start:mogon_cluster:access_from_outside_windows

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
start:mogon_cluster:access_from_outside_windows [2020/07/15 18:29]
jrutte02
start:mogon_cluster:access_from_outside_windows [2021/07/08 18:02] (current)
meesters [using Windows] PuTTY behind PowerShell (lexicographically correct and hopefully less trouble)
Line 1: Line 1:
-====== Access MOGON from outside of the university network using Windows ====== 
- 
-<tabs> 
-  * [[#tab-putty|Using PuTTY]] 
-  * [[#tab-mobaxterm|Using MobaXterm]] 
- 
-<pane id="tab-putty"> 
-==== Using PuTTY ==== 
- 
-<alert type="danger" dismiss="true" icon="fa fa-warning">Work In Progress</alert> 
- 
-Download [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html|PuTTY]] (preferrably use the MSI installer package((because in addition to the plain ''putty.exe'' you will most definitely need ''plink.exe'' for proxy connection, ''puttygen.exe'' for  key generation and ''pageant.exe'' for key-based authentication))) and install it on your computer. The following steps will show you how to configure the PuTTY terminal. 
- 
-<callout type="tip" icon="true" title="Add your SSH-Key to MOGON"> 
-If you have not yet deployed your SSH-Key on MOGON, please follow [[:start:mogon_cluster:basic_authentication#add_ssh-key_to_mogon|these]] instructions to add your public key to MOGON. 
-</callout> 
- 
-^ Download putty and install ^ 
-| {{ ::putty_directory.png?direct&512 |}} | 
- 
- 
-==== Access MOGON - RSA Authentication ==== 
- 
-Before being able to transparently proxy your connection to MOGON service nodes through the ''sshgate'', you need to connect to the host manually once and accept the SSH host key. So first open PuTTY and enter ''hpcgate.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22''. When PuTTY prompts you for host key validation, accept it. Then close the window again. 
- 
-  - First start a new PuTTY Session and enter the ''HostName'' of the MOGON service node you want to access. 
-  - In the menu on the left side, select the category ''Connection'' and then the subcategory ''Data'' 
-    * Fill in your ''<username>'' in the field ''Auto-login username'' 
-  - Now select ''Proxy'' in the category ''Connection'' and  
-    - Fill in ''hpcgate.zdv.uni-mainz.de'' for the ''Proxy hostname'', 
-    - Enter your ''<username>'' in the field ''Username'',  
-    - Enter ''"C:\Program Files\PuTTY\plink.exe" -4 -P %proxyport -l %user %proxyhost  -nc %host:%port'' as local proxy command. \\ {{fa>warning?fw}} Maybe the path to ''plink.exe'' is different on your system. Make sure you have checked the path before. {{fa>warning?fw}} 
-  - Within the ''Connection'' category select ''SSH'' and then the subcategory ''Auth''. **Disable** ''Allow agent forwarding'' and enable ''Attempt authentication using Peagant**. 
-  - Now go back to the ''Session'' category and enter a name for your session in the field under ''Saved Sessions''. Click on ''Save'' afterwards. 
- 
- 
-  * Start a new Putty Session and enter the ''Host Name'' of the MOGON service node. On the left side, select the category ''Connection''. 
-  * Click on "Data" and type in your username. 
-  * Now choose the category "Proxy" and set the Proxy type to local. 
-  * Change the Proxy Hostname and Port to ''mogon-login.zdv.uni-mainz.de'' and ''22022''. 
-  * Type in your MOGON username again and also enter your password((You really need to store the password in this dialog. If you are security-aware and are hesitant to store your password, use the key-based authentication method.)). 
-  * Enter ''plink.exe -nc %host:%port  -l %user -pw %pass -P %proxyport %proxyhost'' as the local proxy command. 
