[Sciserver-users] ssh access to sciserver

[Johannes Buchner]

Hi all,

I managed to get quite productive on sciserver by setting it up so that 
I can ssh from my laptop, also from outside MPE. This is based on the 
getting started info, but goes a little further, so I am sharing it here 
in case it is useful.

ssh tunnel  localhost <-> login1 <-> sciserver

1. create compute container, and open a terminal there
   - create the file "~/.ssh/authorized_keys" with your laptop's ssh 
public keys
   - limit the permissions (required!)
     - chmod 600 ~/.ssh/authorized_keys
   - open a reverse tunnel to login1
     - ssh -R PORTNUMBERHERE:localhost:22 jbuchner at login1.mpe.mpg.de -N
     - replace PORTNUMBERHERE with a port number between 10000 and 60000
     - this waits at login1 for connections to PORTNUMBERHERE which are 
forwarded to the sciserver ssh
   - the command should not show anything and keep running

2. on your laptop, create a forward ssh tunnel to login1
   - ssh -L PORTNUMBERHERE:localhost:PORTNUMBERHERE 
jbuchner at login1.mpe.mpg.de -N
   - this forwards connections on localhost:PORTNUMBERHERE to login1.
   - the command should not show anything and keep running

3. you can now connect. The username on sciserver is idies
   - ssh -p PORTNUMBERHERE idies at localhost

Mounting ssh folders also works (sshfs, in gnome/nautilus enter 
sshfs://idies@localhost:PORTNUMBERHERE, etc)

Adding a entry in ~/.ssh/config allows skipping step 2:

Host myshortcutname
	Hostname localhost
	User idies
	Port PORTNUMBERHERE
	ProxyJump jbuchner at login1.mpe.mpg.de

Then "ssh myshortcutname" will get you there.

Cheers,
        Johannes

-- 
Dr. Johannes Buchner
Postdoctoral Researcher
Max Planck Institute for Extraterrestrial Physics
Garching, Germany
Fellow of the ORIGINS excellence cluster Data Science lab
http://astrost.at/istics/