Department of Informatics

TU München - Fakultät für Informatik
Software & Systems Engineering Research Group

TUM
 
 

Secure Shell


You can log in to our linux computers via secure shell using ssh login@server. For that purpose you have to replace login by your own login name and server by the host name or by the ip address of the remote computer. We recommend using public/private key authentication to establish the connection.

Generating an asymmetric key pair

  • Call ssh-keygen on your own computer as a normal user
  • You will be asked to provide a filename for the key pair. You can take the default, if a key pair id_rsa and id_rsa.pub in ~/.ssh/ does not exist yet. Otherwise you have to specify the complete path of the private key. You should use ~/.ssh/ for the path.
  • You have to enter a password twice to protect the private key from unauthorized access.
  • The program creates an asymmetric key pair.
  • The following files are created in ~/.ssh/, if the default name is used.
    id_rsa = private key (don't share!!)
    id_rsa.pub = public key
  • Please copy the public key ~/.ssh/id_rsa.pub from your own computer to the file ~/.ssh/authorized_keys of the remote computer. Now SSH-connections between your computer and remote computers, which have the public key of your key pair, can be established.

X-Forwarding

Using X11 forwarding graphical programs, which are started via SSH on a remote computer, can be shown on your own display. To activate X11 forwarding you have to add the option -X to the SSH command, which gives the program restricted rights on your display. If the program terminates because of insufficient rights, there is also the option -Y, which gives the program full rights. Please use this option only, if you trust the administrator of the remote computer, because it opens a tunnel, which can also be used vice versa for an attack to your own display server.

For further information, see also WIKI of RBG


© Chairs I4, I7, I21
Sitemap |  Contact
Last change: 2014-01-21 15:45:27