Remote Access to Environment Linux Systems via SSH


Information on how to access Faculty of Environment Linux systems remotely using SSH

Please note that see-gw-01 has now been decommissioned and remote-access should be used in its place (KB0014674). Please also note that foe-linux is now only available via remote-access (KB0014674).

 

SSH is a protocol for securely accessing one computer from another. SSH allows you to run command line and graphical programs, and also to transfer files.

SSH Access - within the Faculty of Environment

Many of the Linux systems within the Faculty are accessible via a SSH connection. Most commonly, SSH connections are used to connect to powerful processing machines, for running large jobs, or to access Linux software from a different operating system.

Many research groups have their own processing machines, and there are also the powerful foe-linux systems, which are available for use by all.

From Linux:

If you are connecting between Linux systems within the Faculty, opening up a shell on the remote system should be as simple as:

ssh computername

For example, to connect to the general use Linux systems:

ssh foe-linux

Depending on the machine you are connecting from, this may or may not prompt for your password (it may be possible to authenticate with the credentials from your current session), and then log you in:

{linux-desktop-001:earabc}% ssh foe-linux
Last login: Fri Aug 14 16:18:48 2015 from linux-desktop-001.leeds.ac.uk
{foe-linux-04:earabc}%

This will allow for text commands to be run. To also forward any graphical output from the remote system, you can add a -Y (make sure it is a capital Y):

ssh -Y foe-linux

You can test that graphical forwarding is working correctly by running:

xlogo

Which should be available on most systems, and simply displays the X.Org logo. If this is successful, then graphical forwarding is working:

Linux Xlogo

If your username on the remote system is different from the local system, this can be specified in the ssh command, either with username@host:

ssh -Y earabc@foe-linux.leeds.ac.uk

or with the -l option:

ssh -Y -l earabc foe-linux.leeds.ac.uk

From Windows

Faculty Windows systems (as well as Windows systems in the rest of the University) should have the PuTTY and Xming software installed.

PuTTY provides a SSH client, and can be used alone for text only connections, while Xming provides a X Server which allows Windows to display graphical output.

Text only connection:

Making a text only connection from PuTTY (other SSH clients for Windows are available...) is quite simple - Open the PuTTY software, and in the 'Host Name' box, type the name of the host to which you wish to connect, and make sure 'SSH' is selected as the connection type:

PuTTY configuration window

Then, to start the connection, click on 'Open'.

The first time that you connect to a system, you will receive a notification to confirm that you wish to accept the server's host key:

Connecting from PuTTY - security alert to confirm accepting the server's host key

You will then be presented with a login prompt, enter your username, and password (note, nothing is displayed on screen when a password is being entered):

PuTTY login prompt

The default colour scheme in PuTTY is white text on a black background. If you find this difficult to read, you can change the colours in the PuTTY settings, before connecting - these can be found under 'Window' > 'Colours', and selecting 'Use system Colours':

PuTTY configuration window highlighting location of 'Use system colours' option

This will use black text on a white background, and might be a bit more friendly on the eyes:

PuTTY window using system colours

Connection with graphical output

In order to display any graphical output from a session, the Xming X Server (again, there are other X Servers available for Windows...) can be used.

If a default installation has been performed, Xming can be launched from 'Programs' > 'Xming' > 'Xming'.

An 'X' icon will appear in the system tray (bottom right of the screen) when the software is running.

Xming Tray Icon

The X server runs in the background and handles graphical output when required.

In order for graphical output from the server to be displayed, an extra option has to be enabled within PuTTY. In the sidebar, navigate to 'Connection' > 'SSH' > 'X11', and make sure the box 'Enable X11 forwarding' is ticked in:

PuTTY configuration window highlighting location of 'Enable X11 forwarding' option

Then, a connection can be made as before, but it should now be possible to display graphical output, for example, the xlogo command:

PuTTY window displaying graphical output

Connect using Windows credentials:

When using the PuTTY software, it is possible to make a SSH connection, using the credentials from your Windows session, i.e. you will not be prompted for your password.

