How to create a vpn/ssh tunnel: Difference between revisions
(15 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
= | = Generate SSH key = | ||
First, copy this command into your termimal | |||
ssh-key -t rsa | |||
Then it will ask you where you want to save the ssh keypair. If you already have a key saved in /Users/user/.ssh/id_rsa, please save your new key somewhere else to avoid overwriting existing key | |||
Generating public/private rsa key pair. | |||
Enter file in which to save the key (/Users/user/.ssh/id_rsa): /Users/user/.ssh/bkslab_key | |||
Lastly, it will ask you for passphrase. You don't need to provide passphrase, just hit Enter | |||
Enter passphrase (empty for no passphrase): | |||
The public key can be found in the location where you specified earlier (ie: /Users/user/.ssh/bkslab_key.pub) | |||
Send it to the person who creates you your account, so they can add it into portal. | |||
= FOR LINUX AND MAC OS = | |||
I am going to illustrate how to create a ssh tunnel using a couple examples. | |||
Pretend ''you want to create a ssh tunnel from your laptop to gimel through the portal.'' | |||
First open two terminals. In one terminal type the following: | |||
ssh <options/flags> localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l <username> | |||
ssh -vCL localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l jjg | |||
In the other terminal type: | |||
ssh -p 2222 <username>@localhost | |||
ssh -p 2222 jjg@localhost | |||
Then when you log in type hostname and you will see that you are logged into gimel! | |||
Here's another example, say ''you want to scp files directly from your laptop to your home directory on gimel.'' | |||
First open two terminals. In one terminal type the following: | |||
ssh <options/flags> localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l <username> | |||
ssh -vCL localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l jjg | |||
In the other terminal type: | |||
scp -P 2222 file_you_want_to_copy <username>@localhost:~ | |||
== Troubleshooting == | |||
If you see this error: | |||
Unable to negotiate with 169.230.26.166 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss | |||
Please follow this instruction to fix it : | |||
https://www.iclarified.com/87910/how-to-fix-no-matching-host-key-type-found-on-mac | |||
= FOR WINDOWS OS = | = FOR WINDOWS OS = |
Latest revision as of 22:13, 7 October 2024
Generate SSH key
First, copy this command into your termimal
ssh-key -t rsa
Then it will ask you where you want to save the ssh keypair. If you already have a key saved in /Users/user/.ssh/id_rsa, please save your new key somewhere else to avoid overwriting existing key
Generating public/private rsa key pair. Enter file in which to save the key (/Users/user/.ssh/id_rsa): /Users/user/.ssh/bkslab_key
Lastly, it will ask you for passphrase. You don't need to provide passphrase, just hit Enter
Enter passphrase (empty for no passphrase):
The public key can be found in the location where you specified earlier (ie: /Users/user/.ssh/bkslab_key.pub) Send it to the person who creates you your account, so they can add it into portal.
FOR LINUX AND MAC OS
I am going to illustrate how to create a ssh tunnel using a couple examples.
Pretend you want to create a ssh tunnel from your laptop to gimel through the portal.
First open two terminals. In one terminal type the following:
ssh <options/flags> localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l <username> ssh -vCL localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l jjg
In the other terminal type:
ssh -p 2222 <username>@localhost ssh -p 2222 jjg@localhost
Then when you log in type hostname and you will see that you are logged into gimel!
Here's another example, say you want to scp files directly from your laptop to your home directory on gimel.
First open two terminals. In one terminal type the following:
ssh <options/flags> localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l <username> ssh -vCL localhost:2222:gimel:22 -D1080 portal3.ucsf.bkslab.org -l jjg
In the other terminal type:
scp -P 2222 file_you_want_to_copy <username>@localhost:~
Troubleshooting
If you see this error:
Unable to negotiate with 169.230.26.166 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
Please follow this instruction to fix it :
https://www.iclarified.com/87910/how-to-fix-no-matching-host-key-type-found-on-mac
FOR WINDOWS OS
Open putty.exe and select the session that you want to use as a ssh tunnel (ie portal.uoft.bkslab.org).
Then click on Connection -> SSH -> tunnels
In Source Port enter 1080 (or any port above 1024).
Then click the Dynamic button and then click Add.
It should look like this:
Then go back to Session and click Save.
Then download the "standard" version of FoxyProxy here: http://getfoxyproxy.org/downloads.html
Once you’ve downloaded it there should be a little fox picture next to the url bar (upper right hand corner of web browser). Click on that little picture and select Options from the dropdown list.
You should see this:
Click on Add New Proxy
Then click on the General tab.
Enter a proxy name and then select the Proxy Details tab.
Enter “localhost” in “Host or IP Address” and 1080 for “Port” (or whatever port number you entered in putty).
Click the “SOCKS proxy?” Button and make sure the “SOCKS v5” button is also clicked.
Your screen should look like this:
Then click Save.
Then click on the fox again on the upper right hand corner and click on “Us proxy whatever_you_named_it Proxy for all URLs”
Then click on putty and open your session. A terminal will pop up and ask for your passphrase. Enter your passphrase (for your ssh key). That’s it!
To test if your tunnel is good, go to: http://whatismyipaddress.com/
This will tell you what ip address you have. If it says the IP address of the remote host you're connecting to in putty, you are good to go! :)
This session will remain open as long as your ssh putty session is open.
To scp files in Windows through this ssh tunnel, download WinSCP here: http://winscp.net/download/winscp551setup.exe
Once it finishes downloading, run it and go through all the prompts. You can (if you want) to import all your existing sessions from putty, but it’s really not necessary.
Once it’s done, open it.
Click on “New Site”.
Then, in the File protocol drop down menu, select SCP.
In Host name, put the host name or IP address of the machine you want to transfer files to.
Keep the port number as 22. It should look something like this:
Then click on Advanced -> Connection -> Proxy
Click on the “Proxy type” drop down menu and select SOCKS5.
For “Proxy host name” write localhost. Make the port number 1080 (or whatever port you chose to use in putty).
it should look like this:
Click OK, then Save.
It will prompt you to enter a name, call it whatever makes sense to you.
Assuming that your putty session is still open, click Login.
It should prompt you to enter your username and password in the bottom.
You should then see a screen that looks like this:
To transfer files from one to the other, select the file that you want to transfer and then click “Upload” to transfer files to the server and then specify which folder you want to save it to. If you are downloading files from the server to your computer, click the file you want to download and then click “Download” and specify where you want to download it to.
To exit, click on session -> disconnect
When you are done with your vpn session, exit from the ssh putty session (type exit on the terminal screen).
Then, on your browser, click on the little fox in the upper right hand corner and select “Disable FoxyProxy”.