SSH access to ITA systems
Restricted SSH access from the Internet to ITA hosts
For security reasons, access to ITA computers from outside the ITA network is restricted and only possible via a gateway computer named:
welcome.ita.uni-heidelberg.de (alias ssh.ita.uni-heidelberg.de).
Note that this is also true if you are connected via the university VPN.
Getting an account
To use the gateway, you will need an active ITA account, which you should already have. If you don’t have one, please fill out the form at https://wwwadd.zah.uni-heidelberg.de/application/form.html, send the result of this form via mail to admin(at)zah.uni-heidelberg.de and ask your supervisor to confirm this account request to the admin team.
Simple usage of the gateway
First, use
ssh -Y username@welcome.ita.uni-heidelberg.de
to connect to the gateway host and there use
ssh -Y username@hostname.ita.uni-heidelberg.de
to connect further to an ITA Linux host.
Convenient usage of the gateway
Note: in the following you may have to replace the ~ by the full path of your ssh config file! (e.g. /home/xxx/.ssh/config ), where xxx is your local path to the home dir on your home computer.
Configuration
Edit the ~/.ssh/config file (create it if not already there) on your home computer. It should contain the lines:
!welcome.ita.uni-heidelberg.de *.ita.uni-heidelberg.de
ProxyCommand ssh -q -a <username>@welcome.ita.uni-heidelberg.de -W %h:%p(please substitute <username> with you actual username).
Convenient login
ssh -X username@hostname.ita.uni-heidelberg.de
Please substitute username with your ITA username, and hostname with the computer of your choice, e.g. your desktop machine.
After that, you are logged in through the gateway in one transparent step, and X-forwarding works, i.e. you can start an xterm and it will open on your home computer.
Acesssing your files
All ITA file systems are also mounted on the machine
welcome.ita.uni-heidelberg.de
and you can copy yor files directly to and from it with either scp or rsync.
After configuring the ~/.ssh/config, you can also directly use scp from your home computer to ITA, e.g. via
scp localfile username@welcome.ita.uni-heidelberg.de:targetpath
Method 2: Windows with putty and Xming
You need Putty and XMing (optional, only required to run X11 programs).
If you download the Installer version of Putty, the directory where the programs was installed will be named differently depending on the Windows language and the hardware architecture (32 Bit or 64 Bit). If you use the ZIP file with all programs, you can decide where you want to put the files (I recommend to create a directory named C:\putty and put them all in there).
Common directory names for Installer version:
Directory name | Windows version |
C:\Programme\Putty | German 32 Bit Windows |
C:\Programme (x86)\Putty | German 64 Bit Windows |
C:\Program Files\Putty | English 32 Bit Windows |
C:\Program Files (x86)\Putty | English 64 Bit Windows |
I recommend to add this directory to your system PATH variable, so you can call the programs without a full path. Please refer to this this site to learn how to do this. The following section expects that this has been done.
After that, you can open a command line window by pressing the Start Button and enter the command cmd into the search bar on Windows 10.
You can enter all the following commands into this window.
First you have to establish an ssh tunnel to the ITA host via the ssh gateway:
putty -L 2222:hostname.ita.uni-heidelberg.de:22 username@welcome.ita.uni-heidelberg.de
Keep this terminal open. Afterwards you can do:
ssh via tunnel
putty -P 2222 username@localhost
connects you directly to username@hostname.ita.uni-heidelberg.de.
filezilla via tunnel
Connect by the sftp protocol to localhost port 2222
