ssh (Secure SHell) usage
Why use ssh
The Secure Shell (SSH) networking protocol should always be used for communications between Maths systems and external networks. SSH software encrypts traffic to prevent sensitive information, especially passwords, from being read by others, and can also ensure that the computer you are connecting to is not an imposter waiting to steal your login password or other confidential information.
Like all modern Linux machines, the Maths computers do not support incoming telnet, rlogin or rsh connections, because these protocols are insecure and someone snooping traffic on a remote system may discover your password and then use your Maths account to cause mayhem. For the same reason you should never set a login password on a remote computer to be the same as your Maths password in case it gets discovered in a breach of security on the remote system.
ssh usage and options
From any Linux machine or Macintosh, Maths users should type the following to connect from outside:
ssh -X CRSid@ssh.maths.cam.ac.uk
- The -X option means "enable X forwarding" so that you can run graphical applications on the CMS machine.
- CRSid should be replaced by your login name.
- ssh.maths.cam.ac.uk can be replaced by the name of any computer to which you have login access.
- List of Maths Linux and Windows computers
- Cosmos users should look at the cosmos quick start page for further information.
Similarly, to connect from a Maths machine to a remote site:
ssh -X remote-login-name@remote.host.name
Within Maths you can use a shorter command
ssh machine-name
(The -X option is enabled by default here, the login name can be omitted if it is the same at both ends, and the system can work out the full name of a local machine from just its "leafname".)
We recommend that Windows users connect with PuTTY for text-based connections or Hotdesk for graphical connections.
Users of other ssh clients are mostly on their own, however these tips may help.
- If asked which port to use choose 22.
- If asked whether to use ssh-1 or ssh-2 choose ssh-2.