux.socs.uoguelph.ca.
+  - Use SSH key based authentication to connect to Portkey from off campus, and then connect to the desired server. This is recommended only if you are unable to use the Campus VPN. To set this up, folow the [[techsupport:guides:sshkeyauth|SSH Key Authentication Guide]]
-=== Permission Denied ===
-== Problem ==
-Every time you enter your password, you receive the following error: <code>Permission denied, please try again.</code>
-== Solution ==
-The most likely cause is that you are not specifying your username when trying to connect. If you type ''ssh linux.socs.uoguelph.ca'' as your command, it will automatically use your computer's user account name as the username. Make sure you specify your username with ''ssh username@linux.socs.uoguelph.ca''.
+===== Install the SSH Client =====
 ==== Install SSH on Windows ====
@@ Line 67: / Line 64: @@
   * You can now open Windows Powershell and use SSH
-==== SSH Keys One Time Setup ====
+==== Install SSH on Linux ====
-SSH Keys are an advanced feature that allow you to use a key to connect instead of using your password. This has the benefit of being both more secure, and more convenient to use. As of October 2022, SSH keys are required to access the SoCS servers from Off Campus. Regular password based login is still allowed from on campus. Please note that SSH may not be enabled on your Windows machine by default. Follow the topic in this article on how to install SSH before continuing with this guide.
+=== APT ===
-To set up public key private key access to linux:
+  * ''apt-get install openssh-client''
-=== Part A For all platforms ===
+=== YUM ===
-  - Have a passphrase (password) handy that you can remember. This should be different than your central login password.
-  - Open a terminal window (or PowerShell for Windows)
-  - Type ssh-keygen -t ed25519 -C central-ID@linux.socs.uoguelph.ca  at the command prompt
-    - Press return to accept the default file locations for storing keys
-    - Enter your passphrase when prompted (make sure you can remember it)
-    - Enter the SAME passphrase again
-  - In the same terminal window,  change to your .ssh directory. A foolproof way to do this is to first type cd followed by enter, then type cd .ssh
-  - Type "more id_ed25519.pub"  without the quotes
-  - Copy the long string of text that begins with ssh-ed25519 and ends with yourusername@linux.socs.uoguelph.ca.  It will wrap across several lines.
-  - Keep that text in the clipboard for the next step and go to Part B (either for on campus or off campus, depending on your location).
-=== Part B For all platforms ===
+  * ''yum -y install openssh-clients''
-== On Campus Only ==
-If you are working on campus, you can set can set up your keys using ssh.
-  - ssh to linux.scos.uoguelph.ca using your Central Login ID and password (use PowerShell on windows if you don't have a different client. On OS/X and linux just use a terminal)
+==== Common Problems and Errors====
+=== Time Out ===
+== Problem ==
+After entering the ssh command there is a blinking cursor with no response, or the following error <code>ssh: connect to host linux.socs.uoguelph.ca port 22: Operation timed out</code>
-== Off Campus Only ==
+== Solution ==
-If you are working off campus you should use NoMachine to upload your ssh key.
+If you are connecting from off campus, the most likely issue is that you are trying to connect to linux.socs.uoguelph.ca without the VPN. You should ensure you have followed the directions to install and run the Campus VPN.
-  - Connect to NoMachine to facilitate the file transfer process. If you have not used NoMachine before, please reference our [[techsupport:guides:nomachine|guide to NoMachine here]]. NoMachine supports file transfer via scp and is our recommendation for off-campus students.
-  - Once you have connected to NoMachine, open a terminal and follow the next steps.
-== All Platforms ==
+=== Permission Denied ===
+== Problem ==
+Every time you enter your password, you receive the following error: <code>Permission denied, please try again.</code>
-  - Type "cd ~/.ssh" at the command prompt (without the quotes).
+== Solution ==
-    * If you get an error ".ssh No such file or directory", type  "cd ~", then "mkdir .ssh", then type "cd .ssh", otherwise ignore this step.
+The most likely cause is that you are not specifying your username when trying to connect. If you type ''ssh linux.socs.uoguelph.ca'' as your command, it will automatically use your computer's user account name as the username. Make sure you specify your username with ''ssh username@linux.socs.uoguelph.ca''.
