Getting Setup for Remote Access– Linux

Overview

This guide is designed to get your Linux machine setup so that you can do your coursework from either on-campus or off-campus on the Rhodes CS computing environment. You will need to configure your local machine so that it can be used to login to the remote CS server. Once you get logged in, you will need to learn some basic tools and set things up so that you can checkout programming assignments and submit them with Git.

This guide assumes that you have enough of a working knowledge of Linux to install and setup your computer with a Linux distribution and are generally familiar with basic administration tasks such as installing software packages.

Initial Login

Startup your terminal program. You should get some sort of prompt that may contain your laptop’s hostname, the name of the shell (bash or zsh). Usually they will end in a $ character. Since shell prompts differ, we’ll just use the $ to mean “the prompt”. If you see a command like:

$ echo "hello, world"

You shouldn’t type the $, this is just making it clear that you type in the echo command at the prompt.

To access the CS server, we will need to use the SSH (Secure Shell) command to connect from your local computer to the CS server (cslogin). Due to security restrictions, you will need to be on campus to access the cslogin server until you have setup encryption keys (see below). SSH will not work from off-campus the first time you login.

From your terminal window at the prompt , type the following (not including the $ and replacing the “userid” with your username) to log in!

$ ssh userid@cslogin.arc.rhodes.edu

Your userid should be the username in your Rhodes email. For example, if your Rhodes ID is doej-21@rhodes.edu, in the terminal you would type:

$ ssh doej-21@cslogin.arc.rhodes.edu

You will prompted for your password, which will be your regular Rhodes One Login password. Now would be a great time to learn some Basic Command-Line Skills and Tools

Setting Up SSH Keys

The SSH program is used for more than remote access to a Linux server. It is used in a variety of forms anywhere an application wants to do secure, authenticated, and encrypted communication. Mostly, we use passwords as a mechanism for you to guarantee that you are who you say you are. There are some problems with passwords:

  • you have to remember them

  • you have to type them in all the time

  • if anyone else gets your password, they can masquerade as you

  • if you re-use your password, this makes it all worse

To fix these problems, SSH supports encryption keys. To get started, you create a new pair of keys: a public key and a private key. Any message encrpyted (written) with one key can only be decrypted (read) with the other key. The private key is protected by a passphrase (i.e. a password), but anyone can use your public key. In general, the public key is just that: public. If anyone on the Internet uses your public key to encrypt something, it can only be read with the private key (which is you). Likewise, if you encrypt something with your private key, then anyone on the Internet can read it, but they will know for a fact that you sent it (because only you can use your private key).

Creating SSH Keys On Your Linux System

FIrst off, start by creating an SSH keypair:

$ ssh-keygen -t rsa -b 4096

This will prompt you to make a passphrase. This is similar to a password, but should be longer and stronger. Make it something you won’t forget, but don’t worry – you won’t be typing it all the time like a normal password.

Next, copy the public key to the cslogin machine. If it gets a login request that was encrypted with your private key then it will know that it’s really you and let you login:

$ ssh-copy-id userid@cslogin.arc.rhodes.edu (as before, substitute userid with your Rhodes ID)

SSH Agent

You might be wondering about the passphrase – won’t we have to type that in at every login? Yes? Maybe? On most Linux machines, the OS starts up a special program called an SSH agent when you boot the machine. The basic idea is that you authenticate yourself to the SSH agent once, then it unlocks your private key whenever you need it. This means that you only have to type in your passphrase whenever you reboot your machine.

To authenticate yourself to the SSH agent, you need to add your keys to the agent on your computer:

$ ssh-add

Type in your passphrase and you’re all set.

If you see the error Could not open a connection to your authentication agent you may need to enter the command $ eval `ssh-agent` and then retry $ ssh-add

Making SSH Easier

Create an SSH config file in ~/.ssh/config that contains the following text:

Host cslogin User user-25 HostName cslogin.arc.rhodes.edu ForwardAgent yes

 You need to change the username to your Rhodes username, but then you should be able to connect like this:

$ ssh cslogin

and access the system without being prompted for a password.

SCP

Wiith ~/.ssh/config set up you can also copy files between your local computer and the remote server using scp:

$ scp cslogin:~/file.txt file.txt copies from cslogin to local

$ scp file.txt cslogin:~/file.txt copies from local to cslogin

Now, at this point you should be all done with the required configuration on your local host. You will still need to setup more SSH keys on cslogin so that you can securely exchange files with Github: Configuring and Using Git

Congrats! You have completed the basic SSH configuration for your computer.