Skip to content

Latest commit

 

History

History
139 lines (104 loc) · 6.43 KB

connecting.adoc

File metadata and controls

139 lines (104 loc) · 6.43 KB

Connecting to the Outside

Commands and Concepts

Commands: ssh, ssh-keygen

Concepts: remote login, ports, keys, configuration

Exercise 0: Setting up the Tutorial Environment

This tutorial can serve as a guide for connecting to any machine, so if you already have a machine you wish to connect to, feel free to start at Exercise 1. Note that not all machines are configured the same for connecting or hosting via ssh, so your steps may differ from those in the tutorial.

If you do not have a machine to connect to, a python script (in this repository, named "Tutorial_Script.py") has been made to allow you to run through the tutorial. This script functions as a fake pair of computers for you to ssh to and from. You can only "run" the commands necessary to get through this tutorial, and they are not truly run, so nothing is altered on your computer while using the script.

All commands within the script are assumed to be run from the home directory.

  1. If you haven’t already, download the file Tutorial_Script.py.

  2. If your local machine does not yet have python, use sudo apt install python to acquire it. You will need version 3.x to run this script.

  3. To run the python script, use python /path/to/script/Tutorial_Script.py.

Exercise 1: Connect to Another Computer

  1. SSH stands for Secure Shell. It allows you to connect log in remotely to another computer and use its shell as if you were really there. To try to connect to that computer, run:

    Hm, that didn’t work. Let’s try something slightly different.

  2. Since we don’t have permission to use that port right now, try:

    ssh -p 26 [email protected]

    The -p 26 here specifies a port — hopefully one that you’re allowed to log into. You may see a warning message that the host cannot be verified; this will happen the first time you connect to any host computer.

    You’ll be prompted for a password; the password for the ssh machine within the script is simply password.

  3. You can now use this computer with any of the unix-like commands you’ve already learned! When you’re done here, you can use exit or logout to return to your own computer.

Exercise 2: Creating and Using an SSH Key

  1. Now we’re going to try to connect to the default port that we couldn’t use before. We’ll do this by creating a key. From your home directory, type ssh-keygen -t rsa.

  2. Now we need to find the key we just made. Find an ssh directory in your home directory (hint: it might be hidden!) and take a look at what files are inside.

    You should actually find two keys. (You may also find some other files as well):

    id_rsa  id_rsa.pub  known_hosts

    One of these keys is private. This is how your computer encrypts information to send and decrypts information to receive. If you share this key with anyone, they will be able to tell others that they are using your computer, even if they aren’t. No one else needs your private key, so never share it with anyone! The "pub" in the other key is short for "public;"" you may share this one with anyone you like, even complete strangers! This key allows other computers to recognize you but gives them no way to imitate yours.

    Go ahead and copy the contents of your public key to your clipboard.

  3. Reconnect to the other computer.

    If you’re getting an error, check if you’ve set which port you’re trying to use. Remember that the other computer needs to have our key before it can recognize us.

  4. Now, go to your home directory and look for .ssh again. You may need to create this directory if it doesn’t exist already.

  5. Create a file named authorized_keys in ~/.ssh and paste your public key into it. (If your or someone else have already created this file, then paste your key into a new line. If you have this file but don’t know where it came from, contact someone immediately.) Save the file and return to your own computer.

  6. Finally, we can test if this key works. Try the command we tried the first time:

    You should be able to connect now!

Exercise 3: Configuring SSH

Typing in the full name of this other computer has gotten rather tedious, as has specifying a port every time. Rather than typing:

+

ssh -p 22 [email protected]

+ With the right configuration, we could make this much shorter: ssh comp.

  1. In your .ssh directory, create a new file named config. This file will allow us to configure as many ssh connections as we like. Essentially, we’re making nicknames for computers we want to connect to and telling the local machine how we want to connect to these computers.

  2. Each entry would look something like:

    Host nickname
    HostName hostname
    User username
    Port #
    IdentityFile key/location

    So, for the example above, we would use:

    Host comp
    Hostname specific-computer.cluster.domain.edu
    User username
    Port 22
    IdentityFile /home/_yourusername_/.ssh/id_rsa

  3. Go ahead and try this one out as well!

    You might get an error telling you there are bad permissions. This is because your config file needs to only be readable and writeable by you. To fix this, you can use chmod 600 ~/.ssh/config.

Test Yourself

Common Errors

ssh nickname: Bad Permissions — The permissions on your .ssh/config file are too open. You can correct this with chmod 600 ~/.ssh/config ssh: Permission Denied — This could mean several things. You could be mistyping a password or connecting on the wrong port. It could also mean your key is missing from the host or misplaced on your local machine.