• Cyberinfrastructure

  • What is Cyberinfrastructure?
  • IU's Cyberinfrastructure Overview
  • IU Cyberinfrastructure News

• Accessing IU's Cyberinfrastructure

  • Introductory Resources
  • Portals to IU Cyberinfrastructure
  • Initiative for Economic Development

• Systems

  • High Performance Systems
  • Storage
  • Data Capacitor
  • Rendering Portal

• Consulting

  • High Performance Applications
  • Statistics and Math
  • Visualization
  • Bioinformatics
  • Biomedical Applications
  • Ask for Help

• Outcomes and Impact

  • Scholarship Snapshots
  • Publications
  • Grants and Economic Impact
  • Events and Outreach
  • Quality

• About RT

  • Vision and Planning
  • Leadership
  • Round Table

The Libra Cluster

Using SSH for More Secure Connections

For secure connections to the Libra Cluster, users must use SSH version 2 clients. Telnet, rlogin and rsh are not permitted for security reasons.

To connect to the Libra Cluster from your PC, Mac, or Unix or Linux workstation, you will need to have an SSH version 2 client installed. OpenSSH source code is available locally at ftp://ftp.ussg.iu.edu/pub/OpenBSD/OpenSSH/portable/ which is a mirror of http://www.openssh.org. SSH Version 2 precompiled binaries for Windows 9x/NT/2000/XP systems can be obtained at http://www.itso.iu.edu/services/ssh; source code is available at https://www.ussg.iu.edu/security/ssh/.

NOTE: The following information is valid for OpenSSH Version 2 only.

• Instructions for SSH connections to the Libra Cluster from your Unix workstation
• Instructions for SSH connections to the Libra Cluster from your Windows workstation
• Instructions for intranode Libra SSH connections
• Instructions for converting an ssh.com public key

Instructions for SSH connections to the Libra Cluster from your Unix workstation

1. Open up your terminal application, (xterm, rxvt, etc).
2. Type ssh -X username@libra.uits.iu.edu where username is your IU network id and hit enter.

   NOTE: The "-X" option for SSH enables automatic X11 forwarding so you may run X windows applications and have them display on your local workstation.

   NOTE: Interactive host names for the Libra Cluster are libra00, libra01 and libra02 in the uits.iu.edu domain.

3. You will be prompted for your password. After entering your password and hitting return you should be connected to the system.

Instructions for SSH connections to the Libra Cluster from your Windows workstation

1. After installing the commercial ssh client from the ITSO double-click on the SSH Secure Shell Client icon, not the SSH Secure File Transfer Client icon.

   

   NOTE: After your account is first created you must log into aries01.ucs.indiana.edu and set choose your shell, it may take up to an hour for this change to update on the other nodes. You may use the Secure File Transfer Client to transfer files to and from the Libra Cluster, but you may not use the SFTP program before choosing your login shell.

2. This will bring up the SSH client window. You should then click Quick Connect on the upper left side of the window.

   

3. A dialog box will then appear and your should enter the host name of the Libra Cluster node that you would like to connect to, and your university username. After doing so click Connect.

   NOTE: Interactive host names for the Libra Cluster are libra00, libra01 and libra02 in the uits.iu.edu domain.

   

4. A dialog box will then appear prompting from your password. Enter your password and click OK.

   

5. You should then be connected to the Libra Cluster and see the login banner and your shell prompt.

Instructions for intranode Libra SSH connections

To use SSH to login or execute remote commands from one Libra node to another, first login to any interactive Libra node and set up your SSH key by typing

/opt/freeware/bin/ssh-keygen -b 1024 -t rsa

The public and private keys resulting from this command will be stored in your ~/.ssh directory as id_rsa.pub and id_rsa.

On the Libra Cluster, SSH is configured to allow connection either by supplying your system passord or via the use of public key authentication. Connection via .shosts files is disabled.

The following use of public key authentication makes connecting from host to host more convenient, but is not recommended, since it is less secure (if someone gains access to your account on the host where both your private and public key are stored, they could then gain access to the other hosts which use your public key authentication). To use public key authentication:

• login to any interactive Libra node
• cd ~/.ssh
• cat id_rsa.pub >> authorized_keys2

Instructions for converting an ssh.com public key

If you use public keys and run ssh.com's SSH clients on your workstation, you will need to convert your ssh.com public key to a format that the OpenSSH server on the Libra Cluster supports. Here are the steps:

• Using ftp, sftp or scp, transfer your ssh.com public keyfile on your workstation to the .ssh subdirectory under your home directory on the Libra Cluster. On Unix workstations, your ssh.com public key is located in your ~/.ssh2 directory with a filename ending in .pub.
• Login to any Libra Cluster node and cd to your .ssh directory.
• Type /miscapps/openssh/bin/ssh-keygen -X -f yourfilename.pub > ssh.com.pubkey
• cat ssh.com.pubkey >> authorized_keys2

This will allow you to use your ssh.com client on your workstation to connect to the Libra Cluster nodes without having to supply a password.

• About UITS
• Contact UITS
• Job Opportunities
• Press Room
• Site Map
• Comments

Copyright 2006, The Trustees of Indiana University