Remote access to the IMSc network can be obtained by secure shell (ssh) connections to the machine access.imsc.res.in (61.95.189.6). Access will be granted based on RSA/DSA keys only; in particular, password-based access is no longer permitted.
Once you log in to this machine you can log in to any machine within the IMSc network. There is also 200MB of storage space per user on this machine. Mail can be accessed after login via an imap service local to this machine.
WARNING: The machines access1/access2.imsc.res.in that were formerly used for remote access will soon be turned off. If you use those machines regularly then please read these instructions carefully.
WARNING: You may not wish to read these instructions right away. Please file a copy and remember to read it before you go outside IMSc.
The instructions below are for those using Linux and Windows. Please read the sections relevant for you.
-
-
Obtaining access:
-
Use the program 'ssh-keygen' to generate a key pair (4096 bit key)
ssh-keygen -t rsa -b 4096 -m pem
This is will prompt you to give a pass-phrase with which your private key will be stored encrypted on your local machine in $HOME/.ssh/id_rsa. Choose a non-trivial pass-phrase as otherwise anyone with access to this file will be able to gain access as you. -
Send the corresponding public-key file $HOME/.ssh/id_rsa.pub to sysadmin@imsc.res.in.
mailx -s "My SSH key" sysadmin@imsc.res.in < $HOME/.ssh/id_rsa.pub
This public-key is for public consumption. You can even put it on your home page! -
Wait...
After this the system administrators will create a home directory for you on the access.imsc.res.in machine and copy this key to the file $HOME/.ssh/authorized_keys on that machine. -
You can now log in to access.imsc.res.in by the command
ssh access.imsc.res.in
This can be done from any machine which has the file $HOME/.ssh/id_rsa, but the passphrase will be required to unlock this file for use by ssh. - The machine acess.imsc.res.in does *not* have many programs for manipulating mail and files. In order to use your familiar programs and utilities you will have to follow the steps given below.
-
Use the program 'ssh-keygen' to generate a key pair (4096 bit key)
-
Connecting to other machines in IMSc.
- Once you are logged in to access.imsc.res.in you can run "ssh" from this machine to log in to any machine on the IMSc network including your desktop machine.
- For more direct access you can use ssh port forwarding and SOCKS.
-
Synchronising files from IMSc.
- You can use 200MB of local storage space on access.imsc.res.in in order to copy files from any machine in the IMSc network. For example you can use "scp" or "rsync". (Do not use this for Mail folders that are actively being used).
- These files will then be accessible to you from outside IMSc directly by "scp" from access.imsc.res.in.
- For two way synchronisation the command "unison" is also available.
-
Accessing IMSc mail using IMAP and access.
-
You can issue the following command from your machine outside IMSc.
ssh -f -L 1234:localhost:143 access.imsc.res.in sleep 600
(here 1234 can be replaced by any other number less than 65535).
- Now on your machine outside IMSc you can access IMSc mail by giving the IMAP server as "localhost" and IMAP port as 1234 (or whatever port you chose above).
- The connection will die after 10 minutes (=600 seconds) you can change the number if you feel you need to be connected for longer.
- For two way mail synchronisation the command "mailsync" is also available.
-
You can issue the following command from your machine outside IMSc.
-
Obtaining access:
For further questions/comments please get in touch with the IMSc system administrators.
INSTRUCTIONS for generating/using putty for key based login.
-
- Download PuTTY
- Unzip the downloaded file to a directory.
- Generate the key using puttygen.exe.
-
Execute puttygen
- move the mouse over the pttygen window
- give the pass phrase
- save the private key
- save the public key
- send the public key to target machine to .ssh/authorized_keys, for example by email to the sysadmin account as above. (On unix, the key should be in one line. it should be like ssh-dss
-
After generation, there is a puttyagent (pagent.exe). Start this agent. This is like ssh-agent on unix.
- add the key to the agent.
- start putty
- give the host name
- give the 'user' name
- That's it. You have logged in as 'user'
INSTRUCTIONS FOR generating/using SSH Secure Shell Client from Windows for key based login.
These are instructions for secure shell client from www.ssh.com (version 3.2.9 (Build 283) non commercial version)
-
-
Follow the menu sequence from ssh window.
- Edit -> Settings -> Global Settings -> User Authentication -> Keys -> Generate New -> Key type (DSA) -> key length (2048) (This will take some time to generate random number)
-
After this fill the following fields:
- File name (give the file name)
- comment (optional)
- PassPhrase (give the pass phrase - do not leave empty)
- PassPhrase (re-type the pass phrase)
This completes the generation. You need to send the public key to the sysadmin account for inclusion in access.imsc.res.in
- On Windows XP the files will be stored in c:\Documents and Settings\\Application Data\ssh\UserKeys\ (Application Data is a hidden directory)
-
After this, Please send the public key file (filename.pub) to System Administrators.
If you are unable to locate the files, you can view the key from Edit -> Settings -> Global Settings -> User Authentication -> Keys -> View Copy and paste the key into your email and send it.
-
Follow the menu sequence from ssh window.