Difference between revisions of "Introduction to Linux in HPC/SSH Connections"

Latest revision as of 17:26, 4 December 2020

Tutorial
Title:	Introduction to Linux in HPC
Provider:	HPC.NRW
Contact:	tutorials@hpc.nrw
Type:	Multi-part video
Topic Area:	HPC Platforms
License:	CC-BY-SA
Syllabus
1. Background and History
2. The Command Line
3. Linux Directory Structure
4. Files
5. Text display and search
6. Users and permissions
7. Processes
8. The vim text editor
9. Shell scripting
10. Environment variables
11. System configuration
12. SSH Connections
13. SSH: Graphics and File Transfer
14. Various tips

This tutorial introduces SSH (Secure Shell) as a tool to connect to other Linux machines over a network. It is the most common way to connect to and interact with a cluster. A SSH server is expected to be running on the remote computer, while clients for Linux, Mac OS and Windows are available to establish the connection. This tutorials will teach you how to establish a connection and create a key for public key authentication, which is considered to be the most secure option.

Video

( Slides as pdf)

Quiz

What is the correct syntax to open a ssh connection?

Where is your ssh config stored on Linux?

What tools help you with creating and installing a ssh key-pair? (on Linux)

Does it cause a security problem to share an SSH public key with your friends?

Which authentication for SSH login is more secure?

When generating the SSH public/private key pair, is it secure to use empty passphrase?

Info:

Verify the fingerprint of remote host, before the first login.
User the SSH public key authentication for login.
Never use an empty passphrase for the SSH keys.
Use strong passphrase to generate the SSH keys.
Keep your private SSH key as top secret.
Create, configure and use different SSH keys for different remote hosts.
If no X11 application is required, disable X11 forwarding. Otherwise, only enable the untrusted X11 forwarding.