-  * On the "Session" page, select the connection type SSH, enter ''<username>@mogon.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22''.\\ 
-  * Finally, choose a name for the Session (e.g. ''mogon.zdv.uni-mainz.de'') and save the session profile for further use.\\ 
- 
- 
-==== Access to MOGON I - Password Authentication ==== 
- 
- 
-Before being able to transparently proxy your connection to ''mogon'' through the ''mogon-login'' host, you need to connect to the host manually once and accept the SSH host key. So first open Putty and enter ''mogon-login.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22022''. When Putty prompts you for host key validation, accept it. Then close the window again. 
- 
-^ Accepting the host key for ''mogon-login'' ^^^ 
-| {{ ::putty_login.png?direct&320 |}} | {{ ::putty_login_host_key.png?direct&320|}} | {{ ::putty_login_close.png?direct&320|}} | 
- 
-  * Start a new Putty Session. On the left side, select the category "Connection". 
-  * Click on "Data" and type in your username. 
-  * Now choose the category "Proxy" and set the Proxy type to local. 
-  * Change the Proxy Hostname and Port to ''mogon-login.zdv.uni-mainz.de'' and ''22022''. 
-  * Type in your MOGON username again and also enter your password((You really need to store the password in this dialog. If you are security-aware and are hesitant to store your password, use the key-based authentication method.)). 
-  * Enter ''plink.exe -nc %host:%port  -l %user -pw %pass -P %proxyport %proxyhost'' as the local proxy command. 
-  * On the "Session" page, select the connection type SSH, enter ''<username>@mogon.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22''.\\ 
-  * Finally, choose a name for the Session (e.g. ''mogon.zdv.uni-mainz.de'') and save the session profile for further use.\\ 
-When you now click on "Open", you connect directly to one of the MogonI login nodes. You might have to accept another host key for them, but that's fine. 
- 
-^ Example configuration with the username ''schlarbm'' ^^^ 
-| {{ ::putty_data.png?direct&320 |}} | {{ ::putty_proxy.png?direct&320 |}} | {{ ::putty_save_session.png?direct&320 |}} | 
- 
-==== Access to MOGON II - RSA Authentication ==== 
- 
-Authentication on MogonII is done via a RSA key pair. 
- 
-If **you don't have a RSA key** saved in a directory on your computer, doubleclick ''puttygen.exe'', generate your key and save it into your favourite directory on your computer. 
- 
-If **you already have a RSA key** saved in a directory on your computer proceed as follows: 
- 
-**First step** is to deploy your RSA public key on the ''mogon-login''-host. ''mogon-login''-host is part of the demilitarized zone that allows access to MOGON I/MOGON II cluster from outside the university network. 
-  * Before being able to transparently proxy your connection to ''MogonII'' through the ''mogon-login'' host, you need to connect to the host manually once and accept the SSH host key. 
-  * Open Putty, enter ''mogon-login.zdv.uni-mainz.de'' in the Host Name field, use the Port ''22022'' and click ''Open''. When Putty prompts you for host key validation, accept it. 
-  * Authenticate yourself with your <zdv_account> and your password. 
-  * Deploy your public key on mogon-login host in <code bash>~/.ssh/authorized_keys</code> 
- 
-^ Accepting the host key for ''mogon-login'' ^^ 
-| {{ ::putty_login.png?direct&512 |}} | {{ ::putty_login_host_key.png?direct&512|}} | 
- 
-^ Copy your public key from .ppk-file^^ 
-| {{ ::open_my_private_key.png?direct&512 |}} | {{ ::copy_public_key.png?direct&512 |}} | 
- 
-^ paste with Shift+Insert^^ 
-| {{ ::mogon_login_vim_aut.png?direct&512 |}} | {{ ::mogonII_authorized_keys.png?direct&512 |}} | 
- 
-**Second step** is to deploy your RSA public key on the ''mogon''-host. The ''mogon''-host is a reference to the actual MogonI-login-nodes that allocate resources from the compute-nodes of MOGON I. 
