Interactive Shell Servers
SCI provides several interactive servers for general computing use. You may access them via ssh'ing to shell.sci.utah.edu
What are the server details?
You connect to the host via ssh (firstname.lastname@example.org). They are DNS round-robin servers running OpenSUSE 13.2 (x86_64). Each server consist of two dual-core operators with 2GB of memory. They are connected to the network via gigabit Ethernet.
Where are programs located?
All programs should be in the standard Linux paths.
Can I run services/programs?
No, the shell machines are meant for interactive use only and not for running long-term processes.
Is local/scratch disk space available?
No, these server are strictly for general ssh access to the SCI network. They are not meant to be used for running computational applications or compiling jobs.
How do I get software installed?
If there is an OpenSUSE package available then we will install it for you as long as it does not cause issues. If it is a code that must be compiled then you can do such in your home directory space. We will in rare circumstances compile custom versions of package for users.
Secure Shell (SSH) is a network protocol for command line secure remote data communication. In other words, it is a secure connection between two systems over an insecure network. SSH application can be used from the terminal on Linux and Mac Operating System. It can also be used in windows with the help of a third party software such as putty etc. SSH was created to replace the services like telnet, berkeley rsh and rexec which are less secure in nature and capable of sending password in clear text or plaintext format whereas encryption is used by SSH which provides confidentiality and integrity of the data over an unsecured network.
There are many ways to use SSH, one way to use them is generating public and private key so that the network connection can be encrypted and then use the password for log on. Second is to manually generate public and private key and use it for authentication and "NOT" using password for authentication. For the second method, when public and private keys are generated then public key are placed on the 'X' number of remote servers/computers that a user will be logging in from his/her local machine. When the public key is present on the remote server/computer with the matching private key on the local machine then there is no need of the password for authentication because user is authenticating based on the private key (keeping in mind that the private key does not get transferred during the authentication).
SSH is used for many things such as remotely logging into a machine and run/execute command but SSH is also used for X11 connections, tunneling, forwarding TCP ports, SFTP, SCP, etc. The default SSH port is 22 for the SSH Server.
SSH client is usually present on most of the Linux Operating Systems and Mac OSX. Microsoft Windows is the only platform where SSH is present and have to use third party software such as PuTTY, openSSH/Cygwin etc.
SSH keys are generated by command called 'ssh-keygen'. A user can create a passphrase during the key generation process or leave it empty. ssh-keygen stores the keys in $HOME/.ssh/id_rsa (private key) and $HOME/.ssh/id_pub (public key). Private Key is the key which should be kept private and should not shared with the public where as the content of the public key should be placed on the remote servers/computers that user will be connecting to in the future. The content of the public key is stored in $HOME/.ssh/authroized_keys of the remote server/computer.
Following are some of the options which can be used with the ssh-keygen command:
-b refers to the number of bits in a key (768 bits to 2048 bits)
-C enter new comments
-p change passphrase of the private key file instead of creating new key
-t type of key to generate
-q quiets ssh-keygen. It is used by the /etc/rc file while creating new key
-N provides new passphrase
Files used by ssh-keygen utility:
The ssh-keygen uses various files for saving public and private key and following is the list of files:
· $HOME/.ssh/identity: it contains the RSA private key when using the SSH protocol version 1.
· $HOME/.ssh/identity.pub: it contains the RSA public key for authentication when you are using the SSH protocol version 1.
· $HOME/.ssh/id_dsa: it contains the protocol version 2 DSA authentication identity of the user.
· $HOME/.ssh/id_dsa.pub: it contains the DSA public key for authentication when you are using the SSH protocol version 2.
· $HOME/.ssh/id_rsa: it contains the protocol version 2 RSA authentication identity of the user.
· $HOME/.ssh/id_rsa.pub: it contains the protocol version 2 RSA public key for authentication.
# ssh-keygen -t rsa -b 2048
After generating keys, copy rsa public key into file authorized_keys.
(from your home directory)
# cd .ssh
# cat id_rsa.pub >authorized_keys
(This will erase any existing authorized_keys and copies id_rsa.pub into it.)
Here are some web pages with examples you can find by searching Internet for "ssh key generation":
Note: If you're using general SCI home (/home/sci/...) as your directory on desktop or laptop, there is no need to copy ssh keys to servers. All servers at SCI see and have access to home directories. However, if you don't and use a local home directory, please make sure to copy your ssh keys to general SCI home directory.
X11 over SSH:
In order to have X11 over SSH, the remote server/computer should have X11 forwarding enabled in the sshd_config file. (sshd_config file is usually located in /etc/ssh) If the X11 forwarding is enabled than the user can use -X or -Y flag to when using ssh to a remote server/computer.