Departmental MembersIT HelpFAQsConnectionRemote Logins

Remote Logins

SSH key fingerprints for gate.maths.ox.ac.uk

  • SSH2 RSA host key for gate.maths.ox.ac.uk - OpenSSH reports a key fingerprint 86:cd:38:87:fc:97:fd:2f:7a:3a:90:68:d7:69:83:b2
  • SSH2 DSA host key for gate.maths.ox.ac.uk - OpenSSH reports a key fingerprint cd:79:d1:0b:f6:44:7e:61:e8:39:88:d9:8f:17:b5:ce

Using ssh

The Mathematical Institute has the facility for supporting ssh connections both into the maths domain and out of the maths domain to other hosts on the internet which support ssh.

ssh stands for Secure Shell and is much safer than telnet for connecting to remote hosts.

In its most simple form ssh is used with a command of the form

ssh remote_username@remote_machine

Note: If you are connecting to the MI from outside the remote machine name you need to connect to is gate.maths.ox.ac.uk.

(the remote_username@ is necessary if your remote username differs from your local one) and will allow you to log into the remote machine as the user specified if you give the correct password. It has the key advantage over telnet that the password you enter is encrypted. If you are using an X windows machine it can also set up secure forwarding of windows so you can open X windows applications securely (and you don't even need to set your DISPLAY environment).

Furthermore, With ssh it is possible to restrict the addresses you can use to log in from. An example would be if you configure your account on remote machine my.host.com to only accept connections from the maths.ox.ac.uk domain, it is almost impossible for someone in another domain to get access.

There is also a page on getting ssh for you own machine.

Two Simple Examples

  • To ssh from one maths machine to lentil-power (another maths machine) enter

    ssh lentil-power

    and enter your password. The DISPLAY will be automatically set to forward all X windows thus you can immediately run things like emacs.

  • To ssh from a maths machine to a machine outside the maths network called furball.lab.ox.ac.uk where your username if foobar enter

    ssh foobar [-at-] furball [dot] lab [dot] ox [dot] ac [dot] uk

    and enter your password. Again the DISPLAY will be automatically set to forward all X windows.

Things can be made even easier if you create public and private keys. This is done by running ssh-keygen.

To create an ssh2 protocol RSA key pair run

ssh-keygen -t rsa

This stores the private key in .ssh/id_rsa and the public key in .ssh/id_rsa.pub in the user's home directory. The user can then copy the id_rsa.pub to .ssh/authorized_keys2 in his/her home directory on the remote machine. After this, the user can log using the passphrase entered instead of the normal account password. If you set the passphase to be blank then it logs you in without asking for a passphase/password at all, use this with care.

If the passphraseless login isn't working, ensure the permissions on the ssh directory and files are correct, i.e.

% chmod 755 ~/.ssh
% chmod 600 ~/.ssh/*
% chmod 644 ~/.ssh/*.pub 

NOTE: these instructions are correct for OpenSSH, for other versions of ssh the key generation and use may differ.

Last updated by Keith A. Gillow on Fri, 19/08/2011 - 2:42pm from a page originally created by Waldemar Schlackow.
This page is maintained by Keith A. Gillow. Please use the contact form for feedback and comments.