Within the PuTTY software, the following settings need to be configured, for things to work correctly:

Connection > Data : Set When username is not specified to the value Use system username :

PuTTY configuration window highlighting username options

Connection > SSH > Auth : Tick the Allow agent forwarding option :

PuTTY configuration window highlighting the 'Allow agent forwarding' option

Connection > SSH > Auth > GSSAPI : Ensure that both Allow GSSAPI ... options are ticked in :

PuTTY configuration window highlighting the GSSAPI options

Once these settings have all been configured (it may be worth saving these options, if you wish to use them regularly), it should then be possible to connect to the Linux systems without entering your password.

Additional notes on using PuTTY and Xming

The PuTTY software can be downloaded from here.

Xming is available for download from SourceForge.

The Windows installer can be found under Xming > version number > Xming-version-setup.exe.

If you experience problems where fonts are not being displayed correctly, it is worth installing the additional Xming fonts package, which is also available from the SourceForge page.

Connecting with MobaXterm

An alternative SSH client for windows is MobaXterm, which is available for download from the MobaXterm site.

MobaXterm includes both a SSH client and a X server, as well as various other useful tools for connecting to remote systems (VNC client, file transfer client ...).

When the MobaXterm is launched, it provides a Linux like terminal session, from which the ssh command can be run directly (e.g. ssh foe-linux). If the username on the remote system is different from the Windows username, this can be specified in the ssh command, either with username@host:

ssh -Y earabc@foe-linux.leeds.ac.uk

or with the -l option:

ssh -Y -l earabc foe-linux.leeds.ac.uk

Connecting with MobaXterm

Once connected, a file transfer pane is opened by default on the left hand side of the screen.

If there are any issues with displaying fonts, additional fonts for MobaXterm can be downloaded with the X11 Fonts plugin.

Once downloaded, this file needs to be placed in the same directory as the MobaXterm executable.

SSH Access - On campus (outside of the Faculty)

If you need to connect in to the Faculty Linux systems from elsewhere on campus (NOT including the Eduroam wireless network), there are SSH 'gateway' servers available (other systems are not directly accessible from outside of the Faculty):

ServerDescription
foe-linux.leeds.ac.ukGeneral use Linux systems - Taught Student, Research Postgraduate and Staff use.
see-gw-01.leeds.ac.ukResearch Postgraduate and Staff use only.

Once logged in to one of the gateway systems, it possible to SSH on to other machines as required. If you wish to maintain forwarding of graphical output, remember to add a -Y (capital!) when connecting on to other machines.

SSH Access - Eduroam wireless

When using the Eduroam wireless service on campus, the following SSH gateway systems are available to Faculty Linux users:

ServerDescription
feeble.leeds.ac.ukTaught Student, Research Postgraduate and Staff use.
see-gw-01.leeds.ac.ukResearch Postgraduate and Staff use only.

The host name feeble.leeds.ac.uk is an alias for the system foe-linux-01.leeds.ac.uk.

SSH Access - Off campus

Access via the University VPN

All Faculty users can access the Linux systems from off campus by first connecting to the University VPN.

Once connected to the VPN it is possible to connect via SSH to:

ServerDescription
foe-linux.leeds.ac.ukGeneral use Linux systems - Taught Student, Research Postgraduate and Staff use.
see-gw-01.leeds.ac.ukResearch Postgraduate and Staff use only.

Access without VPN

If you have a requirement for SSH access without first connecting to the University VPN (for example you may need to scp files from a remote HPC system), you will need to register for SSH access by logging a request from the Request Catalogue. Please add a note asking for the request to be assigned to the 'Client Linux Team'.

You may be asked to change your password, if it has not been changed for a long time.

Once direct SSH access has been granted, you will be able to connect to:

ServerDescription
feeble.leeds.ac.ukTaught Student, Research Postgraduate and Staff use.
see-gw-01.leeds.ac.ukResearch Postgraduate and Staff use only.