# Step 3. Configure your SSH

Use Lab access link instead

If you are configuring access to your lab use Lab access link sent to you in onboarding email with other credentials. You can also request Lab access link in Service desk

These steps will configure your SSH connection to and from your local computer and your lab.

You will first configure a machine used for security purposes that we call entry, and then one machine that we call home were you will do your scientific explorations.

Requirement

  • A running VPN connection (successful implementation of Step 2).

# 3.1 Identify required info

Open the ssh-config.txt file that you collected in Step 1 using your favorite text editor.

This file contains the necessary information for your SSH configuration. Take note of your lab-name, your lab-IP and your username.

Example contents of ssh-config.txt:

Host <your-lab-name>-entry
    HostName <your-lab-IP>
    User <your-username>

Expected info

  • `your-lab-name' - the name of your lab.
  • `your-lab-IP' - the IP address of your lab.
  • `your-username' - your username in your lab.

# 3.2 Design a passphrase

You will need to update your SSH temporary key in the steps below. We prefer that you design a passphrase instead of a password. A passphrase is a series of words that creates a phrase. It should be:

  • long enough to be hard to guess
  • not a famous quotation from the literature (but could be pretty close)
  • hard to guess by intuition (even by someone who knows you well)
  • easy to remember
  • at least 3 characters have to be different from your previous one (temporary passphrase)

Oh, and, it should be unique to this site only (not to mention at least 12 characters long and include both lower and upper cases).

Making a good passphrase is great fun and good security hygiene. Here's one to get you going:

AnalysingPokemon4FunInTheMorning

Expected outcome

A unique passphrase of minimum 12 characters containing both lower and upper cases.

# 3.3 Configure entry

Windows

  1. Download and save the Putty SSH client from this link (opens new window).

  2. Double click on the putty.exe file that your save your local computer to start the client.

  3. Enter <your-username>@<your-lab-IP> in the "Host Name (or IP address)" field and click "Open".

    putty step 3.3.3

  4. Type in your SSH temporary key collected in Step 1 in the terminal window that appear when asked for a password and hit enter. You will not see anything on the screen when you type your password.

    NOTE: You CANNOT paste with Ctrl + v in Putty.

    putty step 3.3.4

  5. Type the same SSH temporary key one more time when asked and hit enter.

    putty step 3.3.5

  6. Enter your new passphrase from above and hit enter.

    putty step 3.3.6

  7. Retype your passphrase for verification and hit enter. You will now be kicked out of the entry machine connection.

    putty step 3.3.7

  8. Repeat Step 2 and 3 to verify that your passphrase has been updated. Type your passphrase when asked for a password. You should now be logged into your entry machine.

OS X and macOS

  1. Start Terminal (Command + Space, type "Terminal").

  2. Type ssh <your-username>@<your-lab-IP>

  3. You should then be prompted to enter a password <your-username>@<your-lab-IP>'s password:

  4. Enter your SSH temporary key collected in Step 1 two times. Pasting with Ctrl + v does not work in Putty.

  5. Enter your new passphrase and retype for verification. You will be kicked off the entry machine by completion.

  6. Repeat step 2. and 3. to verify your passphrase update. Type your passphrase when asked for a password. You should now be logged into your entry machine.

Ubuntu Linux

  1. Start Gnome Terminal (Ctrl + Alt + T).

  2. Type ssh <your-username>@<your-lab-IP>

  3. You should then be prompted to enter a password <your-username>@<your-lab-IP>'s password:

  4. Enter your SSH temporary key collected in Step 1 two times.

  5. Enter your new passphrase and retype for verification. You will be kicked off the entry machine by completion.

  6. Repeat step 2. and 3. to verify your passphrase update. Type your passphrase when asked for a password. You should now be logged into your entry machine.

Expected result

By completion your should be logged into your entry machine and see a terminal window that looks about the same as this:


Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-174-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 update is a security update.

Welcome to YOUR-LABNAME.

For the record, if you should not be here - please
leave and report the incident to cloud.support+hunt-cloud-contact-form@hunt.ntnu.no.

