...
Tip |
---|
Subsequent logins can be shortened to tsh login |
Info |
---|
If you're already logged in to the ECMWF website, or have recently logged in to this service, the password prompt might be skipped. |
Connecting to hosts through the gateway
OpenSSH 7.3 or newer has a simple command line option, to connect via our gateway shell.ecmwf.int
to the destination-host
:
Code Block |
---|
|
ssh -J username@shell.ecmwf.int username@destination-host |
For example, if your username is ab0
and you wish to connect to ecgate
:
Code Block |
---|
|
ssh -J ab0@shell.ecmwf.int ab0@ecgate |
The OpenSSH configuration setting for this is named ProxyJump
:
Legacy Configuration
For OpenSSH clients older than 7.3, the following will work in your ~/.ssh/config
file:
Code Block |
---|
|
Host ecgate
ProxyCommand /usr/bin/ssh -q -p 3023 -W %h:%p shell.ecmwf.int
|
Configuring servers and workstations for Teleport
...
Tip |
---|
Having a dedicated file for the trusted key means that it can easily be rotated using configuration automation. |
Connecting to hosts through Teleport
Your ssh client will need to know about the Teleport gateway (proxy).
For OpenSSH 7.3 or newer, add the following to your configuration (~/.ssh/config
):
Code Block |
---|
|
Host ecmwf-hpcf
HostName hpcf-login.ecmwf.int
ProxyJump tele.ecmwf.int:3023
ForwardX11 yes |
For OpenSSH clients up to 7.2, the following will work instead:
Code Block |
---|
|
Host ecmwf-hpcf
HostName hpcf-login.ecmwf.int
ProxyCommand /usr/bin/ssh -q -p 3023 -W %h:%p tele.ecmwf.int
ForwardX11 yes |
Info |
---|
ecmwf-hpcf is merely a short alias and can be any name, including the target HostName.
|
Info |
---|
hpcf-login.ecmwf.int is the host name of whatever destination server or workstation you wish to reach. |
Then, you can connect to the destination host:
Tip |
---|
No password will be required. |
SCP, X11 and Port Forwarding
...