Internet and WWW Guides

Offsite Access

The Department of Computer Science, in common with the University of Liverpool as a whole, and many other institutions, is keen to maintain the security of its computing systems. One possible vulnerability is the transmission of login information (usernames and passwords) "in clear" over the Internet, where they could potentially be gathered by a "sniffer" program, and used to gain unauthorised access.

For some years now, we have been encouraging those accessing the departmental facilities from outside the department to use more secure forms of communication, where the login process (and indeed all traffic) is encpyted before being transmitted over the network. This is now the only form of external access available for both terminal sessions to the departmental Linux farm, and for file transfer to and from individual user filestore.

Terminal Sessions

The mechanism supported is known as "Secure Shell" (or SSH).

Terminal Sessions from Linux and Unix systems

Most Linux distributions will come with ssh support as part of the default installation. Other Unix systems may need to install suitable software (such as OpenSSH - see http://www.openssh.com). Please contact the technical support staff for advice if this is the case.

Having installed the necessary software, a terminal session can be established to one of the two externally-accessible departmental Linux systems using the command

ssh ssh1.csc.liv.ac.uk
or
ssh ssh2.csc.liv.ac.uk

The first time you do this, you will be presented with the "RSA key fingerprint" of the system you are connecting to and asked whether you wish to continue. This is an attempt to prevent another rogue system from masquerading as one of the departmental machines and obtaining your password. Simply answer "yes", and then log in using your username and password as usual. You should then be able to access the full range of facilities on the Linux system, including graphical windowed applications.

It is also possible to run a single command on the remote system, rather than logging in completely. Simply add the desired command (together with any command-line options) after the hostname:

ssh ssh2.csc.liv.ac.uk ls -l

Terminal Sessions from Windows systems

Microsoft Windows does not include an SSH client, so you will need to install this separately. There are two commonly used clients - PuTTY (available as http://www.chiark.greenend.org.uk/~sgtatham/putty/latest/x86/putty-0.56-installer.exe) or "SSH Secure Shell for Windows" (available as SSHSecureShellClient-3.2.9.exe). In both cases, run the installer in the usual manner.

Terminal Sessions using PuTTY

This application can be run via an entry on the Start Menu, and will usually be found under Programs->PuTTY [ CHECK THIS ] This will display an initial configuration window:
PuTTY configuration window
Enter the hostname ("ssh1.csc.liv.ac.uk" or "ssh2.csc.liv.ac.uk") in the field provided, and ensure that the SSH radio button is checked. This should automatically set the value in the Port field to 22. Then click "Open".

A new terminal window will appear, and you will be prompted for your username and password, as usual:
PuTTY login window
Once you've logged in, this window will give you a command-line prompt, at which you can type any Linux command, just as if you were using the departmental systems directly.

NOTE: Unlike running SSH from a Linux system, this connection does *NOT* automatically support running graphical Linux applications. The Microsoft Windows system is not a networked graphical environment, and will not display separate windows from an application running on a remote system. This means that only terminal-based Linux applications can be used. Graphical editors, web browsers, mail clients, etc will not work.

Suggestions and advice for suitable applications will be made available separately.

Terminal Sessions using Secure Shell

This application can be run via an entry on the Start Menu, and will usually be found under Programs->SSH Secure Shell->Secure Shell Client (although on the departmental Windows systems, this is actually under Programs->Unix->SSH Secure Shell->Secure Shell Client) This will display a basic (unconnected) terminal window:
SSH terminal window
To connect to one of the departmental Linux farm machines, click on "Quick Connect" and enter the hostname and username in the fields provided:
SSH connection dialog
Once again, use one of the two externally-accessible hosts "ssh1.csc.liv.ac.uk" or "ssh2.csc.liv.ac.uk".

The first time you connect to a particular host, you will be asked to verify the host identification:
SSH host verification dialog
Just click "Yes". Enter your password in the next dialog box, and click "OK". The terminal window will then give you a command line prompt, at which you can type any Linux command, just as if you were using the departmental systems directly.

NOTE: Unlike running SSH from a Linux system, this connection does *NOT* automatically support running graphical Linux applications. The Microsoft Windows system is not a networked graphical environment, and will not display separate windows from an application running on a remote system. This means that only terminal-based Linux applications can be used. Graphical editors, web browsers, mail clients, etc will not work.

Suggestions and advice for suitable applications will be made available separately.

File Transfer

The same SSH mechanism can also be used to transfer files between two systems in a secure manner, without allowing a sniffing application to see either the username and password, or the contents of the files themselves.

File Transfer from Linux and Unix systems

The SSH suite on Linux and Unix systems includes two commands that can be used to transfer files between your local system and the departmental Linux farm.

The scp command (or "secure remote copy") works in a similar way to the standard cp command, but one (or both!) of the source and destination parameters are specified using the syntax {user}@{host}:{filename}.

So to copy a file myCV from your local machine to your departmental filestore (where it will be backed up regularly as part of the department's standard dumping scheme), use the command

scp myCV cs4xyz@ssh1.csc.liv.ac.uk:beltCV

(specifying your own username instead of cs4xyz!) You will be prompted for your password, and the command will then display a running report of the progress of transferring the file.

To copy a file in the other direction, from the departmental filestore to your local system, just use the {user}@{host}:{filename} syntax with the first parameter instead:

scp cs4xyz@ssh2.csc.liv.ac.uk:beltCV bracesCV

[ TO DO - DESCRIBE sftp ]

File Transfer from Windows systems

[ TO DO - DESCRIBE "Secure File Transfer Client" ]
SSH terminal window