Getting Setup for Remote Access – Mac
Overview
This guide is designed to get your Mac setup so that you can do your coursework from either on-campus or off-campus on the Rhodes CS computing environment. You will need to configure your local machine so that it can be used to login to the remote CS server. Next, once you get logged in, you will need to learn some basic tools and set things up so that you can checkout programming assignments and submit them with Git.
Useful Software
Install iTerm2
First off, you should download a modern terminal program to use the command-line shell. You will need to run things on the command-line both on your local machine and the CS machines at Rhodes. Start off by downloading and installing iTerm2: Downloads - iTerm2 - macOS Terminal Replacement
MacOS X does have a Terminal.app program in /Applications/Utilities
, however it is very rudimentary and may have display issues with modern editors (e.g. Neovim). It should work well enough if you are averse to installing software.
Install Homebrew (optional)
Homebrew is a package manager that allows you to install a wide range of common command-line tools on your Mac. You don’t need to do this, but some of the tasks listed below to make life easier will rely on installing software via Homebrew. To install Homebrew, just follow the instructions at Installing Homebrew
But basically, you just need to open up your shiny new terminal app (iTerm) and type the following into the window:
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
Initial Login
Startup your terminal program. You should get some sort of prompt that may contain your laptop’s hostname, the name of the shell (bash
or zsh
). Usually they will end in a $
character. Since shell prompts differ, we’ll just use the $
to mean “the prompt”. If you see a command like:
$ echo "hello, world"
You shouldn’t type the $
, this is just making it clear that you type in the echo command at the prompt.
To access the CS server, we will need to use the SSH (Secure Shell) command to connect from your local computer to the CS server (cslogin
). Due to security restrictions, you will need to be on campus to access the cslogin server until you have setup encryption keys (see below). SSH will not work from off-campus the first time you login.
Our friends developing the iTerm program have added a new “feature” which makes it difficult to type in your password with newer versions. Under the iTerm2 menu, make sure to un-check the “Secure Keyboard Entry” option.
From your terminal window at the prompt , type the following (not including the $ and replacing the “userid” with your username) to log in!
$ ssh userid@cslogin.arc.rhodes.edu
Your userid should be the username in your Rhodes email. For example, if your Rhodes ID is doej-21@rhodes.edu, in the terminal you would type:
$ ssh doej-21@cslogin.arc.rhodes.edu
You will prompted for your password, which will be your regular Rhodes One Login password. Now would be a great time to learn some Basic Command-Line Skills and Tools
Passwords are not typically printed on the screen when you type them. It’s normal not to see the letters you are typing (you may see a little key icon). Just type in your password normally and press enter.
Setting Up SSH Keys
The SSH program is used for more than remote access to a Linux server. It is used in a variety of forms anywhere an application wants to do secure, authenticated, and encrypted communication. Mostly, we use passwords as a mechanism for you to guarantee that you are who you say you are. There are some problems with passwords:
you have to remember them
you have to type them in all the time
if anyone else gets your password, they can masquerade as you
if you re-use your password, this makes it all worse
To fix these problems, SSH supports encryption keys. To get started, you create a new pair of keys: a public key and a private key. Any message encrpyted (written) with one key can only be decrypted (read) with the other key. The private key is protected by a passphrase (i.e. a password), but anyone can use your public key. In general, the public key is just that: public. If anyone on the Internet uses your public key to encrypt something, it can only be read with the private key (which is you). Likewise, if you encrypt something with your private key, then anyone on the Internet can read it, but they will know for a fact that you sent it (because only you can use your private key).
Creating SSH Keys On Your Mac
FIrst off, start by creating an SSH keypair:
$ ssh-keygen -t rsa -b 4096
This will prompt you to make a passphrase. This is similar to a password, but should be longer and stronger. Make it something you won’t forget, but don’t worry – you won’t be typing it all the time like a normal password.
Next, copy the public key to the cslogin
machine. If it gets a login request that was encrypted with your private key then it will know that it’s really you and let you login:
$ ssh-copy-id userid@cslogin.arc.rhodes.edu
(as before, substitute userid with your Rhodes ID)
SSH Agent
You might be wondering about the passphrase – won’t we have to type that in at every login? Yes? Maybe? On MacOS (and most Linux machines too), the OS starts up a special program called an SSH agent when you boot the machine. The basic idea is that you authenticate yourself to the SSH agent once, then it unlocks your private key whenever you need it. This means that you only have to type in your passphrase whenever you reboot your machine.
To authenticate yourself to the SSH agent, you need to add your keys to the agent on your Mac:
$ ssh-add
Type in your passphrase and you’re all set.
Making SSH Easier
Create an SSH config file in ~/.ssh/config
that contains the following text:
Host cslogin
User user-25
HostName cslogin.arc.rhodes.edu
ForwardAgent yes
You need to change the username to your Rhodes username, but then you should be able to connect like this:
$ ssh cslogin
and access the system without being prompted for a password and/or copy files using scp
back and forth:
$ scp cslogin:~/file.txt file.txt
copies from cslogin to local
$ scp file.txt cslogin:~/file.txt
copies from local to cslogin
Now, at this point you should be all done with the required configuration on your local host. You will still need to setup more SSH keys on cslogin
so that you can securely exchange files with Github.
Congrats! You have completed the basic SSH configuration for your computer.
Refinements (Optional)
Making Things Look Pretty
Both cslogin
and your local machine can support more modern tools that require just a little finesse in order for them to work properly with your system.
Fixing Font Issues
Some of the command-line tools generate symbols that aren’t defined in the built-in system fonts on the Mac. We can fix this by simply installing a new font, then selecting it in iTerm2. If you haven’t already, install Homebrew (see above). Next we need to install a “Nerd Font”, which has all of these display characters defined. If you don’t do this, you may see small boxes with question marks in some places.
$ brew install homebrew/cask-fonts/font-droid-sans-mono-nerd-font
and flush the font cache:
$ fc-cache -f -v
Terminal Font and Colorscheme
let’s get your terminal looking the way you want. Hop on over to https://iterm2colorschemes.com and take a look through the themes. Follow the instructions to install.
Next, in iTerm2, we need to head up to the iTerm2 menu and select Settings… and select the Profiles icon. You should see a window like this:
Next select the Colors tab. Once you get there, you should be able to select your theme under the Color Presets… menu as shown below:
Lastly, head over to the Text tab and select your new font and check the box for using built-in Powerline glyphs. It should look something like this:
Local Tools
With Homebrew installed, you can mirror many of the tools on cslogin
locally. You can search the repository for packages of interest:
$ brew search htop
Install:
$ brew install htop
Spruce Up Your Shell
Since ZSH is the default shell on MacOS, it’s easy to get a big improvement in behavior (i.e. themes, plugins, better searching and pattern matching) by installing Oh My ZSH. Head over to Oh My ZSH and click the install link.
Here you can find a list of ZSH themes. Edit your ~/.zshrc
and change the ZSH_THEME=
line to pick the theme you want:
ZSH_THEME="agnoster"
Much more documentation and configuration is possible. This is just a start.