Differences

This shows you the differences between two versions of the page.

--- ssh:tipsandtricks [2023/01/06 20:40] – created deul
+++ ssh:tipsandtricks [2025/05/20 08:25] (current) – [Example 3] jansen
@@ Line 1: / Line 1: @@
-====== Remote Access to your Workstation ======
+====== Remote Access to your Server ======
-For security reasons, access to your Observatory server is only possible within the Observatory intranet. Remote access can occur either securing your connection via an intermediate step called //SSH tunneling// (AKA //port forwarding//), through the [[:vpn|Lorentz Institute VPN service]] or via the [[institute_lorentz:remote_workspace|Lorentz Institute Remote Workspace]].
+For security reasons, access to your Observatory server is only possible within the Observatory intranet. Remote access can occur either securing your connection via an intermediate step called //SSH tunneling// (AKA //port forwarding//), through the [[:vpn|Observatory VPN service]] or via the [[manuals:virtualdesktopserver|Observatory Remote Workspace]].
 Following are some examples that demonstrate the concept of SSH tunnelling. For  alternative methods of connection, please see the relevant documentation.
-SSH access to our servers requires you to set up [[strw:2fa|two-factor authentication]] (2FA) on your account for security reasons.
+SSH access to our servers requires you to set up [[services:2fa|two-factor authentication]] (2FA) on your account for security reasons.
-:!: The examples below have been tested with OpenSSH v7.3+.
+:!: The examples below have been tested with OpenSSH v7.3+ on Linux; for MacOS, see example 3 below (which also works on recent Linux versions).
 ===== SSH tunneling =====
@@ Line 23: / Line 23: @@
 ==== Example 1 ====
-Establish an SSH connection to ''server.strw.leidenuniv.nl'' via our SSH server ''ssh.strw.leidenuniv.nl''
+Establish an SSH connection to a machine called <server>: ''SERVER.strw.leidenuniv.nl'' via our SSH server ''ssh.strw.leidenuniv.nl''
 <code bash>
-ssh -o ProxyCommand="ssh -W %h:%p username@ssh.strw.leidenuniv.nl" username@server.strw.leidenuniv.nl
+ssh -o ProxyCommand="ssh -W %h:%p username@ssh.strw.leidenuniv.nl" username@SERVER.strw.leidenuniv.nl
 </code>
@@ Line 37: / Line 37: @@
 <code>
 # cat $HOME/.ssh/config
-Host server.strw.leidenuniv.nl server
+Host SERVER.strw.leidenuniv.nl SERVER
      ProxyCommand /usr/bin/ssh -W %h:%p ssh.strw.leidenuniv.nl
      User username
 </code>
-Once this configuration is in place, a simple ''ssh server'' will get you to your workstation.
+Once this configuration is in place, a simple ''ssh SERVER'' will get you to your workstation. Of course, substitute the name of the server you want to use.
+==== Example 3 ====
+More recent versions of ssh (including ssh on MacOS) also have the option ''ProxyJump'' which has a somewhat easier syntax. When using that option, the examples become: On the commandline:
+<code bash>
+ssh -o ProxyJump="username@ssh.strw.leidenuniv.nl" username@SERVER.strw.leidenuniv.nl
+</code>
+or if your ssh client has the ''-J'' option:
+<code bash>
+ssh -J username@ssh.strw.leidenuniv.nl username@SERVER.strw.leidenuniv.nl
+</code>
+And in the ''.ssh/config'' file:
+<code>
+# cat $HOME/.ssh/config
+Host SERVER.strw.leidenuniv.nl SERVER
+     Proxyjump ssh.strw.leidenuniv.nl
+     User username
+</code>

Computer Documentation Wiki

User Tools

Site Tools

Differences

Page Tools