How do I connect to CAEN's Linux Remote Login Service using Secure Shell (SSH)?

Body

NOTE: To use the Linux Remote Login Service from off-campus locations, you must first connect to the U-M Virtual Private Network (VPN) service.


 

SSH on Windows Computers

Windows does not provide built-in SSH software, but several third-party programs are available. All CAEN Windows computers offer an SSH program called PuTTY. When you first open PuTTY, a window similar to the one shown below will appear. First, make sure to enter the appropriate Host Name:

  • When connecting from an on-campus network (excluding U-M VPN networks), use: oncampus-course.engin.umich.edu
  • When connecting from an off-campus network, use: login-course.engin.umich.edu

Also make sure SSH is selected as the Connection Type:

Putty configurations settings

The first time you use PuTTY to connect to a CAEN login server, you will be asked if you are sure that you want to connect, e.g.:

PuTTY security alert window

This is a precaution built into SSH that gives you the opportunity to verify the authenticity of the host before you enter your password. If you are connecting to a known CAEN host, simply click the Yes button to accept the host's fingerprint. This does not actually verify the authenticity of the host. If you have questions about this prompt, or believe you may be the victim of a man in the middle attack, send a description of your concerns to security@engin.umich.edu.

Upon clicking the Yes button, a window will appear and prompt you to log in. Enter your U-M uniqname at the login as prompt, and press Enter. Then when prompted, enter your UMICH password, and press Enter again:

Putty login terminal

The CAEN Linux Remote Login Service also requires the use of Duo two-factor authentication (2FA). All that is needed is to enroll a device. If you already have a Duo code from SMS message or security token, you can enter it when prompted, or select to have a new code sent to your device:

2FA for putty

PuTTY is available for free download at:

 

SSH on Linux & macOS Computers

Linux and macOS both have built-in, command-line SSH programs. To connect from one Linux or macOS computer to another, simply type ssh host at the Terminal prompt, where host is either the alphanumeric hostname or numeric Internet Protocol (IP) address:

  • When connecting from an on-campus network (excluding U-M VPN networks), use: oncampus-course.engin.umich.edu
  • When connecting from an off-campus network, use: login-course.engin.umich.edu

For example, to connect to the CAEN Linux Remote Login Service when on-campus, enter:

example% ssh uniqname@oncampus-course.engin.umich.edu

where uniqname is your U-M uniqname. The first time that you run SSH to connect to a CAEN login server, you will be asked if you are sure that you want to connect, e.g.:

The authenticity of host 'example (192.168.1.2)' can't be established.
 RSA key fingerprint is 6f:8c:47:bf:63:5f:e2:fb:80:5b:48:1a:db:81:cc:34.
 Are you sure you want to continue connecting (yes/no)?

As described above with PuTTY, this is a precaution built into SSH that gives you the opportunity to verify the authenticity of the host before you enter your password. If you are connecting to a known CAEN host, simply respond by fully typing yes and pressing Enter to accept the host's fingerprint.

The CAEN Linux Remote Login Service also requires the use of Duo two-factor authentication (2FA). All that is needed is to enroll a device. If you already have a Duo code from SMS message or security token, you can enter it when prompted, or select to have a new code sent to your device:

Duo two-factor login for uniqname

Enter a passcode or select one of the following options:

  1. Duo Push to XXX-XXX-XXXX
  2. Phone call to XXX-XXX-XXXX
  3. SMS passcodes to XXX-XXX-XXXX (next code starts with: 2)

Passcode or option (1-3):

For more information on SSH for Linux or macOS, type man ssh at the terminal prompt.

Details

Details

Article ID: 5002
Created
Mon 5/3/21 12:59 PM
Modified
Wed 8/30/23 1:58 PM