-  - Use your favourite command line editor (vim, nano, emacs, etc.) to edit the authorized_keys file
-    * i.e.  type 'nano authorized_keys' at the command line
-    * Unless you've done this step once already, you will be creating this file.  it **MUST** be called authorized_keys
-  - Paste in the long string of text that you copied to your clipboard in step A
-  - Save the file.
-  - Log out of the server.
-=== Part C For all platforms ===
-  - Open terminal window, or Powershell (Windows only)
-  - ssh to portkey.socs.uoguelph.ca
-  - You SHOULD be prompted for the passphrase you used in Part A, and then you should connect to our linux servers (//ssh central-ID@linux.socs.uoguelph.ca//).
-  - This login method works for secure FTP programs too, such as filezilla, which will allow you to ftp files directly to your linux account.
-==== Notes and Info ====
-  - If you are unable to bring your private key to campus (via a laptop, removable storage device, etc.) and cannot transfer files via NoMachine, you must send your public key to [[help@socs.uoguelph.ca]]. Your public key will then be put into your home folder. This process may take up to a day to complete, so it is recommended to only use this option as a last resort.
-  - Once the key has been added to the server, attempt to ssh from off campus using //ssh central-ID@portkey.socs.uoguelph.ca//, agreeing to any prompts that you receive while connecting. You will be prompted to input the password you saved during the keygen creation here.
-    * If ssh is not able to find your private keys file, you can include the -i flag to specify the location of your keys (ex. ssh //jdoe@uoguelph.ca -i ~/.ssh/id_ed25519//)
-    * **NOTE: The portkey server is a jump server and has nothing installed.** You will not be able to run/compile code on this server - its sole purpose is to connect you to the main server cluster (linux.socs.uoguelph.ca).
-  - After connecting to portkey, ssh again into central-ID@linux.socs.uoguelph.ca to ensure that your connection is successful.
-== Advanced User SSH Key Setup Guide ==
-If you feel confident in your ability, below are the list of commands that you can execute to get your key onto the server while on campus. This guide is suited for students that can troubleshoot common Linux issues related to ssh and file movement. If you are not confident, follow //Part A For all platforms// above for a more in-depth guide.
-__Server-Side Setup__
-  ssh central-ID@linux.socs.uoguelph.ca
-  cd ~
-  mkdir .ssh
-  cd .ssh
-  ls
-  touch authorized_keys (if the file already exists, skip this step)
-__Local Machine__
-  ssh-keygen -t ed25519 -C central-ID@linux.socs.uoguelph.ca
-  scp ~/.ssh/id_ed25519.pub central-ID@linux.socs.uoguelph.ca:~/.ssh/ed25519.pub
-__On linux.socs.uoguelph.ca__
-  cd ~/.ssh
-  cat ed25519.pub >> authorized_keys
-  exit
-=== Using VSCode from Off-Campus ===
-  * Open up VSCode and click on the "Extensions" icon in the left sidebar. Search for "Remote - SSH" and install the extension.
-  * Once the extension is installed, click on the "Remote Explorer" icon in the left sidebar. Then, click on the "SSH Targets" dropdown and select "Add SSH Host".
-  * In the "SSH Targets" dropdown, select "Configure SSH Hosts". This will open up your SSH config file in VSCode
-  * In the SSH config file, add the following code
-<code>
-Host portkey
-    Hostname portkey.socs.uoguelph.ca
-    User your_username
-  Host linux
-    Hostname linux.socs.uoguelph.ca
-    User your_username
-    ProxyJump jump_host
-</code>
-  * Replace your_username with your actual username for both the jump host and target box.
-  * Save the SSH config file and close it.
-  * In the "SSH Targets" dropdown, you should now see two new entries: "jump_host" and "target_box". Click on "target_box".
-  * You'll be prompted to enter your password for the target box. Enter it and click "OK".
-VSCode will now open a new window with a terminal connected to the target box through the jump host. You can now work on files and run commands on the target box as if you were working on it directly.
-This section was generated by ChatGPT