wiki:cypress/SshUsage

Version 42 (modified by cbaribault, 10 months ago) (diff)

Added explanation on ssh key exchange, etc.

Terminals and Shells

Taken from UNIVAC promotional materials circa 1960

The terminal has been the primary means of interfacing with a cluster computing machine since the 1960s. Today, users who are working on a laptop or desktop with an operating system that is based on Unix will have a useful terminal built into their operating system. This includes anyone using Mac os X or any flavor of Linux.

Mac Terminal

To access the terminal program on a Mac go to

Applications → Utilities → Terminal

This will launch a terminal containing a unix shell. The unix shell is a command line interpreter which both allows you to pass commands to the operating system and displays output. Currently, the default shell for most unix based systems is the Bourne Again SHell or bash shell. Your shell can be modified to provide a custom environment and we will go into detail on how to make these modifications in later sessions.

Ubuntu Terminal

In Unity versions of Ubuntu (11.04 and later) the easiest way to access the terminal is through the search function of the dash

Dash → Search for Terminal

finding the ubuntu terminal

ubuntu terminal

Windows "Terminal" (Command Prompt)

Windows 10

Evaluate your ssh installation

For the following, open a terminal window by locating the Windows search box in the task bar at the bottom of the screen and entering the command cmd.

Windows Search BoxWindows Command Prompt

Check that ssh is installed by entering the following command.

where ssh

If ssh is installed, then your result will look like the following. Otherwise proceed to Update Options below.

C:\Users\cbaribault\ssh
C:\Windows\System32\OpenSSH\ssh.exe

Next, in your terminal window type the following command to query your ssh installation's set of supported key exchange algorithms. Both both your local machine and Cypress must agree on a common algorithm to be used to exchange a shared secret key, which in turn, will be used to decrypt the in-session messages sent between your local machine and Cypress.

ssh -Q kex

In order to comply with most recent standard for secure transfer during your remote session on Cypress, your result should contain the following entry. See https://tools.ietf.org/id/draft-ietf-curdle-ssh-kex-sha2-09.html.

diffie-hellman-group-exchange-sha256

If your terminal satisfies the above, then you may use it to login remotely to Cypress. Otherwise, proceed next to Update Options.

Update Options

If your Windows 10 does not have the ssh command or does not have the proper key exchange algorithm mentioned above, then you can do one of the following.

  1. Download and run Windows 10 Update Assistant and then verify ssh via the above. See Download and run Windows 10 Update Assistant.
  2. Install OpenSSH with PowerShell and then verify ssh via the above. See Install OpenSSH for Windows.
  3. Proceed below to check your OS build number and install either Windows Subsystem for Linux (WSL) or PuTTY.

Check your OS build number

To find your PC's architecture and Windows build number, go to the Windows search box and open Settings > System > About

https://docs.microsoft.com/en-us/windows/wsl/media/system.png

If your windows 10 is newer than build 16215, you can install WSL with the instructions below. If your windows 10 is older than build 16215, you can still use PuTTY.

Installing Windows Subsystem for Linux (WSL)

1.Open PowerShell as Administrator by right-clicking on the start button and selecting the menu item Windows PowerShell (Admin)

Windows10 Start context menu

Windows10 !PowerShell

2.In the resulting window run the command:

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux

3.Restart your computer when prompted.

4.Let's install Ubuntu, click the link below.

From the distro's page, select "Get"

https://docs.microsoft.com/en-us/windows/wsl/media/ubuntustore.png

5.Open a command-line window, (search cmd) then type 'bash'

See Install WSL

X WIndow for Graphics

To run software with graphics with either Windows Terminal or WSL, you have to have X-window client software installed on your Windows. See here.

And you may need to do following on WSL terminal. Under bash command-line window

sudo apt install x11-apps

Add a line below into ~/.bashrc

export DISPLAY=localhost:0.0

Windows 8

Note for Windows 7: As of January 14, 2020, if you're still using Windows 7, this represents a critical security threat to the university network and user data, and your network access will be restricted to internet traffic only. For alternatives, see Reminder: Windows 7 End of Life.

As Windows 8 is NOT a Unix based OS, it lacks a native terminal emulator that is capable of providing a Unix shell. This will require a work around. For our requirements, the most common solution is the installation of an open source terminal emulator called PuTTY that supports the communication protocols discussed below. If you are using a Windows machine and you have not already downloaded PuTTY you should do so now.

PuTTY

Download PuTTY

PuTTY Manual

After you've downloaded the PuTTY.exe file, move it to the location you prefer and double click to launch.

windows putty launch

To log onto cypress, enter cypress1.tulane.edu (or cypress2.tulane.edu) into the Host Name field and make sure the port is set to 22. Click on Open and you will be given a login window to cypress.

putty screen

Remote Access

A short History

Scientists have been performing computations remotely since 1940 when George Stibitz used a Teletype machine to perform remote computations on a Complex Number Machine in New York City from the an AMS conference held at Dartmouth (http://history-computer.com/Internet/Dreamers/Stibitz.html). By 1973, standards were defined for a set of remote access protocols called Telnet which are still in use today. Subsequently (1983), the Berkley Software Distribution (BSD) Unix operating system instituted an alternative protocol called Remote SHell, or rsh. While still available on most systems, rsh is not recommended for common use as it lacks encryption. In 1995, this lack of security lead a researcher named Tatu Ylonen to invent a secure set of protocols after his University was the victim of a sniffing attack. He named his protocols Secure SHell, or ssh, and this has become the default means of remote access for unix based machines world wide.

Secure SHell (SSH)

Linux and Mac

Users on Mac and Linux workstations have ssh available on the command line. To connect to a remote server run the following:

user@localhost> ssh remoteusername@remotehost.example.com

The first time you log into a new machine, you will be asked if you trust the server. For instance, the first time you log into Cypress using PuTTY you will receive the following prompt:

host key alert

host key security for mac

Click on yes (or if using Mac/Linux/Windows/WSL terminal simply type "yes" at the corresponding prompt). You should now be prompted for the password associated with your remote username.

For those who have accounts on Cypress, you can connect to cypress by running the command

user@localhost> ssh tulaneID@cypress1.tulane.edu

and entering the password associated with your tulaneID across Tulane resources.

https://docs.google.com/drawings/d/e/2PACX-1vSlffILDUxxzh_QpD4M7P5-bY_tCkYNjA9xIYWuUUqz_HBBczQ18o5AWA9OZ5_w5Q0bwQJbdgmUCuMJ/pub

Tunneling X Windows Session via SSH

Linux and Mac

Users on Mac and Linux workstations have ssh available on the command line.

To connect to a remote server with X window tunneling run the following:

user@localhost> ssh -Y remoteusername@remotehost.example.com

For Mac users, you may have to install XQuartz.

Windows

Windows users will need to download an X window server/client software.

Xming

VcXsrv

Cygwin

With PuTTY, enable X11 forwarding.

CHECKPOINT

For Workshop

Everyone should now have a terminal open and be logged into Cypress. If you are not logged on to Cypress, please raise your hand and someone will assist you.

In General

Once you have a terminal, if you are not logged on to Cypress, please request help via hpcadmin@… and someone will assist you.

We will return to SSH shortly, but first we need to discuss Basic Linux Commands.

Next Section: Linux Commands

Attachments (15)

Download all attachments as: .zip