CAEN Knowledge Base
CAEN Knowledge Base

How do I connect to CAEN's Linux Login Service using Secure Shell (SSH)?



 

SSH on Windows Computers

Windows does not provide built-in SSH software, but several third-party programs are available. All CAEN Windows computers offer an SSH program called PuTTY. When you first open PuTTY, a window similar to the one shown below will appear. First, make sure to enter the appropriate Host Name:

  • When connecting from an on-campus network (excluding U-M VPN networks), use: oncampus-course.engin.umich.edu
  • When connecting from an off-campus network, use: login-course.engin.umich.edu

Also make sure SSH is selected as the Connection Type:

Image title

Note: The first time that you use PuTTY to connect to a particular server, you will be asked if you are sure that you want to connect, e.g.:

This is a precaution built into SSH that gives you the opportunity to verify the authenticity of the host before you enter your password. If you are connecting to a known CAEN host, simply click the Yes button to accept the host's fingerprint. This does not actually verify the authenticity of the host. If you have questions about this prompt, or believe you may be the victim of a man in the middle attack, send a description of your concerns to security@engin.umich.edu.

Upon clicking the Yes button, a window will appear and prompt you to log in. Enter your U-M uniqname at the login as prompt, and press Enter. Then when prompted, enter your UMICH password, and press Enter again:

The CAEN Linux Login Service also requires the use of Duo two-factor authentication (2FA). All that is needed is to enroll a device. If you already have a Duo code from SMS message or security token, you can enter it when prompted, or select to have a new code sent to your device:

PuTTY is available for free download at:

 

SSH on Linux & Mac OS Computers

Linux and Mac OS both have built-in, command-line SSH programs. To connect from one Linux or Mac OS computer to another, simply type ssh host at the Terminal prompt, where host is either the alphanumeric hostname or numeric Internet Protocol (IP) address:

  • When connecting from an on-campus network (excluding U-M VPN networks), use: oncampus-course.engin.umich.edu
  • When connecting from an off-campus network, use: login-course.engin.umich.edu

For example, to connect to the CAEN Linux Login Service when on-campus, enter:

example% ssh oncampus-course.engin.umich.edu

If the local user name on your personal computer is different from your U-M uniqname, you will need to specify your uniqname in the command as shown below:

example% ssh uniqname@oncampus-course.engin.umich.edu

The first time that you run SSH to connect to a particular computer, you will be asked if you are sure that you want to connect, e.g.:

The authenticity of host 'example (192.168.1.2)' can't be established.
 RSA key fingerprint is 6f:8c:47:bf:63:5f:e2:fb:80:5b:48:1a:db:81:cc:34.
 Are you sure you want to continue connecting (yes/no)?

As described above with PuTTY, this is a precaution built into SSH that gives you the opportunity to verify the authenticity of the host before you enter your password. If you are connecting to a known CAEN host, simply respond by fully typing yes and pressing Enter to accept the host's fingerprint.

The CAEN Linux Login Service also requires the use of Duo two-factor authentication (2FA). All that is needed is to enroll a device. If you already have a Duo code from SMS message or security token, you can enter it when prompted, or select to have a new code sent to your device:

Duo two-factor login

Enter a passcode or select one of the following options:

  1. Phone call to XXX-XXX-XXXX
  2. Phone call to XXX-XXX-XXXX
  3. SMS passcodes to XXX-XXX-XXXX (next code starts with: 2)

Passcode or option (1-3):

For more information on SSH for Linux or Mac OS, type man ssh at the terminal prompt.