- 
-  * Deploy your public key on MOGON I. Because your home directory is the same on MOGON I and MOGON II clusters, it is sufficient to deploy your public key on either one of them. Because MOGON II only allows access with RSA authentication, you [[#access_to_mogon_i_-_password_authentication | access MOGON I via password authentication]], **deploy your public key again** in <code bash>~/.ssh/authorized_keys</code> and close the connection again. 
- 
- 
-**Third step** is to open the ssh-connection to MOGON II with RSA authentication. 
-  * Start ''pageant.exe'' and load your RSA key. 
- 
-^ Load RSA key in SSH authentication agent for PuTTY, PSCP, PSFTP, and Plink ^^ 
-| {{ ::pageant_view_keys.png?direct&512 |}} | {{ ::pageant_add_key.png?direct&512 |}} | 
-| {{ ::pageant_select_private_key.png?direct&512 |}} | {{ ::pageant_enter_pw.png?direct&512 |}} | 
- 
-  * Start ''putty.exe'' and load default settings. 
-  * Go to //Connection->SSH->Auth// and choose //"Allow agent forwarding"// 
-  * Go to //Connection->Proxy// and set the Proxy type to local. Change the Proxy Hostname and Port to ''mogon-login.zdv.uni-mainz.de'' and ''22022''. Type in your MOGON username. Enter ''plink.exe -A -agent -nc %host:%port -l %user -P %proxyport %proxyhost'' as the local proxy command 
-  * Go to //Connection->Data// and enter <your_username> again as //"Auto-login username"// 
-  * Go to //Session//, select the connection type SSH, enter ''<username>@miil01.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22''. 
- 
-  * Finally, choose a name for the Session (e.g. ''mogon2'') and save the session profile for further use. 
-When you now click on "Open", you connect directly to one of the MOGON II login nodes. You might have to accept another host key for them, but that's fine. 
- 
-^ Example configuration^^ 
-| {{ ::putty_auth_mII.png?direct&512 |}} | {{ ::putty_data_mII.png?direct&512 |}} | 
-| {{ ::putty_proxy_mII.png?direct&512 |}} | {{ ::putty_session.png?direct&512 |}} | 
- 
- 
-==== Access to MOGON I - RSA Authentication ==== 
- 
-The only difference in the connection to MOGON I via RSA authentication is the hostname. Follow exactly the same steps as for MOGON II but instead of ''miil02'', use ''mogon'' as hostname (the MOGON I Login-Node) in your configuration. 
-  * Replace the hostname <zdv_account>@miil02.zdv.uni-mainz.de with <zdv_account>@mogon.zdv.uni-mainz.de. 
- 
-<callout type="info" title="Generating an SSH Key Pair" icon="true"> 
-**In case you don't have** a ssh key yet you can follow [[start:mogon_cluster:access#how_to_set_up_ssh-keys_for_mogon|these]] guideline.  
-</callout> 
- 
-==== X11 Forwarding ==== 
- 
 <grid> <grid>
-<col lg="6md="12" sm="12" xs="12">+<col xs="12sm="12" md="12" lg="6">
  
-To enable X11 forwarding click on ''X11'' in the ''SSH'' subcategory, and click on the ''Enable X11 forwarding'' option. Make sure that the remote X11 authentication protocol is set to ''MIT-Magic-Cookie-1''. +<jumbotron> 
- +===== Accessing MOGON===== 
-Be sure to add ''-X'' to the local Proxy command line. +==== using Windows ==== 
- +</jumbotron>
-X11 forwarding requires either X-Win32 or [[http://www.zdv.uni-mainz.de/4534.php|Xming]] to be installed on your computer.+
 </col> </col>
-<col lg="6md="12" sm="12" xs="12"> +<col xs="12sm="12" md="12" lg="6"> 
-<image shape="thumbnail">{{:start:mogon_cluster:putty_x11_1.png?nolink|}}</image>+<list-group> 
 +  * {{fa>external-link?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:using_mobaxterm|using MobaXterm]] 
 +  * {{fa>terminal?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:using_powershell|using PowerShell]] 
 +  * {{fa>tty?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:using_putty|using PuTTY]]   
 +  * {{fa>key?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:creating_sshkeys_on_windows|Creating SSH-Keys for MOGON on Windows]] 
 +</list-group>
 </col> </col>
 </grid> </grid>
- 
- 
-==== Copying files from/to Mogon ==== 
- 
-The most recommended way to access the filesystem on Mogon is using **[[filesystems#ftp|FTPS]]**, as described on that page. 
