...
There is currently a limitation in the SSH agent that can only use one set of keys (the one for the last tsh login). If you wish to use both on the same session, you would need to tell ssh what keys need to be used explicitelyexplicitly. One way to do it is to define the following entry in your ~/.ssh/config (replace <email_address> by the actual value.
...
The OpenSSH configuration setting for this is named ProxyJump,
e.g. add the following lines in the ~/.ssh/confconfig
file on you client system:
Code Block |
---|
|
# For ecgate and Cray HPCF
Host ecg* cc*
User ab0
ProxyJump shellab0@shell.ecmwf.int
# For Atos HPCF
Host a?-* a??-* hpc-* hpc2020-* ecs-*
User ab0
ProxyJump jumpab0@jump.ecmwf.int |
See the Legacy Configuration note below if your ssh client is older than 7.3.
...
Expand |
---|
title | MobaXterm SSH from Windows 10 (ECMWF laptop) |
---|
|
- Install MobaXterm if it is not already on your system
- Download tsh (you may need to instruct antivirus software to ignore the file)
- Start MobaXterm
- Login using tsh (you will always need to specify the --proxy setting)
- Use the following in
$HOME/.ssh/config (MobaXterm's home):
Code Block |
---|
| Host ecgate
User ab0 shell.ecmwf.int jump.ecmwf.int
UserKnownHostsFile /drives/c/Users/<windows_user>/.tsh/known_hosts
ProxyCommand ssh -q -i c:/users/ab0IdentityFile /drives/c/Users/<windows_user>/.tsh/keys/shell%h.ecmwf.int/firstname.lastname@ecmwf.int -W %h:%p ab0@shell<email_address>
CertificateFile /drives/c/Users/<windows_user>/.tsh/keys/%h.ecmwf.int/<email_address>-ssh/%h.ecmwf.int
IdentityFile c:/users/ab0/.tsh/keys/shell.ecmwf.int/firstname.lastname@ecmwf-cert.pub
# For ecgate and Cray HPCF
Host ecg* cc*
User ab0
HostKeyAlgorithms +ssh-rsa-cert*
PubkeyAcceptedKeyTypes +ssh-rsa-cert*
ProxyJump ab0@shell.ecmwf.int
# For Atos HPCF
Host a?-* a??-* hpc-* hpc2020-* ecs-*
User ab0
ProxyJump ab0@jump.ecmwf.int |
|
Expand |
---|
title | Native SSH from Windows 10 (own machine) |
---|
|
- Start the Windows SSH Agent Service
- Download tsh (you may need to instruct antivirus software to ignore the file)
- Login using tsh (you will always need to specify the --proxy setting)
- Use an SSH config as below:
Code Block |
---|
| # Windows currently has a bug, you need the full path to ssh or you will get:
# posix_spawn: No such file or directory
Host *.ecmwf.int
User ab0
ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe -q -W %h:%p ab0@shell.ecmwf.int
# this# this assumes the SSH Agent is running, otherwise add:
# Host# Host shell.ecmwf.int
# IdentityFile ~/.tsh/keys/shell.ecmwf.int/firstname.lastname@ecmwf.int
# CertificateFile ~/.tsh/keys/shell.ecmwf.int/firstname.lastname@ecmwf.int-ssh/shell.ecmwf.int-cert.pub |
Tip |
---|
The Windows 10 Terminal is a decent tabbed command line interface (albeit with no X11 support). Expand |
---|
title | New sessions can be configured following this example |
---|
|
Code Block |
---|
| {
"guid": "{717406b0-06cb-454c-a0c4-875267fa373d}", # run "[guid]::NewGuid()" in a PowerShell to generate this
"name": "ecGate",
"commandline": "ssh ab0@ecgate.ecmwf.int"
"suppressApplicationTitle": true,
"hidden": false,
"fontSize": 10,
"fontFace": "Fira Code",
"cursorShape": "filledBox",
"cursorColor": "#073642",
"colorScheme": "Solarized Dark",
}, |
|
|
|
...