Table of Contents

First Login

In this exercise you will learn how to login and run commands on our infrastructure.

Part I: Login

Required software

As mentioned in the lecture, you absolutely need a terminal emulator:

optionally you may want:

Login using Linux

Login using macOS

Login using Windows with SSH (Windows 10 and later)

Login using Windows with Putty

First configure Putty (only required on the first run) as follows:

  1. Start the application PuTTY from the Windows menu (in the folder PuTTY)
  2. Fill in the Host Name: tcopt2.chem.uzh.ch
  3. Set Connection type to SSH
  4. Type tcopt2 as the name of the session below Saved Sessions and save the settings a first time
  5. In the Category tree on the left side, select Connection > Data and enter the username you have been given in the lecture in the field Auto-login username
  6. Select the tab Connection > SSH > X11 from the Category list and enable the option Enable X11 Forwarding
  7. Go to Session again and
  8. Choose Session from the Category list and click Save again

Then continue as follows to login:

First steps

Change the password of your account after your first login, using:
$ passwd

Part II: Advanced account configuration

Setup key-based authentication

To avoid having to type the password every time you log in (and to increase the security), a public-private key pair can be used for authentication instead.

Instructions for macOS and Linux

First generate a key-pair on your local machine by running the following in a terminal/shell:

$ ssh-keygen

and accept the defaults proposed and do no set a password.

Upload the public key from your local machine to tcopt2:

$ scp ~/.ssh/id_rsa.pub studentXX@tcopt2.chem.uzh.ch:~/

Now login to tcopt2.chem.uzh.ch and move the uploaded public key to the right place and set the access permissions correct:

$ mkdir -p .ssh
$ chmod 0700 .ssh
$ mv id_rsa.pub .ssh/authorized_keys

When connecting to the server from your local machine now, use:

$ ssh -i ~/.ssh/id_rsa studentXX@tcopt2.chem.uzh.ch

Instructions for Windows using PuTTY

First login to the server as above and leave the terminal window open.

Then generate a key-pair on your local machine as follows:

  1. Start the application PuTTYgen which was installed alongside PuTTY itself
  2. Click on Generate to generate a new key (move the mouse to generate randomness, as instructed)
  3. Do not set a Key passphrase
  4. Click on Save private key and store the private key as condensed_matter.ppk
  5. On the server (in the PuTTY terminal window), run the following commands:
    $ mkdir -p .ssh
    $ chmod 0700 .ssh
    $ nano -w .ssh/authorized_keys
    
  1. Now copy & paste the content in the field Public key for pasting into OpenSSH authorized_keys file from PuTTYgen into the terminal. Pasting in PuTTY is done by a right mouse click.
  2. Exit nano by using CTRL+X, press Y to save the file and confirm the name by pressing ENTER
  3. Enter exit to close the connection
  4. Close the PuTTYgen application

Reconfigure PuTTY to use the generate key:

  1. Restart PuTTY
  2. Select the Session tcopt2 and press Load
  3. Select Connection > SSH > Auth
  4. Use the Browse… button in Authentication parameters to selected the condensed_matter.ppk you generated earlier
  5. Go back to Session and click Save, then Open to login
  6. Now PuTTY should directly login (given that you have saved the username as well as described above) without asking for a password

Simplify the login

The following instructions apply to OSX and Linux.

On your local machine add the following part to the file .ssh/config in your home directory:

Host tcopt2
  HostName tcopt2.chem.uzh.ch
  User studentXX

after which you will be able to connect to tcopt2 simply by using

$ ssh tcopt2

If you have setup key-based authentication as shown above, augment the entry to the following instead, to always use key-based authentication without having to specify -i ~/.ssh/id_rsa manually:

Host tcopt2
  HostName tcopt2.chem.uzh.ch
  User studentXX
  IdentityFile ~/.ssh/id_rsa
  IdentitiesOnly yes
  PreferredAuthentications publickey