SSH: Difference between revisions

From CCN Wiki
Jump to navigation Jump to search
No edit summary
Line 2: Line 2:


In order to connect via SSH, you will need an SSH client, and different operating systems will use different SSH clients. Though there are many alternatives, suggested clients are provided below.
In order to connect via SSH, you will need an SSH client, and different operating systems will use different SSH clients. Though there are many alternatives, suggested clients are provided below.
'''IMPORTANT: See NOHUP section below before running commands over a remote connection'''


== Windows ==
== Windows ==
Line 47: Line 49:
But I've done it many times now from my kitchen table to use simple text editors, and it hasn't been too ridiculous. On the other hand, it probably isn't a practical way to edit 3D fMRI data (but it can handle MATLAB scripts running SPM pretty well).
But I've done it many times now from my kitchen table to use simple text editors, and it hasn't been too ridiculous. On the other hand, it probably isn't a practical way to edit 3D fMRI data (but it can handle MATLAB scripts running SPM pretty well).


=== File transfer over SSH ===
==Linux==
See the instructions for OSX. Also, don't be daft. If you've committed to Linux, you probably already know how to do this.
 
== File Transfer ==
=== SSH ===
You can use SSH as a handy means of transferring files. SFTP is a Secure File Transfer Protocol over SSH.
You can use SSH as a handy means of transferring files. SFTP is a Secure File Transfer Protocol over SSH.


Line 56: Line 62:
  <code>get filename</code>
  <code>get filename</code>


==Linux==
See the instructions for OSX. Also, don't be daft. If you've committed to Linux, you probably already know how to do this.


==SCP==
=== SCP ===
'''SCP''' stands for '''S'''ecure '''C'''o'''p'''y, which is a quick and easy way to transfer files to and from multiple machines.  Below are examples for transferring files in a variety of situations.  Use an IP address for Broca's, Wernicke's, etc. in place of "remotehost" below.  If you are using windows SSH, or are already using an SSH connection, the localhost is the host on which you are currently connected.  On linux (and probably Mac OSX) the scp command functions independently from ssh (like SFTP).  
'''SCP''' stands for '''S'''ecure '''C'''o'''p'''y, which is a quick and easy way to transfer files to and from multiple machines.  Below are examples for transferring files in a variety of situations.  Use an IP address for Broca's, Wernicke's, etc. in place of "remotehost" below.  If you are using windows SSH, or are already using an SSH connection, the localhost is the host on which you are currently connected.  On linux (and probably Mac OSX) the scp command functions independently from ssh (like SFTP).  


Line 88: Line 92:
Or with Tar:
Or with Tar:
  <code>tar -czvf foldername.tar.gz foldername</code>
  <code>tar -czvf foldername.tar.gz foldername</code>
== NOHUP ==
Running programs are terminated by the operating system with a hangup (''SIGHUP'') signal. If you've ever had to stop a hanging program in Windows or OSX, you've killed a process with a HUP signal (or the equivalent).
Unfortunately, when you log out of a terminal, a SIGHUP is processed by the operating system that terminates all the programs that are running in that terminal session. This is a problem if you logged into a computer from your home laptop and are running a script for a long period of time (e.g., many of the FreeSurfer steps take hours to run). If you log out of your SSH session, or if your connection drops for some reason, your program will stop prematurely!
This can be avoided by prefixing your commands with the <code>nohup</code> and running it in the background with the ampersand, like the following example:
nohup autorecon1.sh 501 T1_ &
All the program output gets sent to a file called ''nohup.out'' in your current working directory, but otherwise the program runs as normal, even if you log out of your SSH session. Note that, because the program output is not echoed to the terminal window, you will not immediately be alerted to any errors that may occur. It is recommended that you echo the contents of the nohup.out file after a moment or two, to make sure that things are running as expected:
cat nohup.out

Revision as of 10:55, 26 April 2016

SSH stands for Secure SHell. More information about SSH can be found here, but in a nutshell, it is an encrypted connection to a Unix/Linux terminal. Because much of what we do in the lab is done through the terminal, connecting to our lab computers via SSH allows you to get things done without being physically in the lab.

In order to connect via SSH, you will need an SSH client, and different operating systems will use different SSH clients. Though there are many alternatives, suggested clients are provided below.

IMPORTANT: See NOHUP section below before running commands over a remote connection

Windows

The suggested SSH client for computers running Windows is called PuTTY , and the latest version of the program can be found here. This program does not need to install a bunch of files or modify your computer in any way in order to run. Simply download putty.exe, copy (or move) this file to whichever directory you prefer (e.g., C:\Windows\Program Files x86\PUTTY\) and launch it.

Note that the fact that this simple program doesn't do a big installation song and dance is a blessing and a curse: It's really compact and doesn't muck up your computer with stuff you don't want. On the other hand, you won't have the benefit of having a handy Start Menu shortcut being created for you. You will either have to find the putty.exe file on your computer each time you want to connect, or else create a menu or desktop shortcut manually.

Connecting in PuTTY

When you launch PuTTY, you will see a configuration window similar to the one below:

Putty settings.png

The important information you need to know are the Host Names (or IP addresses) of the computers you wish to connect to. In our lab, we have two workstations, wernickesarea and brocasarea.

  1. To connect to either of them, you need to enter the IP address for either wernickesarea (128.205.173.202) or for brocasarea (128.205.172.41) into the first box (in the image above, replace example.com with the appropriate IP address)
  2. When you have done so, click the Open button.
  3. If this is your first time connecting to a particular computer, you will see a window labeled PuTTY Security Alert. Just hit the Yes button. All this window is saying is that the program does not yet have the encryption key being used by the computer you are talking to (this warning is to alert you to the potential for certain types of hacks).
  4. Once the SSH Connection is open, you should see a terminal prompt asking for your username (this will likely be your first name)
    • Enter your username and hit the Enter key
  5. Next, you will be asked to enter your password
    • Enter your password and hit the Enter key
    • Please note that you will NOT see your cursor moving, or any characters typed (such as ******), when typing your password. This is a standard PuTTY security feature.

Assuming your username/password credentials check out, you will now find yourself with a terminal connection and in your home directory, just as though you are logged in and have launched a new terminal window. You can use this terminal window to perform any tasks that do not launch applications that have a graphical user interface. For example, you can use a text editor like nano to edit and run a script, or check on the progress of some ongoing process.

Mac OSX

The good news is that OSX is Unix/Linux under the hood, and that you already have a command-line SSH client installed. In fact, it's slightly more flexible because you can use it to launch programs that have a graphical interface (although you might find some programs run too slowly over the internet to be very useful).

Connecting with the ssh command

  1. Open up a terminal window
    • If you have never done this, you will find it under Applications/Utilities/Terminal
  2. In your terminal window, type ssh 128.205.xxx.yyy, where xxx.yyy depend on whether you wish to connect to brocasarea or wernickesarea (see the IP addresses above in the instructions for Windows users)
  3. You will be prompted for your username and your password

After a successful login, you will find yourself with a terminal connection and in your home directory, just as though you had logged in and launched a terminal window on one of the computers in the lab.

Connecting with the ssh command using Xwindows

The Xorg window server is the system that Unix computers use to draw windows and other graphic elements on the screen. If you have an Xorg client installed on your Mac OSX computer, you can have your local screen accept these graphical instructions from the remote computer. This would let you run remote applications that have a graphical user interface. To use X, simply use the -X command line switch when connecting (that's an upper-case X):

ssh -X 128.205.xxx.yyy

Where can I get an Xorg client?

The OSX Xorg client is calle XQuartz (homepage: www.xquartz.org). If you go to that website, you can download the .dmg installer.

Is a connection that uses Xorg slow?

Yep.

But I've done it many times now from my kitchen table to use simple text editors, and it hasn't been too ridiculous. On the other hand, it probably isn't a practical way to edit 3D fMRI data (but it can handle MATLAB scripts running SPM pretty well).

Linux

See the instructions for OSX. Also, don't be daft. If you've committed to Linux, you probably already know how to do this.

File Transfer

SSH

You can use SSH as a handy means of transferring files. SFTP is a Secure File Transfer Protocol over SSH.

For example:

SFTP username@hostIP
get filename


SCP

SCP stands for Secure Copy, which is a quick and easy way to transfer files to and from multiple machines. Below are examples for transferring files in a variety of situations. Use an IP address for Broca's, Wernicke's, etc. in place of "remotehost" below. If you are using windows SSH, or are already using an SSH connection, the localhost is the host on which you are currently connected. On linux (and probably Mac OSX) the scp command functions independently from ssh (like SFTP).

Copying a file from a remote host to a local host:

scp your_username@remotehost:directory/filename /some/local/directory 

Copying a file from a local host to a remote host:

scp directory/filename your_username@remotehost:/some/remote/directory 

Copying a file(s) from a local host to your home folder on a remote host:

scp filename1 filename2 your_username@remotehost:~ 

Copying a file from one remote host to another remote host:

scp your_username@remotehost1:/some/remote/directory/filename \
your_username@remotehost2:/some/remote/directory/ 

Copying multiple files from a remote host to your current local directory

scp your_username@remotehost:/some/remote/directory/\{filename1,filename2,filename3\}

Copying multiple files from your home folder on a remote host to your current local directory

scp your_username@remotehost:~/\{filename1,filename2\}

If you want to transfer a folder, you'll first need to compress it recursively.

With Zip:

zip -r foldername.zip foldername

Or with Tar:

tar -czvf foldername.tar.gz foldername

NOHUP

Running programs are terminated by the operating system with a hangup (SIGHUP) signal. If you've ever had to stop a hanging program in Windows or OSX, you've killed a process with a HUP signal (or the equivalent).

Unfortunately, when you log out of a terminal, a SIGHUP is processed by the operating system that terminates all the programs that are running in that terminal session. This is a problem if you logged into a computer from your home laptop and are running a script for a long period of time (e.g., many of the FreeSurfer steps take hours to run). If you log out of your SSH session, or if your connection drops for some reason, your program will stop prematurely!

This can be avoided by prefixing your commands with the nohup and running it in the background with the ampersand, like the following example:

nohup autorecon1.sh 501 T1_ &

All the program output gets sent to a file called nohup.out in your current working directory, but otherwise the program runs as normal, even if you log out of your SSH session. Note that, because the program output is not echoed to the terminal window, you will not immediately be alerted to any errors that may occur. It is recommended that you echo the contents of the nohup.out file after a moment or two, to make sure that things are running as expected:

cat nohup.out