Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
linux_ssh_access [2019/07/29 19:16]
ktm5j
linux_ssh_access [2020/06/03 18:49] (current)
pgh5a
Line 1: Line 1:
 ====== Linux SSH Access ====== ====== Linux SSH Access ======
  
-All Linux servers ​in CS run an SSH server on port 22.  Anyone with a CS account may log into these servers.+All Linux servers run '​ssh'​.  Anyone with a CS account may log into these servers. ​
  
-**Update 07/29/19** We are now blocking SSH traffic for connections from outside of the UVA network This means that you are no longer ​able to SSH directly into CS hosts from outside of UVA.  However connections to ''​%%portal.cs.virginia.edu%%''​ are still allowed from outside of UVA.+From inside ​UVA, you can simply '​ssh'​ to CS servers. 
 + 
 +From outside UVA, you are not able to '​ssh' ​directly into CS servers.  However connections to ''​%%portal.cs.virginia.edu%%''​ are still allowed from outside of UVA.
  
 ===== Access from Outside UVA ===== ===== Access from Outside UVA =====
  
-If you are outside of the UVA network (off campus) then you must use the [[https://​virginia.service-now.com/​its?​id=itsweb_kb_article&​sys_id=f24e5cdfdb3acb804f32fb671d9619d0|UVA VPN]] to access CS servers via SSH.+**Use one of these options to access CS servers from outside of UVA.** 
 + 
 +==== Option 1: VPN access ==== 
 + 
 + 
 +If you are outside of the UVA network (off grounds) then you can use the [[https://​virginia.service-now.com/​its?​id=itsweb_kb_article&​sys_id=f24e5cdfdb3acb804f32fb671d9619d0|UVA VPN]] to access CS servers via SSH. 
 + 
 +==== Option 2: Access via portal.cs.virginia.edu ====
  
-If you need to access CS servers from outside of UVA you can SSH directly into ''​%%portal.cs.virginia.edu%%''​ without having to use the VPN.  Once you are logged into the ''​%%portal%%''​ cluster, you can then access other CS servers via SSH.+If you need to access CS servers from outside of UVA you can ssh directly into ''​%%portal.cs.virginia.edu%%''​ without having to use the VPN.  Once you are logged into the ''​%%portal%%''​ cluster, you can then access other CS servers via SSH.
  
-==== Example using portal.cs ​====+=== Example using portal.cs ===
  
 <​code>​ <​code>​
Line 22: Line 31:
 ktm5j@portal04 ~ $ hostname ktm5j@portal04 ~ $ hostname
 portal04 ​                                              <​-- We are logged into portal cluster portal04 ​                                              <​-- We are logged into portal cluster
-ktm5j@portal04 ~ $ ssh power3 ​                         ​<-- We can now access ​power3 +ktm5j@portal04 ~ $ ssh gpusrv01 ​                        <-- We can now access ​gpusrv01 
-ktm5j@power3's password:+ktm5j@gpusrv01's password:
 .... ....
-ktm5j@power3 ​~ $+ktm5j@gpusrv01 ​~ $
 </​code>​ </​code>​
  
-==== SSH Jumphost Options ​====+=== SSH Jumphost Options ===
  
 The OpenSSH ssh client has an option ''​%%-J%%''​ to specify a host to use as a "​jumphost"​ that lets us access other servers inside of a firewalled network. ​ This combines two steps from the example above (ssh into portal.cs.virginia.edu and then ssh to power3) into one single command. ​ From the manpages: The OpenSSH ssh client has an option ''​%%-J%%''​ to specify a host to use as a "​jumphost"​ that lets us access other servers inside of a firewalled network. ​ This combines two steps from the example above (ssh into portal.cs.virginia.edu and then ssh to power3) into one single command. ​ From the manpages:
Line 45: Line 54:
 </​code>​ </​code>​
  
-Here is how we use this option to "​jump"​ from portal.cs to another CS server. ​ Let's repeat the example of logging in to ''​%%power3%%''​+Here is how we use this option to "​jump"​ from portal.cs to another CS server. ​ Let's repeat the example of logging in to ''​%%gpusrv01%%''​
  
 <​code>​ <​code>​
-[ktm5j@outside-uva ~]$ ssh -l ktm5j power3 ​-J portal.cs.virginia.edu+[ktm5j@outside-uva ~]$ ssh -l ktm5j gpusrv01 ​-J portal.cs.virginia.edu
 ktm5j@portal04.cs.virginia.edu'​s password: ​                           <-- first asked to authenticate to portal ktm5j@portal04.cs.virginia.edu'​s password: ​                           <-- first asked to authenticate to portal
-ktm5j@power3's password: ​                                             <-- immediately able to log into power3+ktm5j@gpusrv01's password: ​                                             <-- immediately able to log into gpusrv01
 .... ....
-ktm5j@power3 ​~ $+ktm5j@gpusrv01 ​~ $
 </​code>​ </​code>​
  
  • linux_ssh_access.1564427778.txt.gz
  • Last modified: 2019/07/29 19:16
  • by ktm5j