One cannot do research effectively, if he is not aware of shortcuts in his day-to-day interactions with the university's infrastructure. These little stuff may seem not top-priority at first, but after taking some time to setup your environment, they will prove useful, if you will do work/projects from home, if you try to access the intranet to use your institution's IP for accessing academic material, or if you just want to use your institution's VPN network.
This is a super quick tutorial for Ubuntu. Not a PL memo, but still... :)
1. Every university provides vpn access. Mine provides access via an openvpn server and a default configuration file is provided (alongside with the needed ca cert). Instead of using a manual openvpn command, with screen or else, or pollute .profile etc, you can use the graphical network-manager-openvpn and import the provided ovpn file.
2. Import all the settings/hosts that you frequently type in an ssh_config file and place it in .ssh/config. In there, you can enter a whole bunch of settings, like more strict checking of known hosts, compression, forwarding, alive interval, or what identity files you will use for each connection (e.g., your git server), etc. Mine is the following:
3. Use private / public key for ssh connections. You will need an ssh-agent installed. ssh-agent is a program that starts alongside with an X-session or a login session and loads your private keys in memory.
Now check the .ssh directory for two files, one is the private key and the other one is the .pub key. What you want to do now (I assume you know the basics of public key cryptography :-D), is to load the private in memory and save the public key somehow to your remote host in order to be able to connect without password, but with an automatic public/private rsa key pair handshake, instead.
If you haven't saved the file in the default location (check if it is loaded with ssh-add -l) then you should communicate it to the ssh-agent with the command below (maybe also append it to the .profile too for your future reboots).
Your .ssh/authorized_keys at the remote profile, also needs secure permissions.
That's it.
This is a super quick tutorial for Ubuntu. Not a PL memo, but still... :)
1. Every university provides vpn access. Mine provides access via an openvpn server and a default configuration file is provided (alongside with the needed ca cert). Instead of using a manual openvpn command, with screen or else, or pollute .profile etc, you can use the graphical network-manager-openvpn and import the provided ovpn file.
sudo apt-get -y install network-manager-openvpn
2. Import all the settings/hosts that you frequently type in an ssh_config file and place it in .ssh/config. In there, you can enter a whole bunch of settings, like more strict checking of known hosts, compression, forwarding, alive interval, or what identity files you will use for each connection (e.g., your git server), etc. Mine is the following:
Host linux*
User <yourname>
Host linux01 linux02 linux03 linux04 linux05 linux06 linux07 linux08 linux09 linux10 linux11 linux12 linux13 linux14 linux15 linux16 linux17 linux18 linux19 linux20 linux21 linux22 linux23 linux24 linux26 linux27 linux28 linux29
HostName %h.<university's hostname>
3. Use private / public key for ssh connections. You will need an ssh-agent installed. ssh-agent is a program that starts alongside with an X-session or a login session and loads your private keys in memory.
ssh-keygen -t rsa
chmod 700 ~/.ssh
Now check the .ssh directory for two files, one is the private key and the other one is the .pub key. What you want to do now (I assume you know the basics of public key cryptography :-D), is to load the private in memory and save the public key somehow to your remote host in order to be able to connect without password, but with an automatic public/private rsa key pair handshake, instead.
If you haven't saved the file in the default location (check if it is loaded with ssh-add -l) then you should communicate it to the ssh-agent with the command below (maybe also append it to the .profile too for your future reboots).
ssh-add ~/.ssh/whereyousavedtheprivate &>/dev/null
ssh-copy-id -i remote-server
Your .ssh/authorized_keys at the remote profile, also needs secure permissions.
That's it.
No comments:
Post a Comment