Getting access to UI at IIHE

From T2B Wiki
Revision as of 12:28, 26 August 2015 by Maintenance script (talk | contribs) (Created page with " === Get access to UI using Linux === *Valid UIs: ''m0.iihe.ac.be'', ''m1.iihe.ac.be'', ''m8.iihe.ac.be'', ''m9.iihe.ac.be'' *Direct password authentication is not allowed o...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Get access to UI using Linux

  • Valid UIs: m0.iihe.ac.be, m1.iihe.ac.be, m8.iihe.ac.be, m9.iihe.ac.be
  • Direct password authentication is not allowed on the UIs for security reasons. You will need keypair authentication to gain access.
    • A valid keypair can be easily generated with ssh-keygen. This program will create a public and a private key. Needless to say that you should protect your private key with a strong passwd and that you do not share the private key with others nor use the same private key on different machines.
    • From the machine you use to connect run ssh-keygen -t rsa -b 2048
    • It first prompts for the location of the files. keep the default values unless you know what you are doing
    • Then it will prompt for a password. this is the password used to encrypt your key. if you fill nothing and just press return, you will be able to use passwordless login to the machine. this is not very secure.
      • If you want to add or remove the password from your private key, read the examples section of man rsa
    • This generates 2 files ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub, of which ~/.ssh/id_rsa.pub is the public key.
  • Send an email to grid_admin@listserv.vub.ac.be and explain to us who you are and what you want to do. Very important : attach your public key (ie id_rsa.pub) to this mail !
  • Once you've got a positive answer from us, you can try to connect from your machine to the UI (eg ssh m0.iihe.ac.be)
    • It's possible that you need to relogin and/or wait 10 seconds for changes to take effect.
    • It's possible that your ssh client doesn't use ssh protocol 2 by default. if not, try to connect with eg "ssh -2 m0.iihe.ac.be". if this works, you can make this the default option by adding in ~/.ssh/config the line
Protocol 2

Get access to UI using Windows

  • valid UIs: m0.iihe.ac.be, m1.iihe.ac.be, m8.iihe.ac.be, m9.iihe.ac.be

Using the following ssh client: ssh secure shell 3.2.2.

Open the ssh secure shell client and then do the following:

    • Go to Edit > Settings.
    • In the tree view, select Global Settings > User Authentication > Keys.
    • Select Generate New. The Key Generation wizard starts.
    • Select Next.
    • Select the Key Type and Key Length. Take RSA as Key Type instead of the default DSA
    • Select Next. Wait for key generation to complete.
    • Select Next. Enter a name for your private key file and enter the passphrase you will use to access the private key. You must enter the passphrase identically in the two Passphrase fields. The passphrase must consist of at least 8 characters and must contain both numbers and letters. This is the passphrase you'll have to type when logging in on e.g. m1. Select Next.
    • Select Finish. Do not try to upload because this will not work
    • From the Keys list, select your private key file and then select View. Notepad opens showing your public key.
    • In the SSH Secure Shell application Settings window, select OK to close the Settings window.
    • Save your public key on the /user disk (do a scp to e.g. lxpub2) in the .ssh directory, for instance /user/pvmulder/.ssh/pub_windows_rsa.pub
        • Make sure you are copying/saving the PUBLIC key!
        • Make sure the key is 1 long string and there are no newlines, otherwise it will not work!!!
        • For instance if your public key looks like this (just an example, not my real key ;-) ):
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "[2048-bit rsa, petra@your-9e8503f508, Thu Jun 14 2007 09:20:\44]"
AAAAB3NzaC1yc2EAAAADAQABAAABAQDNi9sQXqc6hsNjMXCyLBBE2pIiOufc0wFfMx2T7RGQTl
dKXmBZyVMeBwnibDgsq4J3+ukPTPRCYnrvZUYH/3tKnD8SvXUomczbxnVPJeiwEPIM6MULFh0J
...
...<not ar real key>...
...
LB7PtGFsBYunntmA4mmY0tHpBkNwLO+93N9T1i7Nr0dcp97/r8Yrm/1e7
---- END SSH2 PUBLIC KEY ----
        • After some cutting away and adding ssh-rsa in front it should look like this (make sure everything is on the same line):
ssh-rsa AAAB3NzaC1yc2EAAAADAQABAxbfP4UblsxBFKfd...<not a real key>...BYunntmA4mmY0tHpBkNwLO+93N9T1i7Nr0dcp97/r8Yrm/1e7
    • Then type (if pub_windows_rsa.pub is the name of your public key): ssh-rsa pub_windows_rsa.pub export

Now you can simply login on the m<x> machines by using the quick connect button in you ssh secure shell client and filling in e.g. m1.iihe.ac.be and your username.



Template:TracNotice