AOS Linux Tutorial Remote Access and Transferring Files Michael - - PowerPoint PPT Presentation

AOS Linux Tutorial

Remote Access and Transferring Files Michael Havas

• Dept. of Atmospheric and Oceanic Sciences

McGill University September 28, 2010

Outline

1 Remote Access

SSH From Linux or OS X SSH from Windows Transferring Files SSH Tunneling Passwordless SSH Using Tmux and Screen Sending Large Files

2 Fun Tips! 3 Next Time

Remote Access

Why Work at Home?

Why work at home? Comfortable. Eureka-moments. Nothing else to do. The same instruction will work from home or from a coffee shop in Thailand

Remote Access

From Linux or OS X

For console access outside meteo domain $ ssh username@meteo.mcgill.ca For graphical access outside meteo domain $ ssh -XC username@meteo.mcgill.ca

• X Graphical X11-forwarding.
• C Compression.

Within meteo domain $ ssh hostname Once you connect to meteo.mcgill.ca, you can connect to your workstation as if you were inside the meteo domain

Remote Access

From Windows

Components SSH Client (Putty recommended). X Client (Xming recommended). Make sure to install “Public Domain Releases” of Xming and Xming-Fonts. SSH File Transfer Client (FileZilla recommended). Console access For console access, you only require putty.

Remote Access

Graphical Access From Windows

Configuration Ensure Enable X11 forwarding is checked in Putty. Ensure Xming is started. Connect.

Remote Access

Transferring Files

Copying from computer to remote Just one file: $ scp file mhavas@remote:path/to/dir/ A directory: $ rsync -av directory mhavas@remote:/path/to/dir/ Copying from remote to computer Just one file: $ scp mhavas@remote:path/to/file /path/to/dir/ A directory: $ rsync -av mhavas@remote:/path/to/directory /path/to/dir/ : means home directory. Rsync only transfers differences. Trailing / matters.

Remote Access

SSH Tunneling

Motivations From outside the AOS department, you can only access zephyr. You sometimes want to access your computer directly without the hassle of going through zephyr. SSH tunneling allows you to create a tunnel that channels information from your remote computer, directly through zephyr and to your workstation. Can be done from Linux, Mac or Windows. Process shown on the following page is for Linux and OS X.

Remote Access

SSH Tunneling (continued)

Create SSH tunnel:

$ ssh −N −L 2222: work :22 mhavas@meteo . m c g i l l . ca

Connect to your workstation directly:

$ ssh −p 2222 l o c a l h o s t

Transfer a file to your workstation directly:

$ scp −oPort 2222 / path / to / f i l e l o c a l h o s t :/ s t o r a g e

Transfer a directory to your workstation directly:

$ rsync −ave ’ ssh −p 2222 ’ / path / d i r l o c a l h o s t :/ s t o r a g e /

Remote Access

Using SSHFS to mount shared

What is SSHFS SSHFS is a user-space network filesystem that enables a user to mount a remote directory using SSH and use the remote directory as if it were local to the computer. How do I mount a directory using SSHFS

$ mkdir zephyr−mount−tmp $ s s h f s mhavas@meteo . m c g i l l . ca :/ tmp/ zephyr−mount−tmp

How do I unmount a directory mounted through SSHFS

$ fusermount −u zephyr−mount−tmp

Always unmount after you mount. NEVER EVER EVER use SSHFS in your home directory or NFS mounted directory.

Remote Access

Passwordless SSH

Motivations Tired of passwords? Have a secure workstation? Have scripts that need to run and transfer files? From zephyr to any machine on the AOS network $ ssh-keygen $ cat ~/.ssh/id rsa.pub >> /.ssh/authorized keys $ chmod 600 ~/.ssh/authorized keys From a machine outside the AOS network $ ssh-keygen $ ssh-copy-id username@meteo.mcgill.ca From a remote machine, please use a passphrase encrypted SSH key and ssh-agent

Remote Access

Using tmux for long-running jobs

Is a terminal multiplexer allowing for multiple terminals within

• ne terminal.

Allows you to detach your screen session, disconnect, reconnect and re-attach your screen session at a later time. Normal procedure:

1

Login.

2

Start tmux: $ tmux.

3

Do stuff.

4

Detach screen: ctrl-b, d.

5

Disconnect.

6

Play outside.

7

Login again.

8

Reattach tmux: $ tmux attach.

Remote Access

Using screen for long-running jobs

Is a terminal multiplexer allowing for multiple terminals within

• ne terminal.

Allows you to detach your screen session, disconnect, reconnect and re-attach your screen session at a later time. Normal procedure:

1

Login.

2

Start screen: $ screen.

3

Do stuff.

4

Detach screen: ctrl-a, d.

5

Disconnect.

6

Play outside.

7

Login again.

8

Reattach screen: $ screen -r.

Remote Access

Sending Large Files to Others

Stop using email or ftp! Use the web server without a password Create directory ~/public html Place files in ~/public html/anywhere/file Send an email to the remote user telling them to download the files from http://www.meteo.mcgill.ca/˜username/anywhere/file.

Remote Access

Sending Large Files to Others (continued)

Use the web server with a password Create directory ~/public html/secure Create text file ~/public html/secure/.htaccess with contents:

AuthType Basic AuthName ” R e s t r i c t e d Access ” AuthUserFile ”/ aos /home/$USERNAME/. htpasswd ” r e q u i r e v a l i d −user

Create credentials for that directory:

[ mhavas@zephyr p r i v a t e ] $ htpasswd −c ˜/. htpasswd USER New password : Re−type new password :

Place files in ~/public html/secure Send an email with download link with credentials: http://www.meteo.mcgill.ca/˜username/secure/file

Outline

1 Remote Access

SSH From Linux or OS X SSH from Windows Transferring Files SSH Tunneling Passwordless SSH Using Tmux and Screen Sending Large Files

2 Fun Tips! 3 Next Time

Fun Tips

Per host SSH settings The file ~/.ssh/config can be used to configure per-host ssh settings and shortcuts. For example:

Host zephyr Hostname meteo . m c g i l l . ca User mhavas Compression yes KeepAlive yes Host ∗ Compression no

Fun Tips (continued)

Use SSH as a SOCKS proxy Ever need to access the McGill library but off campus? Ever stuck at a job where they block internet access? Use a SOCKS proxy with SSH:

ssh −D 9999 ${USERNAME}@meteo . m c g i l l . ca

Then configure your proxy to use localhost port 9999 as a proxy. Use BASH aliases and functions for common SSH forwads Edit the file ~/.bashrc:

a l i a s tunnel=” ssh −fNL 2222: bumblebee :22 meteo . m c g i l l . ca” a l i a s proxy=” ssh −D 9999 ${USERNAME}@meteo . m c g i l l . ca”

Outline

1 Remote Access

SSH From Linux or OS X SSH from Windows Transferring Files SSH Tunneling Passwordless SSH Using Tmux and Screen Sending Large Files

2 Fun Tips! 3 Next Time

Next Time

Vim. Emacs. Suggested topics.