...
| Tip |
|---|
Subsequent logins can be shortened to tsh login |
| Info |
|---|
If you're already logged in to the ECMWF website, or have recently logged in to this service, the password prompt might be skipped. |
Connecting to hosts through the gateway
OpenSSH 7.3 or newer has a simple command line option, to connect via our gateway shell.ecmwf.int to the destination-host:
| Code Block |
|---|
|
ssh -J username@shell.ecmwf.int username@destination-host |
For example, if your username is ab0 and you wish to connect to ecgate:
| Code Block |
|---|
|
ssh -J ab0@shell.ecmwf.int ab0@ecgate |
The OpenSSH configuration setting for this is named ProxyJump:
Legacy Configuration
For OpenSSH clients older than 7.3, the following will work in your ~/.ssh/config file:
| Code Block |
|---|
|
Host ecgate
ProxyCommand /usr/bin/ssh -q -p 3023 -W %h:%p shell.ecmwf.int
|
Configuring servers and workstations for Teleport
...
| Tip |
|---|
Having a dedicated file for the trusted key means that it can easily be rotated using configuration automation. |
Connecting to hosts through Teleport
Your ssh client will need to know about the Teleport gateway (proxy).
For OpenSSH 7.3 or newer, add the following to your configuration (~/.ssh/config):
| Code Block |
|---|
|
Host ecmwf-hpcf
HostName hpcf-login.ecmwf.int
ProxyJump tele.ecmwf.int:3023
ForwardX11 yes |
For OpenSSH clients up to 7.2, the following will work instead:
| Code Block |
|---|
|
Host ecmwf-hpcf
HostName hpcf-login.ecmwf.int
ProxyCommand /usr/bin/ssh -q -p 3023 -W %h:%p tele.ecmwf.int
ForwardX11 yes |
| Info |
|---|
ecmwf-hpcf is merely a short alias and can be any name, including the target HostName.
|
| Info |
|---|
hpcf-login.ecmwf.int is the host name of whatever destination server or workstation you wish to reach. |
Then, you can connect to the destination host:
| Tip |
|---|
No password will be required. |
SCP, X11 and Port Forwarding
...