Quick Links
Contact Us
Computer Science DepartmentSwarthmore College
500 College Avenue
Swarthmore, PA 19081
Phone: 610.328.8272
Fax: 610.328.8606
Email: info at cs.swarthmore.edu
Copyright 2009 Swarthmore College. All rights reserved.
using ssh and scp
This page provides some basic ssh, scp, sftp help. See our remote access page for more information, including where to get ssh programs for your computer.
ssh is used to securely connect from one machine to another -- for example, from your dorm machine to the cs machines. scp and sftp can be used to transfer files from one machine to another. All of these programs use encryption, to protect your password and any other sensitive information being transmitted across the network.
If you haven't already set up RSA authentication, which is optional (see below), ssh will simply use your regular unix password for authentication. Here is an example of someone using ssh to connect to catnip from a remote machine:
remote$ ssh username@catnip.cs.swarthmore.edu username@catnip's password: ********** Last login: Mon Jul 29 16:47:43 2002 from foo.net CATNIP$
If you don't care which lab machine you connect to, just ssh to lab.cs.swarthmore.edu
Here are examples of using scp, and sftp to copy a file from the sccs machines to a cs machine (aleppo):
ALEPPO[jk]$ scp jk@sccs:sizeof.c . jk@sccs's password: sizeof.c 100% |*******************| 901 00:02 ALEPPO[jk]$
ALEPPO[jk]$ sftp sccs Connecting to sccs... jk@sccs's password: sftp> ls drwxr-xr-x 11 jk users 4096 Jul 23 15:28 . drwxr-xr-x 38 root root 4096 Aug 20 2001 .. -rw-r--r-- 1 jk users 3768 Mar 15 1999 .Xdefaults -rw-r--r-- 1 jk users 4802 Aug 8 2000 .cshrc -rw-r--r-- 1 jk users 898 Oct 5 1999 .login -rw------- 1 jk users 569 Jul 23 15:36 .history drwxr-xr-x 2 jk users 4096 Jun 14 2000 .ssh -rw-r--r-- 1 jk users 901 Nov 9 1999 sizeof.c drwxr-xr-x 2 jk users 4096 Mar 8 2001 bin -rw------- 1 jk users 13027 Jul 23 15:28 README sftp> get sizeof.c Fetching /home/jk/sizeof.c to sizeof.c sftp> bye ALEPPO[jk]$
rsa and dsa authentication
If you're new to ssh, and want to try using RSA authentication (which is more secure than using your regular unix password), take a look at Getting Started with SSH. It is a really nice page, with good info on setting up RSA authentication keys.
using ssh-agent
Here is some information on setting up ssh-agent. Using this will allow you to enter your password once, and then be able to ssh to other CS clients without having to re-enter it.
Summary:
- set up RSA keys
- modify .xsession to use ssh-agent
- modify .xinitrc to hold all desktop init commands
- log in on console
- in any window, run ssh-add (type in RSA passphrase here, once)
- can now ssh from this machine to other CS machines without password or passphrase
- set up your RSA key using ssh-keygen:
$ ssh-keygen -t rsa (accept defaults and type in a good passphrase) $ cd .ssh $ cp id_rsa.pub authorized_keys
At this point you should be able to test it by sshing to another lab machine. If it asks for and accepts your passphrase, it is working.$ ssh oil Enter passphrase for key '/home/uname/.ssh/id_rsa': oil$
If this works, logout (exit) from oil and do the next steps.
- copy your current .xsession to a new file named .xinitrc.
Then create a new (executable) .xsession that runs ssh-agent each
time you log in on a console (and run an X session). To make this
step easier, you can just copy our ssh-agent.xsession file:
$ cd $ cp .xsession .xinitrc $ cp /usr/swat/lib/dotfiles/ssh-agent.xsession .xsession
- Now try logging in at the console of one of the lab machines. Then, in
a terminal window, run ssh-add and type in your new RSA passphrase, like this:
$ ssh-add Enter passphrase: blah, blah, blah, blah, Ginger.
After this, you should be able to ssh from this machine to any cs lab machine (ex: ssh lemon) without having to re-enter your password or passphrase.$ ssh lemon lemon$
using ssh-agent during remote login
If you're remotely logged in (i.e., not at the lab machine console), you can still use ssh-agent. Just have ssh-agent spawn a bash shell, then run ssh-add, then you should be able to ssh without a password or passphrase:
$ ssh-agent bash $ ssh-add Enter passphrase for /home/username/.ssh/id_rsa: $ ssh lemon lemon$