When class and project accounts are created, access is granted via ssh keys. You are typically asked to generate an ssh keypair by logging into one of the CS Linux systems and running ssh-keygen per the associated FAQ. Once this is done, you can then login to a CS Linux system as yourself and then ssh from there to the project or class account by running something like the following:

ssh a123@sharks.cs.indiana.edu

If this is working correctly, you are prompted for an ssh passphrase (not a password) and you can then login using the passphrase you used when you created your ssh keypair.

However, it is possible to set things up so you can ssh directly to the class or project account from your Windows PC without having to log in as yourself first. The procedure for setting this up is different for each Windows ssh client and instructions for the SSH.Com client and PuTTY are shown below. The general idea is that you will need to generate a new keypair using your PC SSH client, export that key, and install it in the authorized_keys file for the project or class account.

PuTTY

PuTTY is a very nice, free ssh client for Windows. If you don't already have PuTTY installed, go to the PuTTY Homepage, click on the download link, and then download the putty.exe file as well as the PuTTYgen executable, puttygen.exe. While you are there, you will probably also want to download the file transfer client, psftp.exe. You only need these exe files and no further installation is needed. Once you have PuTTY, follow these instructions to set up access to your CS project or class account:

1. Run puttygen.exe to generate a key pair. Once you start puttygen you just need to click on Generate and then move the mouse as instructed. Then enter the passphrase you want to use, which will be the passphrase you will use when logging into your CS account or a CS class account. When this is done, you need to click on the Save private key button to save the key file. You can name this file anything you want but this example assumes you save this file with the name MyPuttyKey and using the default .ppk file extension. You can save this file anywhere you want (ie. on the Desktop or in My Documents).

2. After you save your private key file you then need to get the public key over to the CS account you are wanting to connect to. For example, if you are trying to connect to your own CS account you need to put the public key into ~/.ssh/authorized_keys. If you are connecting to a class or project account on the CS systems then you will need to add the public key to the authorized_keys file for that account (which may be something like ~c123/.ssh/authorized_keys. From the puttygen window, you will see a box labeled Public key for pasting into OpenSSH authorized_keys file: so just cut/paste that into the appropriate authorized_keys file. Note that this must appear in the authorized_keys file on one single line. No line breaks are allowed so be sure the cut/paste process didn't introduce any newlines.

   If you have trouble doing this via cut/paste then you can also save the public key to a file by clicking on the Save public key button in puttygen. Once you have this file you can transfer it to the CS system and add the contents of this file to the appropriate authorized_keys file.

   If this is a CS class or project account that you don't already have access to then you will have to post a request for help using the CSG help desk and we can add your public key to the appropriate authorized_keys file.

3. You are now ready to start PuTTY (by just running putty.exe) and setting things up as follows:
   • You need to tell PuTTY to use the public key you just created for authentication. To do this, go to the Connection->SSH->AUTH category in PuTTY. Under Private key file for authentication enter (or browse to) the private key file you just created (MyPuttyKey.ppk in our example).

   • Go to the Connection->Data category and enter the username you want to login as in the Auto-login username box.

   • Go back to the Session category and enter the Host Name of the system you want to connect to (such as sharks.cs.indiana.edu or burrow.cs.indiana.edu).

   • Enter a session name you want to use under Saved Sessions and click Save to save this session. This allows you to connect using these settings without having to re-enter all of these settings.

4. Once you have created this saved PuTTY session, you can then run it by just starting PuTTY, clicking on the saved session name, clicking Load, and then clicking Open. If all goes well, you should then see a window that shows something like:

   Using username "c123".
   Authenticating with public key "rsa-key-20080428"
   Passphrase for key "rsa-key-20080428":

   At this prompt, just enter the passphrase you used when you generated your ssh key (via puttygen) and you should be able to login.

   If you instead get a Password: prompt then something went wrong and it wasn't able to use your key. The things to check in this case are to be sure you have the right private key loaded in PuTTY and to be sure you have the corresponding public key properly added to the .ssh/authorized_keys file for the local CS account you are trying to connect to.

