FAQ

SSH


Basics

How do I connect to the school computers from home (or another lab) or transfer files?

If you are using your own computer, it must be configured so it can connect to the network. Refer to the ITU Support Center's Online Help section for 'Internet' or their Document section for the Student IT Guide.

You can connect from one computer to another by using the command line for text entry or by a graphical interface. The first examples are a command-line example from a linux PC, and it is followed by how to connect using SSH Secure Shell for Windows. Then we give examples of file transfer with scp (secure copy) in linux/unix and with the drag-and-drop scp feature in SSH Secure Shell for Windows. Finally, we look at some advanced and convenient features. Essentially, ssh/scp opens a secure channel from the computer where you started the ssh/scp command to another computer, and it encrypts the data that passes between them. (The arrows in this diagram show the from-computer-to-computer connections in the example. Data goes in both directions.


Command-line ssh in Unix/Linux

Here's a command-line example connecting from linux on a home PC to my account on mason.gmu.edu in the Mason cluster and then from there to my account on the VSE cluster. (The username is astudent for the example, and specified as username@hostname in the ssh command because my knoppix linux username is different than my mason cluster username--it is not an e-mail address.)

 knoppix@1[knoppix]$ ssh astudent@mason.gmu.edu
|-----------------------------------------------------------------|
| This system is for the use of authorized users only.            |
| Individuals using this computer system without authority, or in |
| excess of their authority, are subject to having all of their   |
| activities on this system monitored and recorded by system      |
| personnel.                                                      |
|                                                                 |
| In the course of monitoring individuals improperly using this   |
| system, or in the course of system maintenance, the activities  |
| of authorized users may also be monitored.                      |
|                                                                 |
| Anyone using this system expressly consents to such monitoring  |
| and is advised that if such monitoring reveals possible         |
| evidence of criminal activity, system personnel may provide the |
| evidence of such monitoring to law enforcement officials.       |
|-----------------------------------------------------------------|
 Password:  (the password does not display as it is typed)
|-----------------------------------------------------------------|
| This system is for the use of authorized users only.            |
| Individuals using this computer system without authority, or in |
| excess of their authority, are subject to having all of their   |
| activities on this system monitored and recorded by system      |
| personnel.                                                      |
|                                                                 |
| In the course of monitoring individuals improperly using this   |
| system, or in the course of system maintenance, the activities  |
| of authorized users may also be monitored.                      |
|                                                                 |
| Anyone using this system expressly consents to such monitoring  |
| and is advised that if such monitoring reveals possible         |
| evidence of criminal activity, system personnel may provide the |
| evidence of such monitoring to law enforcement officials.       |
|-----------------------------------------------------------------|

2/9/2014: Command /usr/bin/cputrack has been disabled due to a system issue. 

mason> ssh zeus.vse.gmu.edu
VOLGENAU SCHOOL LABORATORIES.
For account information see:
http://labs.vse.gmu.edu/reference/faq_iteaccount.htm#account
*********************** IMPORTANT NOTICE *************************
Zeus uses the campus kerberos database which currently expires passwords
more frequently that the other campus systems.

If you cannot login, go to password.gmu.edu and reset your 
password wait 10 minutes then try again.
astudent@zeus.vse.gmu.edu's password: (the password does not display as it is typed)
Last login: Mon Feb 10 12:37:11 2014 from mason.gmu.edu
MOTD:

  The system Thor.vse.gmu.edu is available for those requiring a 
  64 bit environment.  To prevent excessive system load on zeus 
  please run long-running and computationally intensive jobs on Thor.


Use the command 'module avail' to list available modules.
Use the command 'module add <module_name>' to use module <module_name>.
Currently Loaded Modulefiles:
  1) dot                       3) java/1.7.0                5) mysql                     7) matlab/classroom/R2012a
  2) cplex/12.5.1.0            4) python/2.7.2              6) oracle                    8) default-environment 
 astudent@zeus:~$ exit
 mason> logout
 Connection to mason.gmu.edu closed.
 knoppix@1[knoppix]$

GUI SSH for Windows (text-based) command session

Most VSE Windows users will want to set up the VSE VPN software with SSH for Windows. We have a walkthrough that combines installation instructions for both pieces of software, but the VPN is not needed (nor used) for PCs that are physically connected to the VSE network as in VSE classrooms and labs, and it is not needed for simple text-base command-line work--you can use SSH for Windows to connect to mason and then to zeus like the above linux example.

