Inhaltsverzeichnis

Accessing local hosts from outside

Up until August of 2019 the Ita hosts la and ny were located in the public network so that people could access them from all over the world. This is changing, but there are still ways to reach la and ny from outside Freiburg. One was is to log in to the university login server using your RZ ID: 

login.uni-freiburg.de

The information below on this page describes details of another approach.

Account on Physik login host

The first step you need to do is apply for an account on the Physik login host 

login.physik.uni-freiburg.de

by sending a request to it@physik.uni-freiburg.de . Please mention your RZ account ID because that is the name that will be used. This will make life easier because that is also the ID used to log in on the Ita hosts.

Later on this page I will use the string <MYID> to refer to your RZ ID. :!: Please replace <MYID> with your actual ID. :!:

SSH jumping

Sources of information

There's a lot of interesting information about ssh jumping available at:

* https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts

What's of particular interest for us is:

* https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts#Passing_Through_One_or_More_Gateways_Using_ProxyJump

Command to log in to private Ita hosts from outside

Assuming la has been moved to the private network, the last link describes how to use the following line to log in to la from the outside: 

ssh -J <MYID>@login.physik.uni-freiburg.de <MYID>@la.physik.privat

Shortening the command line

You could make your life easier by putting the following lines in ~/.ssh/config: 

ForwardX11 yes
ForwardAgent yes
Host la
	HostName la.physik.privat
	ProxyJump <MYID>@login.physik.uni-freiburg.de
	User <MYID>

Then all you would need to do is type: 

ssh la

You could/should add similar lines for ny or any other host in the Ita group in a similar fashion, too.

Use ssh key to save typing in password

With the above set-up you will have to enter the password for login.physik.privat first and then the password for la.

If you have an ssh key set up, you can add the public key to ~/.ssh/authorized_keys on login.physik and la.physik. Then when you login you just have to enter the key passphrase once.

If your computer environment is set up to use ssh-agent, you only have to enter the key passphrase once when you login. After that you can go everywhere else where authorized_keys is set up without having to enter any passwords or passphrases.

, ,

Zuletzt angesehen: Accessing local hosts from outside

QR-Code
QR-Code Accessing local hosts from outside (erstellt für aktuelle Seite)