- 
-If you //must// use WinSCP, configure it according to these screenshots (the Proxy configuration from PuTTY does not seem to work): 
- 
-^ Example configuration with the username ''schlarbm'' ^^ 
-| {{ ::winscp1.png?direct&512 |}} | {{ ::winscp2.png?direct&512 |}} | 
-| {{ ::winscp3.png?direct&512 |}} | {{ ::winscp4.png?direct&512 |}} | 
-</pane> 
- 
-<pane id="tab-mobaxterm"> 
-==== Using MobaXterm ==== 
- 
-For this article we have used ''MobaXterm Home Edition v20.2 (Portable edition)''. Download ''MobaXterm'' first if you have not already done so. 
- 
-<callout type="tip" icon="true" title="Add your SSH-Key to MOGON"> 
-If you have not yet deployed your SSH-Key on MOGON, please follow [[:start:mogon_cluster:basic_authentication#add_ssh-key_to_mogon|these]] instructions to add your public key to MOGON. 
-</callout> 
- 
-Start the application abd click on the ''Session'' button to start a new session: 
- 
-{{ :start:mogon_cluster:mobaxterm_proxyjump_1.png?800 }} 
- 
-Choose ''SSH'' to create a new SSH session. The session you create is automatically saved: 
- 
-{{ :start:mogon_cluster:mobaxterm_proxyjump_2.png?800 }} 
- 
-Fill in the fileds ''Remote host'' and specify your ''Username''. Afterwards go to ''Advanced SSH setting'' and provide the path to your ''SSH-Key'' which is **already present on MOGON**: 
- 
-{{ :start:mogon_cluster:mobaxterm_proxyjump_3.png?800 }} 
- 
-Now click on the ''Network settings'' tab and activate ''Conenct through SSH gateway (jump host)'': 
- 
-{{ :start:mogon_cluster:mobaxterm_proxyjump_4.png?800 }} 
- 
-Use 'sshgate.zdv.uni-mainz.de' as the gateway ssh server and enter your ''Username''. Add the same ''private Key'' as before. The configuration is now complete and you can click on ''OK''. A windows will open and you will be asked for the passphrase for your SSH key. After you entered the passphrase correctly, the session starts automatically. 
- 
-== Using MobaXterm SSH agent == 
- 
-Start ''MobaXterm'' and click on ''Settings'': 
- 
-{{ :start:mogon_cluster:mobaxterm_settings_1.png?800 }} 
- 
-now go to the ''SSH'' tab and **deactivate** ''Forward SSH agents''. Add your SSH key by clicking the plus sign, you will be asked for your Passphrase. If your are finished click on ''OK'': 
- 
-{{ :start:mogon_cluster:mobaxterm_settings_2.png?800 }} 
- 
-You'll now be asked for the passphrase every time you start MobaXterm but can use your SSH keys in different sessions through the SSH agent without explicitly setting up the key. 
- 
-<callout type="info" title="Generating an SSH Key Pair" icon="true"> 
-**In case you don't have** a ssh key yet you can follow [[start:mogon_cluster:access#how_to_set_up_ssh-keys_for_mogon|these]] guideline.  
-</callout> 
- 
-</pane> 
-</tabs> 
-~~NOTOC~~ 
- 
  • start/mogon_cluster/access_from_outside_windows.1594830548.txt.gz
  • Last modified: 2020/07/15 18:29
  • by jrutte02