The SSH plugin (part of the gateway) allows Member State users to log into their shell account at ECMWF and execute commands directly on "ecgate". The first time you use SSH to ECaccess, you will see something like:
WARNING: if you get the following error message: "Unable to negotiate with 18.104.22.168 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1" then add the following options to the ssh command-line:
Alternatively, for a more permanent workaround, add the following lines to ~/.ssh/config on your system:
A new version of the ssh plugin will be delivered soon to avoid this problem.
You will then be prompted for your passcode (obtained by entering your PIN number into your security token), and then will get a UNIX prompt, typically '$' or '%'. A login with SSH puts you automatically in your home directory on ecgate.
Note that a different message may be displayed during your login procedure, as this message is customisable by the gateway administrator. This option gives the opportunity to broadcast important notes to Member State users (availability of a new product, disruptions planned for maintenance purposes, etc.). The SSH plugin supports only the interactive method of authentication described in Security authentication.
Note that the gateway at ECMWF will close SSH sessions idle for 6 hours. Note also that if you use a Member State ECaccess gateway, there is no need to use ssh, as the connection between the MS gateway and ECMWF is already secure. Using telnet will do. If you decide to use your MS gateway (and your gateway administrator has opened this service), you may need to contact port number 9022, like in: