SSH stands for Secure Shell and provides a safe and secure way of executing commands, making changes, and configuring services remotely. When you connect through SSH, you log in using an account that exists on the remote device.
When you connect through SSH, you will be dropped into a shell session, which is a text-based interface where you can interact with the remote device. For the duration of your SSH session, any commands that you type into your local terminal are sent through an encrypted SSH tunnel and executed on the remote device.
For more information about SSH please click here.
Connecting with SSH to CS Lab Machines
The CS department has made it possible for someone to SSH onto any of the open lab machines; however to access a specific machine you must first be connected to the CS network. This can be done by connecting with SSH through schizo.cs.byu.edu.
Schizo is a powerful tool that will drop you onto a range of the open lab machines without needing to connect via the VPN. After successfully connecting using schizo you can ssh into any other machine. For directions on how to connect using schizo please click here.
Setting Up SSH Keys
You will need to do the following in the Linux terminal to create your SSH keys and register them in FreeIPA:
- On your ssh client machine type:
ssh-keygen -t rsa -b 4096, then press enter.
- It will prompt you to create a password. This is optional, but arguably more secure. If you choose to create a password, it will have you enter it twice for confirmation. The key pair is then generated and saved to
~/.ssh/in your home directory. Note: this folder is hidden. In order to see it you will have to use
ls -ain the terminal or hit
Alt+.to toggle “show hidden files/folders” in the file browser (Dolphin).
- Open the file
~/.ssh/id_rsa.pubin a text editor/viewer (Atom, Kate, vim, less, cat, etc.). Copy its contents to the clipboard/buffer.
- In your web browser, go to https://accounts.cs.byu.edu and log in with your CS Account credentials.
- Back in the browser, click the Add button next to the label “SSH public key”. Paste the clipboard/buffer contents into the blank that appears.
- Click the Save button up underneath your username on the page to save the changes you have made.
- Log out of the website by clicking your name in the top right corner of the page and selecting “Logout”.
- Alternatively, you can add the key to
~/.ssh/authorized_keyson a labmachine with one key per line.
- ssh-copy-id [your-username]@[labmachine] from the machine your key is on is also a handy way of adding your key to the authorized_keys file.
X-11 Forwarding with SSH
When remotely accessing a machine through SSH, X-11 forwarding can be used to forward the GUI of a program running on the remote machine to be displayed on the local machine. This is helpful when remotely using a program that can only be run with a GUI, but depending on the OS of the local machine it can take a few steps to set up.
If your machine is running Linux, you'll need to simply add a -X to your ssh command, like so:
ssh -X email@example.com You will remotely access the machine as normal, but now when you run a program with a GUI a window should appear on your local machine with the display.
If your machine runs Windows, your best option is to use PuTTY and an x server application. It is possible to get X-11 forwarding to work on WSL, but the process is much more involved and requires you to edit config files on your machine. If you want to go that route you may do so at your own risk. The instructions below assume you have PuTTY installed.
A free x server option that is verified to work is vcxsvr, but there are other options that you can look into yourself if you feel so inclined. If you do, the following may not apply.
After installing vcxsvr, you'll need to launch it to set some things up. The first window that pops up when you launch the program will have a few display options. Most of the defaults are fine, but take note of the field labeled “display number.” The value defaults to -1, but unless you have a specific reason to do otherwise you should set it to 0. From there you can just click through the options and accept the defaults. You can save this configuration if you want; if you don't you will need to repeat this process each time. Once that is done, launch PuTTY. Proceed as you normally would to SSH into a lab machine, but before you connect go through the menu on the left and select Connection–>SSH–>X11. Check the box labeled “Enable X-11 forwarding.” Below that box is a field labeled “X display location.” If you set “display number” to 0 on vcxsvr you can leave this blank, as that is the default. If for some reason you set it to a different value you will need to specify that here as well. From that point you can connect to a lab machine as you normally would. You should now be able to launch applications with a GUI.
Mac users should install XQuartz on their machine. When launched, the application will pull up a terminal from which you can run your ssh command, only this time you'll want to add “-X” to the command, like so:
ssh -X firstname.lastname@example.org You will connect to a lab machine like normal and should now be able to run graphical programs. As with Windows, there may be other solutions available, and you are welcome to research and use something else if you so choose.