<< System configuration files

Overview

SSH: Graphics and File Transfer >>

@@ Line 1: / Line 1: @@
+[[Category:Tutorials|SSH Connections]]<nowiki />
+{{DISPLAYTITLE:SSH Connections}}<nowiki />
+{{Syllabus Introduction to Linux}}<nowiki />
 __TOC__
+This tutorial introduces SSH (Secure Shell) as a tool to connect to other Linux machines over a network.
+It is the most common way to connect to and interact with a cluster. A SSH server is expected to be running on the remote computer, while clients for Linux, Mac OS and Windows are available to establish the connection.
+This tutorials will teach you how to establish a connection and create a key for public key authentication, which is considered to be the most secure option.
 === Video === <!--T:5-->
-<youtube width="600" height="400" right>IfD9IPixgpo</youtube>
+<youtube width="600" height="340" right>j0mPVsgMOQk</youtube>
-[https://git-ce.rwth-aachen.de/hpc.nrw/ap2/tutorials/linux/-/blob/master/Slides/ssh/openssh.pdf SSH Einloggen]  Slides 3 - 40 (38 pages)
+([[Media:HPC.NRW_Introduction_to_Linux_in_HPC_12_SSH_Connections.pdf | Slides as pdf]])
+=== Quiz === <!--T:5-->
-=== Slide Layout === <!--T:5-->
+{{hidden begin
+|title = What is the correct syntax to open a ssh connection?
+}}
+<quiz display=simple>
+{
+|type="()"}
++  <code>ssh [options] <username>@<hostname></code>
+||
+-  <code>ssh <username>:<hostname> [options]</code>
+||
+-  <code>ssh [options] <username> <hostname></code>
+||
+</quiz>
+{{hidden end}}
+{{hidden begin
+|title = Where is your ssh config stored on Linux?
+}}
+<quiz display=simple>
+{
+|type="()"}
+-  <code>~/sshconfig</code>
+||
+-  <code>~/.config/ssh</code>
+||
++  <code>~/.ssh</code>
+|| Explanation: This folder contains the public and private keys for public key authentification. In <code>~/.ssh/config</code> you can define shortcuts for common ssh connections and set client configuration options.
+</quiz>
+{{hidden end}}
+{{hidden begin
+|title = What tools help you with creating and installing a ssh key-pair? (on Linux)
+}}
+<quiz display=simple>
+{
+|type="()"}
++  <code>ssh-keygen</code> to create the key files and <code>ssh-copy-id</code> to copy it to the remote machine
+||
+- <code>ssh --keygen</code> to create the key files and <code>ssh --copy-id</code> to copy it to the remote machine
+||
+</quiz>
+{{hidden end}}
-    page 2:
+{{hidden begin
-        HPC users use SSH to login
+|title = Does it cause a security problem to share an SSH public key with your friends?
-        What is SSH
+}}
-        What is OpenSSH
+<quiz display=simple>
-    page 3:
+{
-        Encryption: plaintext <--> ciphertext
+|type="()"}
-        Caesar cipher
+-  Yes
-        Alice, Bob and Charlie
+||
-    page 4:
++  No
-        Symmetric encryption: use the same key for both encryption and decryption
+|| Explanation: SSH public key authentication uses the asymmetric encryption. Therefore, it's completely safe to share your SSH public key. But you must keep your SSH private key as top secret.
-        Major problem: how to share the key without interception
+</quiz>
-    page 5:
+{{hidden end}}
-        Asymmetric encryption: use private/public key pair
-        Example: Alice <--> Bob
-    page 6:
-        Example: ? <--> Bob
-        Solution: digital signature
-    page 7:
-        What is digital signature
-        Example: Alice <--> Bob
-    page 8:
-        OpenSSH contains a suite of utilities
-        OpenSSH is also available on Windows
-        There are other SSH clients on Windows
-    page 9:
-        Overview of best practices for SSH login
-    page 10:
-        Overview of best practices for SSH login
+{{hidden begin
+|title = Which authentication for SSH login is more secure?
+}}
+<quiz display=simple>
+{
+|type="()"}
+-  password authentication
+||
++  public key authentication
+|| Explanation: The password based authentication may be exposed to the brute-force password attack. Please use the SSH public key authentication.
+</quiz>
+{{hidden end}}
-{{quiz_box|'''no quiz in this section'''}}
-{{Warning|mode=info|text= '''no tips in this section'''}}
+{{hidden begin
+|title = When generating the SSH public/private key pair, is it secure to use empty passphrase?
+}}
+<quiz display=simple>
+{
+|type="()"}
+-  Yes
+||
++  No
+|| Explanation: Please never ever use an empty passphrase for the SSH key pair. Use strong passphrase to generate the SSH key pair.
+</quiz>
+{{hidden end}}
-{{Warning|mode=warn|text= '''no warnings in this section'''}}
+{{Warning|mode=info|text='''Verify the fingerprint of remote host, before the first login.'''<br>'''User the SSH public key authentication for login.'''<br>'''Never use an empty passphrase for the SSH keys.'''<br>'''Use strong passphrase to generate the SSH keys.'''<br>'''Keep your private SSH key as top secret.'''<br>'''Create, configure and use different SSH keys for different remote hosts.'''<br>  '''If no X11 application is required, disable X11 forwarding. Otherwise, only enable the untrusted X11 forwarding.'''
+}}
-{{Note|'''Exercises in Terminal: no exercises in this section'''}}
+{{Tutorial Navigation
+| previous = [[Introduction_to_Linux_in_HPC/System_configuration_files  | System configuration files ]]
+| main = [[Introduction_to_Linux_in_HPC | Overview ]]
+| next = [[Introduction_to_Linux_in_HPC/SSH_Graphics_File_Transfer | SSH: Graphics and File Transfer]]
+}}

Difference between revisions of "Introduction to Linux in HPC/SSH Connections"

Latest revision as of 17:26, 4 December 2020

Contents

Video

Quiz

Navigation menu

Search

	`ssh [options] <username>@<hostname>`
	`ssh <username>:<hostname> [options]`
	`ssh [options] <username> <hostname>`

	`ssh-keygen` to create the key files and `ssh-copy-id` to copy it to the remote machine
	`ssh --keygen` to create the key files and `ssh --copy-id` to copy it to the remote machine

	`~/sshconfig`
	`~/.config/ssh`
	`~/.ssh`