Swarthmore College Department of Computer Science

using ssh and scp

This page provides some basic ssh, scp, sftp help. See our remote access page for more information, including where to get ssh programs for your computer.

ssh is used to securely connect from one machine to another -- for example, from your dorm machine to the cs machines. scp and sftp can be used to transfer files from one machine to another. All of these programs use encryption, to protect your password and any other sensitive information being transmitted across the network.

If you haven't already set up RSA authentication, which is optional (see below), ssh will simply use your regular unix password for authentication. Here is an example of someone using ssh to connect to catnip from a remote machine: 

remote$ ssh username@catnip.cs.swarthmore.edu
username@catnip's password: **********
Last login: Mon Jul 29 16:47:43 2002 from foo.net
CATNIP$

If you don't care which lab machine you connect to, just ssh to lab.cs.swarthmore.edu

Here are examples of using scp, and sftp: 

ALEPPO[knerr]$ scp knerr@sccs:sizeof.c .
knerr@sccs's password: 
sizeof.c        100% |*******************|   901  00:02    
ALEPPO[knerr]$ 


ALEPPO[knerr]$ sftp sccs
Connecting to sccs...
knerr@sccs's password: 
sftp> ls
drwxr-xr-x 11 knerr  users   4096 Jul 23 15:28 .
drwxr-xr-x 38 root   root    4096 Aug 20  2001 ..
-rw-r--r--  1 knerr  users   3768 Mar 15  1999 .Xdefaults
-rw-r--r--  1 knerr  users   4802 Aug  8  2000 .cshrc
-rw-r--r--  1 knerr  users    898 Oct  5  1999 .login
-rw-------  1 knerr  users    569 Jul 23 15:36 .history
drwxr-xr-x  2 knerr  users   4096 Jun 14  2000 .ssh
-rw-r--r--  1 knerr  users    901 Nov  9  1999 sizeof.c
drwxr-xr-x  2 knerr  users   4096 Mar  8  2001 bin
-rw-------  1 knerr  users  13027 Jul 23 15:28 README
sftp> get sizeof.c
Fetching /home/knerr/sizeof.c to sizeof.c
sftp> bye
ALEPPO[knerr]$

rsa and dsa authentication

If you're new to ssh, and want to try using RSA authentication (which is more secure than using your regular unix password), take a look at Getting Started with SSH. It is a really nice page, with good info on setting up RSA authentication keys.

using ssh-agent

Here is some information on setting up ssh-agent. Using this will allow you to enter your password once, and then be able to ssh to other CS clients without having to re-enter it.

Summary:

  • set up RSA keys
  • modify .xsession to use ssh-agent
  • modify .xinitrc to hold all desktop init commands
  • log in on console
  • in any window, run ssh-add (type in RSA passphrase here, once)
  • can now ssh from this machine to other CS machines without password or passphrase
  1. set up RSA keys 
    $ ssh-keygen -t rsa
(accept defaults, and type in a good passphrase)
$ cd .ssh
$ cp id_rsa.pub authorized_keys2
$ ssh oil
(see if you can log in using your passphrase)
  2. copy current .xsession to .xinitrc, and create a new (executable) .xsession with this in it: 
    #!/bin/sh
#
# .xsession file
#

echo $PATH | grep "/usr/local/bin" > /dev/null 2>&1
if [ $? -ne 0  ] ; then   
  PATH="$PATH:/usr/local/bin"
  export PATH
fi

# ssh-agent stuff
if [ -d $HOME/.ssh ] && [ -d /usr/local/bin ]
then 
  EXEC="exec ssh-agent"
else 
  EXEC="exec"
fi
if [ -x $HOME/.xinitrc ]
then $EXEC $HOME/.xinitrc
else $EXEC xterm -geometry 80x24+0-60 -ls
fi
  3. Try logging in on one of the clients. Then, in any window, run ssh-add and give it your RSA passphrase. 
    $ ssh-add /home/knerr/.ssh/id_rsa
Enter passphrase: blah, blah, blah, blah, Ginger.
    After this, I can ssh from this machine to any cs client without having to re-enter my password or passphrase.
  4. I tie the above ssh-add command to the F4 key with this in my .fvwm2rc: 
    Key F4 A N Exec exec /usr/bin/ssh-add /home/knerr/.ssh/id_rsa < /dev/null
    Then I just hit F4, type in my passphrase (in the OpenSSH Authentication pop-up window), and I am done! Some people put the ssh-add command in their .xsession, so they are prompted for their passphrase whenever they log in.