• Home
• About
• People
• News
• Events
• Research
• Courses
• Graduate Study
• Undergraduate Study
• Places
• Computing Systems
• Accounts
• After Hours
• Backups
• Copyright
• Disk Space
• Doc
• Education
• Email
• Ergonomics
• Find Software
• CD/Flash Drives
• FTP
• Get Software
• Hardware
• Help
• Licenses
• Local Access
• Network
• News
• New Users
• Policies
• Printing
• Publishing
• Remote Access
• Certificates
• IMAP
• Remote Backup
• SMTP
• S/Key
• ssh
• FAQ
• ssh.cs.brown.edu
• vpn
• X Servers
• Research
• Search
• Snapshots
• Statistics
• Software
• Web
• Industrial Relations
• Alumni
• Contacts

SSH

Ssh (Secure Shell) is a program used for logging onto a remote machine or for executing commands on a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.

Getting ssh

Ssh is installed and running on all supported department machines. You must also install an ssh client on your remote machine. The official ssh site is www.ssh.com.

The SSH FAQ lists various free and commercial versions of ssh and where to get them.

Illustrated instructions for setting up Putty, a common ssh client for Windows, can be found here. This is maintained by the consultants.

Setting Up

After obtaining the ssh software take the following steps:

On your remote machine:

1. Generate a public/private key pair. The exact details depend on the ssh software you are using.

   On a unix or linux machine, running OpenSSH (as we do), the command is:

   % ssh-keygen -t rsa
   

   You will be prompted for a "pass phrase". Do not use your unix password! The pass phrase is not limited to a single word, so you can choose a sentence or phrase that is easy to remember.

   Note the file where your public key is stored.

2. Copy your public key to your CS Department account. Because it is a public key, you can email it to yourself. From your CS Department account:
3. Append your public key to the file ~/.ssh/authorized_keys. If this file does not yet exist, run

   % touch ~/.ssh/authorized_keys
   

   If your key looks something like this (except much longer):

   ssh-rsa AAAAB3NzaC1kc3M9NS8w= msh@zeal
   

   Use the below command (where id_rsa.pub is the filename of your public key)

   	
   % cat id_rsa.pub>> ~/.ssh/authorized_keys
   

   If your key looks something like this:

   ---- BEGIN SSH2 PUBLIC KEY ----
   Comment: "rsa-key-20030604"
   AAB3NzaC1kc3MAAA
   ---- END SSH2 PUBLIC KEY ----
   

   Use the following command

      
   % ssh-keygen -i -f id_rsa.pub>> ~/.ssh/authorized_keys
   

4. Make sure that the permissions on ~/.ssh and ~/.ssh/authorized_keys (and ~/) are such that they are writable by only you.

You should now be able to ssh from your remote machine onto ssh.cs.brown.edu.

Once you have set your ssh password, logging in remotely is just like logging in on console, except that you supply your ssh password instead of your regular unix password.

Problems

You've followed the directions here and you still can't get in. Try checking the CS Dept SSH FAQ first. If the answer isn't there, contact someone on the technical staff for help.

---

Page Owner: Tstaff Account

Last Modified: Fri May 16 12:39:42 2008