Difference between revisions of "SSH/SFTP"

From radwiki
Jump to navigation Jump to search
m (1 revision imported)
 
(17 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Shell access is arguably the most important feature of the GPU cluster, as it allows researchers to run their code, e.g. using the [[Anaconda|anaconda]] environment.
+
Shell access is arguably the most important feature of the GPU cluster, as it allows researchers to run their code, e.g. using the [[Anaconda|anaconda]] environment or [[matlab]]. In addition, [[SSH/SFTP#Remote_desktops|remote desktop]] solutions typically depend on shell (SSH tunnel) access.  
  
[https://en.wikipedia.org/wiki/Secure_Shell SSH] allows commandline access to the connected server.  
+
[https://en.wikipedia.org/wiki/Secure_Shell SSH] allows commandline access to the connected server.
  
[https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol SFTP] allows file transfers. Store any data you want in your home directory. Currently there is no storage capacity limiter.
+
[https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol SFTP] allows file transfers.  
  
To connect with SSH or SFTP, you need to use a client program.
+
File transfer using SFTP has practically no learning curve, but commandline usage requires learning at least a few core commands. If you have no experience with terminal commands or linux, see:
 +
* [https://help.uis.cam.ac.uk/service/support/training/downloads/course-files/programming-student-files/unix-cli Cambridge command line introduction course]
 +
* [https://www.puttygen.com/putty-commands a few basic commands on the PuTTy help page]
 +
* [https://www.training.cam.ac.uk/ucs/Course/ucs-scriptsci Unix shell scripting for scientists]
 +
* Alternatively, [https://www.youtube.com/playlist?list=PLyzOVJj3bHQuloKGG59rS43e29ro7I57J this MIT lecture series] provides a more extensive introduction to computer literacy.
 +
 
 +
To connect with SSH or SFTP, you need to use a client program. Refer to the 'clients' section on this page relevant to your operating system.
 +
 
 +
== SSH and SFTP usage ==
 +
Open your client software. Input your [[user account|user ID]], password and server [[GPU_Cluster#Hardware_Specifications|IP address]] as appropriate.
 +
[[File:Ssh and sftp clients.jpg|thumb|Left: the PuTTy SSH client. Right: the WinSCP SFTP client. Their interfaces differ but the credentials to connect are identical.|center|500px]]
 +
 
 +
SFTP clients normally also include an SSH terminal feature.
 +
 
 +
== Remote desktops ==
 +
Users may be tempted to skip learning SSH terminal commands if they can just get a graphical interface (GUI). However, note that GUI applications consume more bandwidth, memory and cpu resources than their commandline counterparts. Most research-related work will not require a GUI.
 +
 
 +
Windows users may be familiar with software like Teamviewer or the Windows Remote Desktop viewer (MSRDC). In Linux, remote graphics typically involves X11 server forwarding or a [https://en.wikipedia.org/wiki/Virtual_Network_Computing VNC] connection. See our [[guides]] for more specific instructions on how to connect using remote graphics.
 +
 
 +
{{Note| '''Remote desktop options: X11 vs VNC:'''<br></br>
 +
X forwarding sends a single application window, typically without compression or network optimization. VNC sends the entire desktop and is optimized for networked usage, such as persisting after an accidental disconnect. The former uses the default port range 6000+N, the latter 5900+N.|reminder}}
  
 
== Windows Clients ==
 
== Windows Clients ==
* Modern powershell or PuTTy are some of the clients available for SSH
+
* Modern powershell or PuTTy are some of the many clients available for SSH
 
* WinSCP or Filezilla are typical SFTP clients.
 
* WinSCP or Filezilla are typical SFTP clients.
  
Input your [[user account|user ID]], password and server IP address as appropriate.
+
== SSH Port forwarding (tunneling) ==
 
+
In simple terms, you first setup a tunnel running in the background, e.g. a minimized PuTTy terminal. After that your main application (e.g. browser, git client, VNC/X11 client) talks to a localhost port instead of directly addressing an external address/port; the SSH connection transparently forwards that data.
== SSH Port forwarding or tunnelling ==
 
SSH can improve security. If a HTTP connection is too insecure, and you are not on a VPN, consider using SSH to connect to the GitLab or MediaWiki services. In simple terms, your application (e.g. browser, git client) talks to a localhost port instead of an external address/port, the SSH connection then transparently forwards that data.
 
  
 
The syntax in powershell or bash is:
 
The syntax in powershell or bash is:
 
`ssh -L local_port:remote_address:remote_port username@server.com`
 
`ssh -L local_port:remote_address:remote_port username@server.com`
You can then leave that tunnel open in the background, traffic targeting localport will move through it. This will be the recommended method to connecting with Jupyter Notebooks once the firewalls are hardened.
+
You can then leave that tunnel open in the background, traffic targeting localport will move through it. This will be the recommended method for connecting (including Jupyter Notebooks) once the firewalls are hardened.
  
 
== See also ==
 
== See also ==
 
* [https://www.jetbrains.com/help/pycharm/configuring-remote-interpreters-via-ssh.html Using PyCharm with a remote interpreter]
 
* [https://www.jetbrains.com/help/pycharm/configuring-remote-interpreters-via-ssh.html Using PyCharm with a remote interpreter]

Latest revision as of 05:56, 2 July 2020

Shell access is arguably the most important feature of the GPU cluster, as it allows researchers to run their code, e.g. using the anaconda environment or matlab. In addition, remote desktop solutions typically depend on shell (SSH tunnel) access.

SSH allows commandline access to the connected server.

SFTP allows file transfers.

File transfer using SFTP has practically no learning curve, but commandline usage requires learning at least a few core commands. If you have no experience with terminal commands or linux, see:

To connect with SSH or SFTP, you need to use a client program. Refer to the 'clients' section on this page relevant to your operating system.

SSH and SFTP usage

Open your client software. Input your user ID, password and server IP address as appropriate.

Left: the PuTTy SSH client. Right: the WinSCP SFTP client. Their interfaces differ but the credentials to connect are identical.

SFTP clients normally also include an SSH terminal feature.

Remote desktops

Users may be tempted to skip learning SSH terminal commands if they can just get a graphical interface (GUI). However, note that GUI applications consume more bandwidth, memory and cpu resources than their commandline counterparts. Most research-related work will not require a GUI.

Windows users may be familiar with software like Teamviewer or the Windows Remote Desktop viewer (MSRDC). In Linux, remote graphics typically involves X11 server forwarding or a VNC connection. See our guides for more specific instructions on how to connect using remote graphics.

Remote desktop options: X11 vs VNC:

X forwarding sends a single application window, typically without compression or network optimization. VNC sends the entire desktop and is optimized for networked usage, such as persisting after an accidental disconnect. The former uses the default port range 6000+N, the latter 5900+N.

Windows Clients

  • Modern powershell or PuTTy are some of the many clients available for SSH
  • WinSCP or Filezilla are typical SFTP clients.

SSH Port forwarding (tunneling)

In simple terms, you first setup a tunnel running in the background, e.g. a minimized PuTTy terminal. After that your main application (e.g. browser, git client, VNC/X11 client) talks to a localhost port instead of directly addressing an external address/port; the SSH connection transparently forwards that data.

The syntax in powershell or bash is: ssh -L local_port:remote_address:remote_port username@server.com You can then leave that tunnel open in the background, traffic targeting localport will move through it. This will be the recommended method for connecting (including Jupyter Notebooks) once the firewalls are hardened.

See also