How do I connect to CAEN's Linux Login Service using Secure Shell (SSH)?
Secure Shell (SSH) is a protocol used to connect to remote computer systems over the Internet. It encrypts all data sent between systems to guard against security threats, such as hackers watching the network for the transmission of clear-text passwords and other unencrypted information. When authenticating to a remote system, the SSH password prompt will show no visual indication of key presses. This is an additional security measure, because if each key press were replaced by a *, a hacker could determine the length of your password, making it easier to guess.
SSH on Windows Computers
Windows does not provide built-in SSH software, but several third-party programs are available. All CAEN Windows computers offer an SSH program called PuTTY. When you first open PuTTY, a window similar to the one shown below will appear. Simply enter the Host Name (for example, login-course.engin.umich.edu for CAEN, or login.itcs.umich.edu for ITS) you wish to connect to, and make sure SSH is selected:
Upon clicking the Open button, a window will appear and prompt you for your UMICH.EDU Kerberos password.
PuTTY is available for free download at:
SSH on Linux & Mac OS Computers
Linux and Mac OS both have built-in, command-line SSH programs. To connect from one Linux or Mac OS computer to another, simply type ssh host at the Terminal prompt, where host is either the alphanumeric hostname or numeric Internet Protocol (IP) address of the host:
example% ssh login-course.engin.umich.edu
If the local user name on your personal computers is different from your U-M uniqname, you will need to specify your uniqname in the command:
example% ssh email@example.com
The first time that you run SSH to connect to a particular computer, you will be asked if you are sure that you want to connect, e.g.:
The authenticity of host 'example (192.168.1.2)' can't be established.
RSA key fingerprint is 6f:8c:47:bf:63:5f:e2:fb:80:5b:48:1a:db:81:cc:34.
Are you sure you want to continue connecting (yes/no)?
This is a precaution built into SSH that gives you the opportunity to verify the authenticity of the host before you enter your password. If you are connecting to a CAEN host, simply respond by fully typing yes to accept the host's fingerprint. This does not actually verify the authenticity of the host; CAEN does not provide any mechanism for checking fingerprints before logging into a server.
If the host's fingerprint ever changes, you will again be prompted to accept the new fingerprint. If you are ever concerned about this prompt, or believe you may be the victim of a man in the middle attack, you should email firstname.lastname@example.org.
For more information on SSH, type man ssh.