SSH (the Secure SHell) is a protocol for allowing people to access a computer over the Internet and run programs on it as if they were physically present.

1 Software

Open a terminal and use the ssh command.

Windows is somewhat behind Linux, FreeBSD, OpenBSD, Irix, Haiku, and MacOS in support for terminals and ssh. Powershell should work OK, though you might need to enable OpenSSH first. Many Windows-using students say they prefer Git BASH instead. The Windows Subsystem for Linux is also reported to work well.

2 Using key pairs instead of passwords

Typing passwords is both less secure (key-sniffers, typos, typing wrong passwords, etc) and more tedious than using a private key.

2.1 Concept

You’ll place a file on your computer and a file on the remote computer. They are matched, and each provides half of the work needed to do a job. When you log in, the remote computer will do half the work with its file, then send that to your computer to do the other half, then send it back, thus allowing both computers to be confident the other computer is who it says it is¹.

2.2 Setup

The following commands² should work on any system with SSH installed³, with appropriate changes to username@the.server.edu;

1. Generate an SSH public key, used to log in securely without a password.

   ssh-keygen -f ~/.ssh/id_rsa -t rsa -b 4096

   When prompted for a passphrase by ssh-keygen, just press enter without typing anything.

2. Use of the the following two options

   1. Some SSH installations come with a single command for copying your SSH public key to a remote server

      ssh-copy-id -i ~/.ssh/id_rsa.pub username@the.server.edu

      When prompted for a passphrase by ssh-copy-id, use your UVA CS account password.

   2. If you don’t have ssh-copy-id, you can replicate it’s work with three commands:

      ssh username@the.server.edu 'mkdir -p .ssh; chmod 700 .ssh'
      cat "$HOME/.ssh/id_rsa.pub" | ssh username@the.server.edu 'cat >> .ssh/authorized_keys'
      ssh username@the.server.edu 'chmod 644 .ssh/authorized_keys'

      All three of the above commands will ask for a password; use your UVA CS account password all three times.

2.2.1 Multiple machines

You’ll need to do the ssh-keygen and ssh-copy-id (or its three-command equivalent) once per client machine you use (e.g., your laptop, desktop, etc.).

3 Logging in remotely

Open with ssh username@the.server.edu

Close with exit or Ctrl+D

ssh mst3k@portal.cs.virginia.edu

4 Running commands remotely

If you just need to run a short string of commands, you can put them as a second argument to ssh, like ssh username@the.server.edu "command1; command2 with arguments; command3".

ssh mst3k@portal.cs.virginia.edu 'whoami; man -f printf'

If your remote machine is portal.cs.virginia.edu, most commands are unavailable until you enable them with . /etc/profile, which is run automatically for interactive logins but not for single commands.

ssh mst3k@portal.cs.virginia.edu '
. /etc/profile
module load clang
cd my-code
clang *.c
./a.out
'

5 Copying files

Don’t copy-paste to and from an interactive SSH session. Doing so introduces line breaks, backslashes, and other unintended characters.

Instead, use the secure copy command scp or a version-control tool like git.

5.1 File transfer with backups

If you are transferring files for a homework assignment, you should use a version control tool instead of direct transfer. See our git writeup for more.

5.2 From your computer to the server

scp file file2 file3 ... user@the.server.edu:path/to/destination/

scp testfile.c mst3k@portal.cs.virginia.edu:code/demo1/

Note that scp will not create directories, but ssh can:

ssh mst3k@portal.cs.virginia.edu mkdir -p code/demo1/

5.3 From the server to your computer

scp user@the.server.edu:path/to/source/filename path/to/destination/

(use ./ as the path/to/destination for put it where I am)

scp mst3k@portal.cs.virginia.edu:code/demo1/testfile.c ./

5.4 Bidirectional transfer of many files

There is a command, sftp, which allows you to move files to and from computers interactively. It uses a special language that is similar to, but not the same as, usual shell interactions.

1. Initiate a connection with sftp user@the.server.edu

2. The session maintains two locations

   • the remote location (on the server) can be displayed with pwd and changed with cd. You can list remote files with ls.
   • the local location (on your computer) can be displayed with lpwd and changed with lcd. You can list local files with lls.

3. You can send files to the server using put existing-local-filename.ext, or put existing-local-filename.ext new-remote-filename.ext if you want to rename the file.

   You can retrieve files from the server using get existing-remote-filename.ext, or get existing-remote-filename.ext new-local-filename.ext if you want to rename the file.

   sftp can only transfer one file at a time. If you try something like put f1.c f2.c dirname/ it will copy local f1.c as remove f2.c and ignore dirname/ entirely

4. Close the session with exit, byte, or Ctrl+D

To move entire directory structures, rsync also works well; see man rsync for more.

You may also be able to make the CS server show up in the Windows file explorer or Apple Finder. Some students have also said good things about using the Filezilla SFTP client⁴.