Setup ssh tunnel to NYBlue fen

From Rizzo_Lab
Jump to: navigation, search

Start the Windows Secure Shell program. You need to have a profile to connect to bgssh1 to start.

Create a new ssh key pair

Ssh generate new key.png


  • In Secure Shell, go to Edit > Settings > Keys
  • Click on Generate New and follow the instructions
  • Generate a 2048 bit DSA key
  • Selecting a passphrase is optional
  • Comments and name you enter for the key does not matter
  • Once the key is made, click on View in Public Key Management


This will open up your public key in Notepad. It will look something like this:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "Generated on laptop [2048-bit dsa, Sudipto@Laptop, Thu Ap\
r 24 2008 04:22:51]"
AAAAB3NzaC1kc3MAAAEBAM1QWyXaS0pkq6dV829ecKNWeD5B9DBH8Kc951FC7XrRlrpoy8
fD37yq82DMfHpi9hQ1iQaruGpu14U9aBcCRgHEwPoRiG1QhKE1fJz7t7YyidHQAF3A7FaD
dAYYDo+DTmP8wxSRUuuW/5QuHyxnnrbpkyJFlyypntwmdqUdqjYDZTmQW8ubsutNJUCzwB
Y5LdWs5KdjXuvOk9SFyQqgUYRcq4mzvUvP5j0Onw==
---- END SSH2 PUBLIC KEY ----

Note that this is a DSA key. It starts with AAAA and ends in ==

Copy the entire text string starting with the AAAA till the end including the ==

Now close the Settings dialog box.


Creating a tunnel in your profile

New outgoing ssh tunnel.png
  • Go to Profiles > Edit Profiles
  • Locate the profile you use to connect to the NYBlue firewall bgssh1
  • In Tunneling, add a new Outgoing Tunnel
  • Create the tunnel as shown in the image
  • Instead of 15677, feel free to use any other number above 1024
  • Make as note of this number, you will need it later
  • Click OK and save the changes to your profile
  • Now log in to the NYBlue firewall as usual using your Cryptocard


Installing the public key

Once on bgssh1, login to fen.bluegene.gov

ssh fen
cd .ssh
vi authorized_keys

Now look at the public key which is already there.

It looks something like

ssh-dss AAAAB3NzaC1kc3MAAACBAO6yWFY3ySd8Yqy
CGNtRIxLEXUvyBieNB2nsluquxsjHppGOhuEGw9IFzu
zk3ke08zj2l4Ao2hJcgEF+bQcjBVLkyDhlD9AKyIuCU
MSWInxlrrm2u+rd0= sudipto@bgssh1
  • Go to the end of this line in vi by typing $
  • Go to insert mode and start a new line
  • Type "ssh-dss " followed by the public key you copied earlier
  • It should start with AAAA and end in two ==
  • Save the file and exit


Logging in with the tunnel

Quick connect to localhost tunnel.png
  • Now you have a working tunnel and an authorized public key installed
  • To use the tunnel, use Quick Connect on Secure Shell
  • Connect to localhost and the port number you used earlier while creating the tunnel
  • Click Connect
  • You will be prompted to save a host identification key. Say yes.
  • This should log you directly into fen without asking for a password
  • Click in the File Transfer window to transfer files