Download the SSH for Windows from GMU ITU Support

Here are the SSH Installation and login test parts of the walkthrough.

To connect to mason.gmu.edu with the SSH Client for Microsoft Windows, start SSH and press the space bar (or from the menu bar choose File, Connect).

 Host Name: osf1.gmu.edu
 Username: <your mason cluster username>

Leave the rest as defaults, e.g. Port 22, <Profile Settings>, and click Connect (or press Enter). See the message from the server:

 UNAUTHORIZED ACCESS PROHIBITED

and click OK.

Password: <enter your mason cluster password>

The server will limit the amount of time for entering the password, so if you see the Disconnected: Server responded with "Connection closed" message, try again.

Once you are connected to the Mason cluster, e.g. osf1.gmu.edu or mason.gmu.edu, you can use the unix ssh command to connect to zeus.vse.gmu.edu as described above.

If you are in the VSE Labs you can connect directly from MS Windows on the lab PC to your VSE unix account on zeus.vse.gmu.edu.


File transfer/copy

The scp (secure copy) command allows you to transfer copies of files through a secure channel like ssh. You initiate the connections according to the arrows in the diagrams, but you can perform both put and get operations through the channels. With the command line you can specify wildcard characters '?' and '*' to transfer several files at a time. With the GUI version (in Windows SSH) you can click-select (Ctrl-click or Shift-click) several files to transfer at one time.

When you transfer files, it may be in either direction:

  • put a copy of a local file (from the local machine) onto the remote machine, or
  • get a copy of a remote file to store onto the local machine.

In this case, the term 'local' does not necessarily mean that the local computer is the one where you are sitting right now because you could have connected from one machine to another to another: here 'local' means the computer from where you had started the file transfer command or program, and the 'remote' computer is the one at the other end of that connection.

Transferring a file will overwrite any already-existing file of the same name in the target directory, whether the transferred copy is a newer or older version; so, be sure of which direction the transfer is going and which file you want to keep and which you want to overwrite.


File transfer: Unix/Linux scp

When you log on one of the VSE unix or Linux computers, your VSE home directory is mounted on that machine until you log off. This means that you can access your files directly when you are in the lab using the the unix computers, or when using SSH from the labs. Since you can ssh to get to Zeus from home, you can move files around to where you need them, using your mason cluster account as an intermediate point.

The advanced section includes information for accessing the VSE Virtual private network (VPN) so that you can connect directly from a home/work/other computer to access resources on the VSE cluster.

After using ssh to log on your VSE unix account, you may transfer files to/from your mason/mason cluster account using secure copy commands, which open a second, temporary channel. The secure copy command is:

scp -p [source computer:][path]filename [target computer:]path

For example, to transfer a file called myfile.ext from the VSE cluster (current directory) to your Mason cluster home directory, enter:

scp -p myfile.ext mason: .

The dot is necessary to specify the path to your home(current) directory on the other cluster.

To transfer a file in the other direction:

scp -p mason:myfile.ext .

This time, the dot represents the current directory on the host where the command is initiated, so the file is transferred from the (source) Mason cluster to the (target) VSE cluster.

You may use the standard unix wildcard characters '*' and '?' in the filenames to transfer multiple files named according to a pattern. The command

scp -p mason:myfile.* .

will transfer files myfile.class, myfile.doc, myfile02.txt, myfile.jav, and all other files with name myfile and any extension. Here is an example of an actual file transfer:

 (on the mason cluster in the myfiles subdirectory of the home directory)
 mason.gmu.edu> ls
 myfile        myfile.class  myfile.java   myfile.txt

 (at the zeus.vse.gmu.edu prompt)
 astudent@zeus:~$ scp -p mason:temp/myfiles/myfile.txt .  
 (Since scp was started from Zeus, Zeus is the local machine.)

 UNAUTHORIZED ACCESS PROHIBITED


 astudent@mason's password: 
 scp: warning: temp/myfiles/myfile.txt: No such file or directory.

 atsudent@zeus:~$ scp -p mason:myfiles/myfile.* .

