FAQ – SSH

SSH Related

Which username/password should I use for [insert service name]?

We have {finally} evolved to where each user has ONE username and ONE password for all PCE/CADE machines and services. We may refer to your CADE or PCE username and password. This is separate from your CIS/uNID and it’s password, but we may ask you to use those for authentication, such as when creating your account or changing your password.

Accounts created prior to ~May of 2017, CADE/PCE username is some combination of letters from your names (First, Middle(s), & Last) and generated by an algorithm. For all newer accounts, the username is your uNID (formatted as a lower-case ‘u’ and 7 digits). Once created, we don’t change them except in rare circumstances.

Your CADE/PCE account is used for:
• logging in to any Linux, macOS, or Windows computer on our Domain (USERS\ or users.coe.utah.edu), including lab machines, Terminal Servers, VDI hosts, or other Virtual Machines.
• connecting/mounting a Network File Share with CIFS/SMB.
• WebPrint and any PaperCut printing services.
• mounting a Network File Share with NFS.

Note: Your CADE/PCE username and passwords are 100% separate and in addition to your CIS or other campus logins and accounts. Some departments may have labs or computers that require specific logins.

Permalink.

How do i set or change the default group on my account?

You must already be a member of said group to change to it as your primary GID.
Use the command ‘groups’ to see what groups you’re a member of, first in the list is primary.

[warthogs@lab1-23 ~]$ groups
csugrad mech_adm telerobotics mechoffice mechprof mediashare src cs6090 cei manu

To change your primary GID for your current session, run the command ‘newgrp’ followed by the name of the group:
[warthogs@lab1-23 ~]$ newgrp telerobotics
[warthogs@lab1-23 ~]$ groups
telerobotics csugrad mech_adm mechoffice mechprof mediashare src cs6090 cei man

If you want the change to persist, either add the command to your login script or contact us and request that we change your accounts primary GID.

Permalink.

What is ‘handin’ and how do I use it to submit my assignment?

‘handin’ is a utility for turning in assignments to a course directory (/home/’course#’/handin/’Assignment’/username). Once turned in, the course professor/instructor or TAs can access the files, but neither you nor other students can see them. Running ‘handin’ will replace same-named files with each successive run. The online webhandin https://webhandin.eng.utah.edu/ form has been discontinued, and is no longer accessible.

Handin is accessed via the command line on the Linux machines. Once a file has been submitted it will be received with the same name. Submitted files can be overwritten by resubmitting, but not retracted. — Check your assignment instructions/handout for the [Assignment] to use when submitting.

Command/Examples:

handin [class#] [Assignment] [/path/to/local-file]

$ handin CS0000 Assign01 ~/Documents/myAssignment.txt

Permalink.

Which machines can I access remotely?

You can access any of the machines within the CADE Lab (Linux) with ssh and NoMachine. For ssh, from a terminal window, use ‘ssh -Y username@machine.eng.utah.edu’, where username is your CADE login. The naming convention for machine is:

CADE
CADE Lab HTML5 Desktop
lab1-X (where X is any number from 1-40)
lab2-Y (where Y is any number from 1-35)

If you are using a Windows system to access these machines remotely, please use Window PowerShell, putty or see our FAQ’s on CADE Lab Remote Access.

Windows Machines:
You can not access the Engman Lab machines directly, but you may access our VMware VDI pools for a lab-machine setup.

Please see the Windows FAQ’s for more information on how to connect to the Windows system.

Permalink.

How do I log into a CADE machine if I get a warning message saying ‘Host Key Verification Failed’?

Likely, the message you recieved looks like this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is(…).
Please contact your system administrator.
Add correct host key in /home/username/.ssh/known_hosts to get rid of this message.
Offending key in /home/username/.ssh/known_hosts:xx
RSA host key for lab-machine has changed and you have requested strict checking.
Host key verification failed.
You can completely delete the existing ‘known_hosts‘ file in your .ssh directory to avoid this message and log in, or as the message states, remove the offending line. The ‘known_hosts’ file will be repopulated, and a machine entry will be added each time you log in to a different machine.

rm ~/.ssh/known_hosts

You can add the correct host key containing entries of all the CADE lab machines from a file on our website, available here.

Permalink.

How do I run GUI/X applications remotely with ssh?

If you are having problems running X applications (or GUI driven, java, etc.) remotely then most likely you need to use the -Y option instead of the -X/-x (i.e. ssh -Yl lab2-4.eng.utah.edu)

This is caused by a new change in any Openssh version newer than 3.7.1

For more information, including other options for running graphical applications consult the SSH or Remote Access FAQ pages.

Permalink.

What is SSH?

Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface and protocol for securely getting access to a remote computer. It is widely used by network administrators to control desktop machines and other kinds of servers remotely.

SSH is actually a suite of three utilities – slogin, ssh, and scp – that are secure versions of the earlier UNIX utilities, rlogin, rsh, and rcp. SSH commands are encrypted and secure in several ways. Both ends of the client/server connection are authenticated using a digital certificate, and passwords are protected by being encrypted. SSH uses RSA public key cryptography for both connection and authentication. Encryption algorithms include Blowfish, DES, and RSA.

If you have Mac OS X or use Linux then you already have the tools you need to remotely log in. Please see the FAQ on “Which CADE machines can I log into” for information on the correct syntax.

For those of you who use Windows and want to be able to use SSH to remotely log in you will need to install and xserver client. We recommend using Windows PowerShell or PuTTY.  There are clients available for Windows like CygwinSecureFX, XMing and SSH for Windows.

Permalink.

What is sftp (as opposed to ‘ftp’)?

SFTP (Secure FTP) provides a secure way to tranfer files to and from /home directories in CADE.  SFTP is alot like regular FTP except that all of its traffic in encrypted.  To use SFTP, open a Terminal/X11/xterm on your machine, or simply get an SFTP client and connect to any of the lab workstations.  There are clients available for Windows like PuTTY SFTP, FileZillaSecureFXSSH for Windows or WinSCP.  If you need help in setting up a client, please read the tutorials:
Installing WinSCP (Windows only).
Using WinSCP(Windows only)

For Mac OS X users wishing a GUI client, try the built-in clientFUGU, FileZilla or Cyberduck.

To make the CADE Lab more secure, we request that everyone use SFTP instead of FTP.

Permalink.

How do I add the list of CADE Lab machines to my list of ‘known_hosts’?

Download the known_hosts file from the ssh directory and place it in the appropriate directory or add the necessary lines to your existing file. Some software may require the list to be in a specific format or that the file be renamed.
www.cade.utah.edu/downloads

Permalink.

Can I change my default shell from ‘tcsh’?

Yes, login to the PCE User Tools page, click the ‘User Modify’ link. There, you can change your ‘Linux Login Shell’ to point to another (ie, csh, bash, zsh, …).

Permalink.