SSH (the Secure SHell) is a protocol for allowing people to access a computer over the Internet and run programs on it as if they were physically present.
Software
| If you are running | Then you should use |
|---|---|
| Linux | open a terminal and use the built-in ssh command |
| MacOS | open the Terminal app, then use the built-in ssh command |
| Windows 10 / 11 | install OpenSSH Client (following the “from the Settings UI” directions) once; then open the PowerShell app and use the ssh command (alternatively install Windows Subsystem for Linux and use the built-in ssh command) |
| Haiku | open a terminal and use the built-in ssh command |
| FreeBSD | open a terminal and use the built-in ssh command |
| OpenBSD | open a terminal and use the built-in ssh command |
| Irix | open a terminal and use the built-in ssh command |
Using key pairs instead of passwords
Typing passwords is both less secure (key-sniffers, typos, typing wrong passwords, etc) and more tedious than using a private key.
Concept
You’ll place a file on your computer and a file on the remote computer. They are matched, and each provides half of the work needed to do a job. When you log in, the remote computer will do half the work with its file, then send that to your computer to do the other half, then send it back, thus allowing both computers to be confident the other computer is who it says it is^[This is a gross over-simplification, but gets the core idea across. We’ll see what’s really going on when we discuss digital certificates in CSO2].
Setup Windows
The following should work on windows machines with PowerShell installed. Open PowerShell and run the following commands.
ssh-keygen
Don’t enter a passphrase when prompted. Once you have generated your keys copy the public key to portal by runnign the following command.
type $env:USERPROFILE\.ssh\id_rsa.pub | ssh yourusername@portal.cs.virginia.edu "cat >> .ssh/authorized_keys"
Setup Linux and MacOS
The following commands should work on Linux and MacOS systems with SSH installed, with appropriate changes to username@the.server.edu;1
ssh-keygen -f ~/.ssh/id_rsa -t rsa -b 2048
When prompted for a passphrase by ssh-keygen, just press enter without typing anything.
ssh-copy-id -i ~/.ssh/id_rsa.pub username@the.server.edu
When prompted for a passphrase by ssh-copy-id, use your UVA CS account password.
Multiple machines
You’ll need to do the ssh-keygen once per client machine you use (e.g., you laptop)
Short summary
Example: The following copies files to the CS SSH portal, then compiles and runs them on the server and displays the output on your laptop.
scp myfile1.c myfile2.c mst3k@portal.cs.virginia.edu:project1/
ssh mst3k@portal.cs.virginia.edu "cd project1/; clang *.c; ./a.out"
- Interactive Terminal
- Open with
ssh username@the.server.eduClose with
exitor Ctrl+Dssh mst3k@portal.cs.virginia.edu - Run remote command and see output
ssh username@the.server.edu command arg1 arg2 ...–or–
ssh username@the.server.edu "commands to execute"ssh mst3k@portal.cs.virginia.edu ls -lssh mst3k@portal.cs.virginia.edu "cd /tmp; ls"- Copy files from local to remote
scp file file2 file3 ... user@the.server.edu:path/to/destination/scp testfile.c mst3k@portal.cs.virginia.edu:code/demo1/Note that
scpwill not create directories, butsshcan:ssh mst3k@portal.cs.virginia.edu mkdir -p code/demo1/- Copy files from remote to local
scp user@the.server.edu:path/to/source/filename path/to/destination/(use
./for “put it where I am”)scp mst3k@portal.cs.virginia.edu:code/demo1/testfile.c ./
-
If on Windows, you also may need to use
\instead of/(whether you do or not depends on which command line tool you use).There is a slight chance that
~/.sshwill not already exist. In that casessh-keygenwill fail; if you see such a failure you can fix it by runningmkdir ~/.ssh chmod 700 ~/.sshand then re-run the above commands ↩