SSH Setup Notes

If you are working remotely and connecting to some other machine via ssh all the time, sometimes it becomes too frustrating to enter the password every single time. Until you setup your key-pairs. I didn’t know this until very recently. So in this post I will share very simple ssh setup basics. Lets say you want to do following connection:

ssh test49@stampede.tacc.utexas.edu

This post explains the following:

• How to create key-pair and share your public key with the remotes. Such that you can ssh without entering the password each time. This is especially useful when you are running distributed code.
• How to create config file and create alias for ssh commands. So you can just call ssh stampede and you are connected to the machine!
• How to do tunneling/forwarding such that you can run jupyter notebook on remote server.
• How to mount remote folder to your OSX.

Key-Pair Setup

This part is inspired by this post. There are two steps to be made to share your public key with the host.

• Create the key pair
  • Give location to be saved (Press Enter for default)
  • Optional passphrase, which is asked if entered each time the private key is used (safer).
  • Keys reside (if not changed intentionally during creation) at ~/.ssh/id_rsa(your private key) and ~/.ssh/id_rsa.pub(your public key)

ssh-keygen -t rsa

• Copy your public key to remote machine (using your password)
  • You need to copy your public key to the remote hosts in order to be able to use your private key to connect.
  • Do this automatically by using.

    ssh-copy-id test49@stampede.tacc.utexas.edu
    

    You can also to this step manually like below

    cat ~/.ssh/id_rsa.pub | ssh test49@stampede.tacc.utexas.edu  "mkdir -p ~/.ssh && cat >>  ~/.ssh/authorized_keys"
    

    After this step now you can connect to your server by running ssh test49@stampede.tacc.utexas.edu without entering any password(possibly passphrase for your private key)

Alias Setup

You can save your known ssh connections to the ~/.ssh/config file. Add following lines to this file. If not exist create it.

Host stampede
  HostName stampede.tacc.utexas.edu
  User test49

This will allow you to call ssh stampede.

If desired flags can be also added by appropriate field_names. Here are some example such names replacing the flags of the ssh program.

To find out all config options check out man file with man ssh_config. After entering some of the config options one can still use flags before the alias. An example being:

ssh -f -N stampede

SSH Tunneling

Sometimes connecting to a server requires two ssh connections if you are outside of the local network. This was the case when I worked off-campus and wanted to use NYU’s clusters. Having two ssh connections makes local forwarding above a little more complicated. Without any tunneling one would need to arrange two local forwarding carefully. Another annoying thing when you work off-campus is that you need to make two ssh calls every time you want to open a new shell. Tunneling fixes both of the problems above. This part is inspired from the NYU’s HPC link.

I will be using NYU HPC off-campus access as an example to explain tunneling. If you are off-campus you need to do an ssh call to hpc.nyu.edu first and than another one to prince.hpc.nyu.edu. Lets start with adding following lines to our ~/.ssh/config file to define our tunnel.

Host hpc2tunnel
  HostName hpc.nyu.edu
  ForwardX11 no
  LocalForward 8026 prince.hpc.nyu.edu:22
  LocalForward 8025 dumbo.hpc.nyu.edu:22
  User ue225

This defines the tunnel, which is nothing but an ssh connection with local forwarding connecting localhost:8026 to default ssh port(22) of prince.hpc.nyu.edu on hpc.nyu.edu(for a short history of how port 22 became the default port, read here). Other local forwarding definitions can be defined on the same Host definition. After this when ssh hpc2tunnel called, our localhost at port 8026 listens prince.hpc.nyu.edu:22 on hpc.nyu.edu therefore we can ssh to our localhost at port 8026 to connect to the prince cluster with one call. Adding the definition below does this for us.

Host princeOffCampus
  HostName localhost
  Port 8026
  ForwardX11 yes
  User ue225

After these definitions all you need to do call ssh hpc2tunnel and leave it open. Than open as many tabs as you want and use ssh princeOffCampus to connect to the server with one call.

SSH Folder Mounting

Another very useful thing that I discovered recently over ssh is mounting a folder in remote server on to your local system and work with the remote folder as if it is in your computer and everything is synced automatically. To do that you need to first install this two packages.

brew cask install Caskroom/cask/osxfuse
brew install sshfs

Now we ready to go. sshfs needs a symbolic folder to be created so we create that. After that I am mounting the folder(/home/ue225/lecture1) on remote server stampede to my local folder /Users/evcu/dummy as customName. On terminal the content of lecture1 is copied to dummy folder, however when you open Finder you would see customName appears as remote device name. Modified the files as you wish and enjoy the magical sync happening lightning fast. Once you done you can unmount with umount.

mkdir /Users/evcu/dummy
sshfs -p 22 stampede:/home/ue225/lecture1 /Users/evcu/dummy -oauto_cache,reconnect,defer_permissions,noappledouble,negative_vncache,volname=customName,transform_symlinks,follow_symlinks
ls /Users/evcu/dummy #ls lecture1 folder.
umount /Users/evcu/dummy

Runnig commands on logout

I should refer to this wikipedia page. You can basically start a program and leave by adding nohup to the beginning of your command. This would prevent sending the HUP signal on sign-out.

nohup ./myprogram > foo.out 2> foo.err < /dev/null &
exit

Creating a background task on bash would generate an integer like [1] 3533 You can use first number to kill the process kill %1 or kill 3533. If you forget the PID of the process you can run ps -ef | grep myprogram