Last login: Mon Jul  2 17:40:16 2018 from 10.10.10.10
your-username@your-labname-`entry`:~$

# 3.4 Configure home

  1. When logged into your entry machine (see expected result above), connect to your home server by typing ssh home in your terminal window.

  2. You will be prompted to type your SSH temporary key one time.

  3. Similar to above, you will be asked for a new password. Type your passphrase two times.

  4. Similar to above, you will be kicked out of your home machine and back to your entry machine by completion.

  5. Similar to above, verify a successful passphrase update by logging into your home machine typing ssh home once more.

  6. First time you are usually asked to confirm the authenticity of host, it is fine to confirm with yes.

  7. With a tiny bit of luck, you should now be logged into your lab!

Expected result

By completion your should see a terminal window that looks similar to the text below. You may differentiate between your entry and home machine by looking at the machine name at the bottom. This one should say -home:

Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-98-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

66 packages can be updated.
0 updates are security updates.

Welcome to YOUR-LABNAME.

For the record, if you should not be here - please
leave and report the incident to cloud.support+hunt-cloud-contact-form@hunt.ntnu.no.

Last login: Sun Dec  3 12:29:28 2017 from 10.10.10.10
your-username@your-labname-`home`:~$

# 3.5 Final steps

Do not skip this step

We hope that you will log into your lab a lot over the coming months and years. To avoid unnecessary frustration, you need to finalize your installation through these final steps.

Windows

  1. HUNT Workbench for smooth access to Jupyter Notebooks, Python, RStudio, R, or MATLAB.

  2. Configure MobaXterm for "password-less" SSH access directly to your home machine, as well as click-based file transfers between your local computer and your home machine.

OS X, MacOS and Ubuntu Linux

When completed, the steps below should allow you to log "password-less" directly into your home machine by typing:

ssh your-lab-name

# 3.5.1 Establish a SSH alias

This will allow you to log directly into your lab without the need to remember your user name or your lab's IP address:

  1. On your local computer, open the ssh-config.txt file from Step 1.2.

  2. On your local computer, add the content from the ssh-config.txt to the file named config in the hidden ssh-folder in your home directory (~/.ssh/config) using your favorite file editor. You may need to generate this file if it is your first ssh-configuration.

# -- Open editor in OS X and macOS
open -Wne ~/.ssh/config

# -- Open editor in Linux Ubuntu
gedit ~/.ssh/config
  1. Test your new setup by typing ssh <your-lab-name>-entry in your terminal. For example:
ssh demolab-entry

You should now be prompted your passphrase. After typing your passphrase you should be logged into your entry-machine. Exit your entry machine and return to your local computer by typing exit.

# 3.5.2 Establish a password-less login

This will allow you to log directly into your lab without the need to remember your passphrase.

If you already have a RSA certificate on your local computer that you would like to use, start from step 3.

  1. On your local computer, open a terminal.
  2. Generate a new RSA certificate:
# -- On your local computer
ssh-keygen -t rsa -b 4096

Hit enter three times. When this finishes:

  1. Add your new certificate to your entry machine:
# -- On your local computer
ssh-copy-id <your-lab-name>-entry

Enter your passphrase when prompted for a password.

  1. Add your certificate to the ssh-agent.
ssh-add

If you don't have a running ssh-agent you may see an error message. In such a case, first enter eval "$(ssh-agent -s)" and next enter ssh-add.

# 3.5.3 Expected result

You should now be able to directly connect your home machine with this command:

ssh <your-lab-name>

for example,

ssh demolab

Voilà!

# 3.5.4 One more ting

HUNT Workbench

Setup HUNT Workbench for smooth access to modern data science tools such as Jupyter Notebooks, Python, RStudio, R, or MATLAB.

TIP

Time for coffee!

# Immediate troubleshooting

# Authentication token manipulation error

If you are getting Authentication token manipulation error make sure you follow advises from Step 3.2 when creating your new passphrase and following steps on changing the passphrase for both entry and home machine.

# Unable to connect with Putty

Ensure that you did download putty.exe from the link above. We have experienced issues with preinstalled versions that connects from for us unknown locations.

Last Updated: 4/25/2024