   SSH.Com Client

   The SSH client from SSH.Com is installed on some CS Windows systems and here is the procedure for this client:
   1. Start the SSH Secure File Transfer Client - Part of the process will involve uploading your public key to your CS account so you should go ahead and start up the SSH file transfer client and connect to a CS system like sharks.cs.indiana.edu or burrow.cs.indiana.edu. Just hit Enter after you start the file transfer client and login using your normal CS account password.

   2. Generate Your Key - You can generate an ssh keypair using the Windows SSH.Com client as follows:
      • Start the SSH client and select Settings... from the Edit menu.
      • From the Settings windows, go to Global Settings->User Authentication->Keys
      • Under Key pair management click on Generate New.
      • Click Next to start the generation
      • The default key type is a 2048-bit DSA key which is fine so just click Next to accept that
      • It takes a minute or so for the key generation process. When this is done, just click Next to continue.
      • Enter a filename. Since you will be copying this file to your CS Linux account I would recommend picking a filename that is alphanumeric with no spaces.
      • Enter a comment. This can be anything you want.
      • Enter the passphrase. While it is possible to create a key with an empty passphrase you are strongly advised against doing so. Just enter the passphrase you want to use and then click Next.
      • Click on the Upload Public Key button to upload your public key to your CS Linux account. You should already be connected (from step 1) so you should get the Upload Public Key dialog window. You should just accept the defaults for everything except Destination folder which should be .ssh instead of the default .ssh2. Just click Upload to finish. If this worked properly, you should now have a file in your ~/.ssh directory on the CS systems with the name of your key and the .pub extension.

   3. Convert Your Key - The public key format used by the ssh.com Windows client and OpenSSH on the CS Linux systems is not compatible but you can easily convert between the formats. If you have a public key file named FromWindows.pub you can convert it to OpenSSH format by running the following on the CS Linux systems:

      cd ~/.ssh
      ssh-keygen -i -f FromWindows.pub > OpensshFormat.pub

   4. Add the Key to Your Authorized Keys File - The keys that are used for authorization to your account are stored in your ~/.ssh/authorized_keys file. You can add this new key with:

      cd ~/.ssh
      cat OpensshFormat.pub >> authorized_keys

   5. Add the Key to the Authorized Keys File For Any Project or Class Accounts - If you want to use this key to gain access to project or class accounts on the CS systems you will also need to add the key to the .ssh/authorized_keys file for that account. If you already have access to the account, you can add the key yourself a number of ways but here is one way you can do this while logged in as yourself on a CS Linux systems:

      cd ~/.ssh
      scp OpensshFormat.pub a123@sharks:.ssh/username.pub
      ssh a123@sharks
        -> Login to the account
      cat .ssh/username.pub >> .ssh/authorized_keys

      In this example, replace a123 with the name of your project or class account and replace username with your username.

      If you don't yet have access to the account, then you will have to Post a request to the CSG Help Desk asking for access and letting us know what key you want to use.

   Once this is done, you will be able to connect to the account using the passphrase you used to generate the key. I recommend using profiles to make it easier to connect if you are using multiple accounts (ie. your normal CS account as well as project and/or class accounts). For example, you can create a new profile as follows:

   1. Just connect to the remote system of your choice (like sharks.cs.indiana.edu or burrow.cs.indiana.edu) using either your normal username or the username of the class or project account.

   2. If everything is working properly, you should be prompted for your passphrase. The passphrase dialog window should be titled "Enter Passphrase for Private Key keyname" where keyname is the name you used when you generated the key.

   3. Once you get logged in, you should see an "Add Profile" popup. Just enter the name of the new profile and click the Add to Profiles button.

   Once the profile is added, you can connect by just clicking on the Profiles icon from within the ssh client and then select the desired profile.

[Return to the FAQ index]