 UNAUTHORIZED ACCESS PROHIBITED

 astudent@mason's password: 
 astudent@mason's password: 
 myfile.class         |    24B |   0.0 kB/s | TOC: 00:00:01 | 100%
 myfile.java          |    23B |   0.0 kB/s | TOC: 00:00:01 | 100%
 myfile.txt           |    21B |   0.0 kB/s | TOC: 00:00:01 | 100%
 astudent@zeus:~$

Note that this did not transfer the file that had no dot in its name. Going the other way:

 atudent@zeus:~$ scp -p myfile.* mason:myfiles

 UNAUTHORIZED ACCESS PROHIBITED

 astudent@mason's password: 
 myfile.class         |    24B |   0.0 kB/s | TOC: 00:00:01 | 100%
 myfile.java          |    23B |   0.0 kB/s | TOC: 00:00:01 | 100%
 myfile.txt           |    21B |   0.0 kB/s | TOC: 00:00:01 | 100%

File transfer: Windows

SSH for Windows provides a secure login terminal and a drag-and-drop secure file transfer interface (and other useful features). Start the file transfer window (shown here in front) from the yellow and blue SSH icon (found in the terminal window's toolbar as well as the Start, Programs,... menu.

The panel on the left represents the local computer and the right-side panel shows files on the remote machine. File transfer is as simple as drag-and-drop from one side to the other or between any MS Windows file explorer (or desktop) and the right-side panel. You can also right-click the remote files to rename or delete them.

You can use your Mason account as a drop-off point to move files between your home computer and your Mason account and then between your Mason account and your VSE unix account. Use the unix scp command for the Mason-VSE transfers, or see the following Advanced section) on how to make it even easier.


Advanced--convenience

Technology is meant to extend one's abilities, and a good example is file transfer: one way is to use Mason as a temporary drop-off point, but it is much easier to connect to the VSE network and cluster through the VSE virtual private network (VPN).

The VSE Labs Linux/Unix cluster is on a protected network. To access that network from home or outside the VSE Labs rooms requires secure connections--we recommend using SSH Secure Shell and the VPN. (SSH with tunneling works still, and in a similar way, but using the VPN is more straightforward.)


VSE Virtual Private Network Gateway(VPN)

If you are using a computer in the VSE Labs or classrooms, or one that is physically attached to the VSE network, you can connect directly to other machines networked in the VSE cluster.

If you set up a remote computer or your computer at home with OpenVPN software, then you can also connect directly to other resources in the VSE cluster. Windows users can follow this detailed walkthrough to get, install and use the software. The VPN software and instructions are available for Linux, Mac and Windows in the VSE Access Manager pages. Be sure to read the webpage certificate security info.

The software establishes a secure channel, so you can log in directly with SSH to the VSE cluster computers and connect to them directly with other applications, e.g. like web-browsers or a database connector.

Note Faculty and Staff should not use the OpenVPN gateway. Campus IT Services have a VPN gateway designed to Faculty and Staff to use. Information about access is available here: http://itservices.gmu.edu/services/view-service.cfm?customel_dataPageID_4609=6169


X Window graphics on MS Windows--Cygwin/x

Unix and Linux typically have Xwindow as their built-in GUI, and the ssh command has an option for using Xclients, e.g. ssh -Y username@hostname. There are Xserver implementations available for Windows. We used to recommend CygwinX, however the installation is lengthy and somewhat tedious, a new alternative is Xming which cab be obtained here.

SSH can be configured to tunnel X11 connections, so it simplifies getting a graphical display from a unix system to your Windows PC. First install the SSH client for Windows and your X server software. Then, start SSH Secure Shell and choose Edit, Settings. In the left pane, find and highlight Profile Settings, Tunneling. In the right pane, in the area at the bottom make sure the box is checked for Tunnel X11 connections. Click OK, File, Save Settings and exit all SSH windows. The setting will be effective the next time the program is started.

If connecting from off campus first log on to the VSE OpenVPN.

Connect to the remote server with X11 tunneling enabled (ssh -Y on linux). Once you are logged in you can start a graphical client like Matlab and the application window shoulw be opened on your local system.