IT 1100 : Introduction to Operating Systems

Chapter 16


Remote Connectivity

So far in this class we have learned the following ways to remote connect to another computer


Remote Connectivity


Remote Connectivity


Remote Connectivity

There are GUI programs that allow us to have a GUI view of the directories and files of a remote computer and transfer those files to and from our localhost computer.

The most common are these:


Remote Connectivity

These programs can used to access your CIT account (ssh.cs.dixie.edu) and Scratch (scratch.cs.dixie.edu) while at home or outside the CIT Network and transfer files back and forth.


Network Review


Network Review


Network Review


Network related commands


Network related commands


Ports

When selecting Ports to receive information on we can choose most any number between 1024 and 65535. These are the ports not reserved for system use and are available for user use.


Creating a Tunnel

Use the VNC Connect From Home Pages in Canvas to see how to create a command line tunnel on your particular machine.

A tunnel connection has the following format:


Creating a Tunnel (Examples)

To create an SSH tunnel to our VM on desdemona with port number 8467 through the ssh.cs.dixie.edu firewall for a VNCViewer connection, it looks like this:

To create an SSH tunnel to Scratch through the ssh.cs.dixie.edu firewall for an SFTP connection, it looks like this:


Creating a Tunnel (Examples)

Do you see the similarities and the differences? The main differences are the destination machine and the destination machine port number. You must keep that terminal open to keep your tunnel connection. Next you open your VNCViewer or your SFTP/SCP program and use the <receiving machine:port> provided in your tunnel. In the host or server box you type localhost and in the port box you type the port number.


SCP Command Line Connections

SCP - Secure Copy - allows you to securely copy files from one machine to another.

scp works just like cp. The only difference is that for scp we declare the source and destination computer and file

By default when we use scp to access a remote computer our relative path begins in our $HOME directory. Absolute paths always work and relative paths start in $HOME.


SCP Command Line Connections (Examples)

To copy a file from my localhost to a remote host (watch the spacing)


SCP Command Line Connections (Examples)

To copy a file from a remote host to my localhost (watch the spacing)

Interpret These Commands - Which file(s) are being transferred and where will the file(s) end up?


SSH Basic Connection Shortcuts


Accessing Remote Machines

Keys Watch this

Every time we access a computer for the first time we are asked in computer-ese - Do you trust this computer? Because we are safely inside of our network we always say yes. The computer then remembers our answer and never asks us again.

Inside of our $HOME directory - we have a directory called .ssh. It is a hidden directory because it is not necessary for everyday use.


Accessing Remote Machines

In this directory you should see

known_hosts

known_hosts is a list of hosts(computers) that you have connected to previously. When you say ‘yes’ and authorize a connection to a new computer it stores the information in here.


Accessing Remote Machines

id_rsa and id_rsa.pub

These are the files used to prove your identity to other computers without entering a password.


Accessing Remote Machines

authorized_keys

authorized_keys is a list of the public keys of other computers authorized to login without entering a password.


Accessing Remote Machines

ssh-keygen

ssh-keygen (no spaces) can generate a public and private key if you don’t already have them. This command does not work on a Mac.


Accessing Remote Machines

ssh-copy-id

Once you have a public/private key pair you can share the public key with another machine to allow yourself to log in without the use of a password.

ssh-copy-id (no spaces) enables you to log into remote machines without entering a password by copying your public key to the other computer. The ssh-copy-id command does all the work of copying the public key to the remote machine and correctly putting the information everywhere it needs to be. It stores this information in the authorized_keys file. This command does not work on a Mac.


Accessing Remote Machines

Then when you ssh to that computer, the authorized_keys file is checked, if there is an entry for your computer, then the private key on your computer talks to the public key on the other computer - and if they are a correct pair then you can connect to the machine without a password.

This will allow you to log into remote machine without entering a password because by sharing your public key it’s like saying I’m the same person on both machines - trust me.


Beware

Be very careful to only generate a public/private key pair if it doesn’t already exist. You can break your CIT profile and/or your virtual machine access if you generate a new one within your profile. Of course it can be fixed.

Within the CIT network - our access to our Virtual Machines depends on the known_hosts and authorized_keys file. Don’t delete these files.

On most computers you can delete both the known_hosts and authorized_keys file without doing any real damage. You simply have to restore known_hosts and authorized_keys that you want to keep.

If these commands are done incorrectly or if you replace an existing rsa_key - it could break your vm.cs.dixie.edu account. If some of your virtual machines start disappearing or if you are not able to turn on and off your virtual machines. Then run the following commands:


Textbook Time


Last Updated 09/26/2019