uccwiki

SSH (standing for "Secure Shell") is a program used to remotely connect to servers. It can be used wherever there is an internet connection, and there are clients available for pretty much every device under the sun. This is one of the easiest ways to connect to UCC's servers.

Servers

There are several servers that you can connect to remotely from outside UCC. The main servers for this are:

Server

Port

Comments

ssh.ucc.asn.au

Any

Connects you to Motsugo

motsugo.ucc.asn.au

22

Motsugo is the main user server

mussel.ucc.asn.au

22

Mussel is the secondary user server

From these servers you can then access services on the internal UCC network (or by proxy jumping via one of these servers).

How to SSH

Windows

1. Download and install an SSH client:

2. Enter the details for a server into your client:

3. If prompted, agree to add UCC's server to known_hosts, assuming you trust us.

4. Enter your UCC username and password.

Linux/MacOS

1. Most Linux distributions come with a SSH client pre-packaged. Install a SSH client, such as OpenSSH, if your OS doesn't come packaged with one.

2. Type the following command into a terminal window:

3. If prompted, agree to add UCC's server to known_hosts, assuming you trust us.

4. Enter your UCC password.

Web

UCC has configured a web interface that allows remote login to several UCC machines (Windows, MacOS and Linux) without needing to install anything on your device. All that is required is a web browser (and internet connection). The login portal is located at https://login.ucc.asn.au/. For more details, check out HowToUCC/RemoteLogin.

Useful Tips

SSH Keys

It is best practice to set up and use an SSH keypair rather than relying on password authentication. An SSH keypair consists of a linked public and private key. The private key resides on your personal device and must be kept secret (and is usually encrypted with a password), while the public key is distributed to hosts that you want to connect to. When you wish to connect to such a host, you tell your SSH client to use the respective private key to connect and if your public key is authorized by the server, then it will allow you to connect.

Connecting to a server using an SSH keypair is more secure than using password authentication as it requires a potential attacker to have access to your private key, which only resides on your device (and is hopefully password encrypted on top of that!). In the context of UCC systems using an SSH key also has the added benefit of not triggering Fail2Ban upon repeated authentication failures.

Setting up an SSH keypair depends on the SSH client you are using, however for OpenSSH the procedure involves running the ssh-keygen command. Once you have set up a keypair, SSH to ssh.ucc.asn.au (using password authentication for now) and then copy the contents of your public key to the file ~/.ssh/authorized_keys. If this file does not exist, or if the .ssh folder does not exist, create them. Once you've copied your public key over, congratulations, you should be able to SSH to UCC using your key! Exit your existing SSH session and try. If you've set everything up correctly, then when you attempt to SSH you should be prompted for the password to your private key, rather than the password to your UCC account.

OpenSSH Config

If you are using OpenSSH as your SSH client, then you can additionally set up a user config file at ~/.ssh/config. This file allows you to change the default settings of SSH when connecting to particular hosts. In practice this means that you have to type less to SSH, e.g. ssh motsugo instead of ssh -i /path/to/keyfile [email protected]. The config file consists of Host blocks specifying directives to use when connecting to particular hosts. To achieve the example just given, your SSH config might look as follows:

Host motsugo
    User username
    Hostname motsugo.ucc.asn.au
    IdentityFile /path/to/keyfile

The man page for ssh_config(5) contains more information about specific directives that can be used.

uccwiki: HowToUCC/SSH (last edited 2024-01-02 03:26:36 by ConorBennett)