Setup ssh tunnel to NYBlue fen
From Rizzo_Lab
Start the Windows Secure Shell program. You need to have a profile to connect to bgssh1 to start.
Contents
Create a new ssh key pair
- In Secure Shell, go to Edit > Settings > Keys
- Click on Generate New and follow the instructions
- Generate a 2048 bit DSA key
- Selecting a passphrase is optional
- Comments and name you enter for the key does not matter
- Once the key is made, click on View in Public Key Management
This will open up your public key in Notepad. It will look something like this:
---- BEGIN SSH2 PUBLIC KEY ---- Comment: "Generated on laptop [2048-bit dsa, Sudipto@Laptop, Thu Ap\ r 24 2008 04:22:51]" AAAAB3NzaC1kc3MAAAEBAM1QWyXaS0pkq6dV829ecKNWeD5B9DBH8Kc951FC7XrRlrpoy8 fD37yq82DMfHpi9hQ1iQaruGpu14U9aBcCRgHEwPoRiG1QhKE1fJz7t7YyidHQAF3A7FaD dAYYDo+DTmP8wxSRUuuW/5QuHyxnnrbpkyJFlyypntwmdqUdqjYDZTmQW8ubsutNJUCzwB Y5LdWs5KdjXuvOk9SFyQqgUYRcq4mzvUvP5j0Onw== ---- END SSH2 PUBLIC KEY ----
Note that this is a DSA key. It starts with AAAA and ends in ==
Copy the entire text string starting with the AAAA till the end including the ==
Now close the Settings dialog box.
Creating a tunnel in your profile
- Go to Profiles > Edit Profiles
- Locate the profile you use to connect to the NYBlue firewall bgssh1
- In Tunneling, add a new Outgoing Tunnel
- Create the tunnel as shown in the image
- Instead of 15677, feel free to use any other number above 1024
- Make as note of this number, you will need it later
- Click OK and save the changes to your profile
- Now log in to the NYBlue firewall as usual using your Cryptocard
Installing the public key
Once on bgssh1, login to fen.bluegene.gov
ssh fen cd .ssh vi authorized_keys
Now look at the public key which is already there.
It looks something like
ssh-dss AAAAB3NzaC1kc3MAAACBAO6yWFY3ySd8Yqy CGNtRIxLEXUvyBieNB2nsluquxsjHppGOhuEGw9IFzu zk3ke08zj2l4Ao2hJcgEF+bQcjBVLkyDhlD9AKyIuCU MSWInxlrrm2u+rd0= sudipto@bgssh1
- Go to the end of this line in vi by typing $
- Go to insert mode and start a new line
- Type "ssh-dss " followed by the public key you copied earlier
- It should start with AAAA and end in two ==
- Save the file and exit
Logging in with the tunnel
- Now you have a working tunnel and an authorized public key installed
- To use the tunnel, use Quick Connect on Secure Shell
- Connect to localhost and the port number you used earlier while creating the tunnel
- Click Connect
- You will be prompted to save a host identification key. Say yes.
- This should log you directly into fen without asking for a password
- Click in the File Transfer window to transfer files