Setup ssh tunnel to NYBlue fen

From Rizzo_Lab
Revision as of 01:12, 24 April 2008 by Sudipto (talk | contribs)
(diff) ←Older revision | view current revision (diff) | Newer revision→ (diff)
Jump to: navigation, search

Start the Windows Secure Shell program. You need to have a profile to connect to bgssh1 to start.

Create a new ssh key pair

Ssh generate new key.png

  • In Secure Shell, go to Edit > Settings > Keys
  • Click on Generate New and follow the instructions
  • Generate a 2048 bit DSA key
  • Selecting a passphrase is optional
  • Comments and name you enter for the key does not matter
  • Once the key is made, click on View in Public Key Management

This will open up your public key in Notepad. It will look something like this:

Comment: "Generated on laptop [2048-bit dsa, Sudipto@Laptop, Thu Ap\
r 24 2008 04:22:51]"

Note that this is a DSA key. It starts with AAAA and ends in ==

Copy the entire text string starting with the AAAA till the end including the ==

Now close the Settings dialog box.

Creating a tunnel in your profile

New outgoing ssh tunnel.png
  • Go to Profiles > Edit Profiles
  • Locate the profile you use to connect to the NYBlue firewall bgssh1
  • In Tunneling, add a new Outgoing Tunnel
  • Create the tunnel as shown in the image
  • Instead of 15677, feel free to use any other number above 1024
  • Make as note of this number, you will need it later
  • Click OK and save the changes to your profile
  • Now log in to the NYBlue firewall as usual using your Cryptocard

Installing the public key

Once on bgssh1, login to

ssh fen
cd .ssh
vi authorized_keys

Now look at the public key which is already there.

It looks something like

ssh-dss AAAAB3NzaC1kc3MAAACBAO6yWFY3ySd8Yqy
MSWInxlrrm2u+rd0= sudipto@bgssh1
  • Go to the end of this line in vi by typing $
  • Go to insert mode and start a new line
  • Type "ssh-dss " followed by the public key you copied earlier
  • It should start with AAAA and end in two ==
  • Save the file and exit

Logging in with the tunnel

Quick connect to localhost tunnel.png
  • Now you have a working tunnel and an authorized public key installed
  • To use the tunnel, use Quick Connect on Secure Shell
  • Connect to localhost and the port number you used earlier while creating the tunnel
  • Click Connect
  • You will be prompted to save a host identification key. Say yes.
  • This should log you directly into fen without asking for a password
  • Click in the File Transfer window to transfer files