Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
linux_ssh_access [2019/07/29 18:49]
ktm5j
linux_ssh_access [2020/06/03 18:49]
pgh5a
Line 1: Line 1:
 ====== Linux SSH Access ====== ====== Linux SSH Access ======
  
-All Linux servers ​in CS run an SSH server on port 22.  Anyone with a CS account may log into these servers, from both inside of the University.+All Linux servers run '​ssh'​.  Anyone with a CS account may log into these servers. ​
  
-**Update 07/29/19** We are now blocking SSH traffic for connections from outside of the UVA network This means that you are no longer ​able to SSH directly into CS hosts from outside of UVA.  However connections to ''​%%portal.cs.virginia.edu%%''​ are still allowed from outside of UVA.+From inside ​UVA, you can simply '​ssh'​ to CS servers. 
 + 
 +From outside UVA, you are not able to '​ssh' ​directly into CS servers.  However connections to ''​%%portal.cs.virginia.edu%%''​ are still allowed from outside of UVA.
  
 ===== Access from Outside UVA ===== ===== Access from Outside UVA =====
  
-If you are outside of the UVA network (off campus) then you must use the [[https://​virginia.service-now.com/​its?​id=itsweb_kb_article&​sys_id=f24e5cdfdb3acb804f32fb671d9619d0|UVA VPN]] to access CS servers via SSH.+**Use one of these options to access CS servers from outside of UVA.** 
 + 
 +==== Option 1: VPN access ==== 
 + 
 + 
 +If you are outside of the UVA network (off grounds) then you can use the [[https://​virginia.service-now.com/​its?​id=itsweb_kb_article&​sys_id=f24e5cdfdb3acb804f32fb671d9619d0|UVA VPN]] to access CS servers via SSH. 
 + 
 +==== Option 2: Access via portal.cs.virginia.edu ====
  
-If you need to access CS servers from outside of UVA you can SSH directly into ''​%%portal.cs.virginia.edu%%''​ without having to use the VPN.  Once you are logged into the ''​%%portal%%''​ cluster, you can then access other CS servers via SSH.+If you need to access CS servers from outside of UVA you can ssh directly into ''​%%portal.cs.virginia.edu%%''​ without having to use the VPN.  Once you are logged into the ''​%%portal%%''​ cluster, you can then access other CS servers via SSH.
  
-==== Example using portal.cs ​====+=== Example using portal.cs ===
  
 <​code>​ <​code>​
Line 22: Line 31:
 ktm5j@portal04 ~ $ hostname ktm5j@portal04 ~ $ hostname
 portal04 ​                                              <​-- We are logged into portal cluster portal04 ​                                              <​-- We are logged into portal cluster
-ktm5j@portal04 ~ $ ssh power3 ​                         ​<-- We can now access ​power3 +ktm5j@portal04 ~ $ ssh gpusrv01 ​                        <-- We can now access ​gpusrv01 
-ktm5j@power3's password:+ktm5j@gpusrv01's password:
 .... ....
-ktm5j@power3 ​~ $+ktm5j@gpusrv01 ​~ $
 </​code>​ </​code>​
  
-==== SSH Jumphost Options ​====+=== SSH Jumphost Options ===
  
 The OpenSSH ssh client has an option ''​%%-J%%''​ to specify a host to use as a "​jumphost"​ that lets us access other servers inside of a firewalled network. ​ This combines two steps from the example above (ssh into portal.cs.virginia.edu and then ssh to power3) into one single command. ​ From the manpages: The OpenSSH ssh client has an option ''​%%-J%%''​ to specify a host to use as a "​jumphost"​ that lets us access other servers inside of a firewalled network. ​ This combines two steps from the example above (ssh into portal.cs.virginia.edu and then ssh to power3) into one single command. ​ From the manpages:
Line 45: Line 54:
 </​code>​ </​code>​
  
-Here is how we use this option to "​jump"​ from portal.cs to another CS server. ​ Let's repeat the example of logging in to ''​%%power3%%''​+Here is how we use this option to "​jump"​ from portal.cs to another CS server. ​ Let's repeat the example of logging in to ''​%%gpusrv01%%''​
  
 <​code>​ <​code>​
-[ktm5j@outside-uva ~]$ ssh -l ktm5j power3 ​-J portal.cs.virginia.edu+[ktm5j@outside-uva ~]$ ssh -l ktm5j gpusrv01 ​-J portal.cs.virginia.edu
 ktm5j@portal04.cs.virginia.edu'​s password: ​                           <-- first asked to authenticate to portal ktm5j@portal04.cs.virginia.edu'​s password: ​                           <-- first asked to authenticate to portal
-ktm5j@power3's password: ​                                             <-- immediately able to log into power3+ktm5j@gpusrv01's password: ​                                             <-- immediately able to log into gpusrv01
 .... ....
-ktm5j@power3 ​~ $+ktm5j@gpusrv01 ​~ $
 </​code>​ </​code>​
  
  • linux_ssh_access.txt
  • Last modified: 2020/08/06 13:11
  • by pgh5a