Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
linux_ssh_access [2020/09/01 18:02]
pgh5a
linux_ssh_access [2021/04/07 14:15]
pgh5a
Line 3: Line 3:
 All Linux servers run "​secure shell" - '​ssh'​. ​ Anyone with a CS account may log into these servers. ​ All Linux servers run "​secure shell" - '​ssh'​. ​ Anyone with a CS account may log into these servers. ​
  
-On Grounds, you can simply '​ssh'​ to CS servers ​typically by using a Terminal application like HyperTerm (Windows) or Terminal (Mac).+On Grounds, you can simply '​ssh'​ to CS servers.
  
-Off Grounds, you are not able to '​ssh'​ directly into CS servers.  However connections to ''​%%portal.cs.virginia.edu%%'' ​are allowed from off Grounds.+Off Grounds, you are not able to '​ssh'​ directly into most CS servers ​except ​''​%%portal.cs.virginia.edu%%''​.
  
 You must use your CS domain userid (identical to your UVA userid) and password to '​ssh'​ to portal. For example: You must use your CS domain userid (identical to your UVA userid) and password to '​ssh'​ to portal. For example:
Line 11: Line 11:
 ''​%%ssh -l abc1de portal.cs.virginia.edu%%''​. Alternatively,​ ''​%%ssh abc1de@portal.cs.virginia.edu%%''​ ''​%%ssh -l abc1de portal.cs.virginia.edu%%''​. Alternatively,​ ''​%%ssh abc1de@portal.cs.virginia.edu%%''​
  
-Note that if you are opening a terminal application ​on your Mac or PC, your username on the Mac or PC may be different from your CS/UVA userid. So be sure to include your userid on the '​ssh'​ command line.+Most users on Mac or Windows ​PC will use a Terminal application like SecureCRTCmder, KiTTY, or Putty (Windows), Terminal or iTerm2 (Mac) to '​ssh'​ to our linux servers. 
 + 
 +Note that your username on the Mac or PC may be different from your CS/UVA userid. So be sure to include your userid on the '​ssh'​ command line.
  
 If you'd like to use a graphical windowing interface to department servers, see: [[nx_lab|NX Linux Remote Desktop Cluster]] If you'd like to use a graphical windowing interface to department servers, see: [[nx_lab|NX Linux Remote Desktop Cluster]]
Line 22: Line 24:
  
  
-If you are outside of the UVA network (off grounds) then you can first start a VPN session to UVA using the [[https://​virginia.service-now.com/​its?​id=itsweb_kb_article&​sys_id=f24e5cdfdb3acb804f32fb671d9619d0|UVA VPN]]. Once the VPN is established,​ you can '​ssh'​ to CS servers directly.+If you are outside of the UVA network (off grounds) then you can first start a VPN session to UVA using the [[https://​virginia.service-now.com/​its?​id=itsweb_kb_article&​sys_id=f24e5cdfdb3acb804f32fb671d9619d0|UVA VPN]]. Once the VPN is established,​ you can '​ssh'​ to CS servers directly. Note that you should use the UVA "​Anywhere"​ VPN, not the "More Secure"​ VPN.
  
 === Option 2: Access via portal.cs.virginia.edu === === Option 2: Access via portal.cs.virginia.edu ===
Line 60: Line 62:
  
 <​code>​ <​code>​
-[abc1de@outside-uva ~]$ ssh -l abc1de gpusrv01 -J portal.cs.virginia.edu+[abc1de@outside-uva ~]$ ssh abc1de@gpusrv01 -J abc1de@portal.cs.virginia.edu
 abc1de@portal04.cs.virginia.edu'​s password: ​                           <-- first asked to authenticate to portal abc1de@portal04.cs.virginia.edu'​s password: ​                           <-- first asked to authenticate to portal
 abc1de@gpusrv01'​s password: ​                                             <-- immediately able to log into gpusrv01 abc1de@gpusrv01'​s password: ​                                             <-- immediately able to log into gpusrv01
Line 105: Line 107:
 === Servers === === Servers ===
  
-For a listing of generally available servers in CS, see the article [[compute_resources|General Purpose Nodes]]+For a listing of generally available servers in CS, see the article [[compute_resources|Computing Resources]]
  
 === Login Restrictions (Info for Faculty) === === Login Restrictions (Info for Faculty) ===
Line 124: Line 126:
  
 <​code>​ <​code>​
-sshd;​*;​!root&​fls4t&ejs3s&pgh5a;​!Al0000-2400+sshd;​*;​!root&​abc1de&fgh1ij&klm1no;​!Al0000-2400
 </​code>​ </​code>​
  
-This line is formatted such that the users listed are separated by ampersand ''​%%&​%%''​ characters. ​ This entry will allow the users ''​%%root%%'',​ ''​%%fls4t%%'',​ ''​%%ejs3s%%''​ and ''​%%pgh5a%%''​ are allowed access. ​ **Be sure to always include yourself and root in this rule.  Failure to do so may result in everyone becoming locked out.**+This line is formatted such that the users listed are separated by ampersand ''​%%&​%%''​ characters. ​ This entry will allow the users ''​%%root%%'',​ ''​%%abc1de%%'',​ ''​%%fgh1ij%%''​ and ''​%%klm1no%%''​ are allowed access. ​ **Be sure to always include yourself and root in this rule.  Failure to do so may result in everyone becoming locked out.**
  
-If we wanted to add the user ''​%%ktm5j%%''​ to this rule above, we would insert the string ''​%%&​ktm5j%%''​ like this:+If we wanted to add the user ''​%%pqr1st%%''​ to this rule above, we would insert the string ''​%%&​pqr1st%%''​ like this:
  
 <​code>​ <​code>​
-sshd;​*;​!root&​fls4t&ejs3s&pgh5a&ktm5j;​!Al0000-2400+sshd;​*;​!root&​abc1de&fgh1ij&klm1no&pqr1st;​!Al0000-2400
 </​code>​ </​code>​
  
 Changes to this file take effect immediately,​ no services need to be restarted. ​ When editing this file, be sure that you keep at least one active ssh connection until you have tested your changes. ​ This will prevent becoming locked out if any errors are made! Changes to this file take effect immediately,​ no services need to be restarted. ​ When editing this file, be sure that you keep at least one active ssh connection until you have tested your changes. ​ This will prevent becoming locked out if any errors are made!
  • linux_ssh_access.txt
  • Last modified: 2021/04/13 19:34
  • by pgh5a