User Tools

Site Tools


tutorial:off_campus_access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
tutorial:off_campus_access [2016/10/03 15:31]
sertalpbilal
tutorial:off_campus_access [2021/05/13 09:54] (current)
mjm519
Line 1: Line 1:
 ====== Off-campus access to Cor@l network ====== ====== Off-campus access to Cor@l network ======
 +
 +===== Security =====
 +
 +The Jumphost (ssh.lehigh.edu) is now protected by dual factor authentication ( [[https://​confluence.cc.lehigh.edu/​display/​LKB/​Two-factor+Authentication+with+Duo+-+FAQ|Duo Two Factor Authentication]] ) when logging in directly. As an alternative passwordless ssh can be configured. Please review the Security section when setting up passwordless ssh access to Lehigh IT resources through the jumphost.
 +
 +**We are recommending that a password protected key be used when accessing ssh.lehigh.edu from off campus to protect the integrity of internal IT resources.**
 +
 +__Please review the best practices from the website:__
 +
 +**Best Security Practices**
 +  * **Always protect your key pair with a passphrase.**
 +  * Use a strong passphrase just as you would for your password.
 +  * **Do not use your password as your passphrase.**
 +  * Do not write your password/​passphrase and store at a place that anyone can access for e.g. post-it note on your monitor.
 +  * Verify only your account has access to ssh keys by running chmod 700 ~/.ssh.
 +  * Never share your private key and/or your passphrase/​password.
 +  * Always store your credentials in ssh-agent with a definite lifetime.
 +  * Change your passphrase as regularly as you change your password.
 +  * Do not use reuse your password and passphrase.
 +  * Limit the number of systems that you log in from.
 +
 +
 +[[https://​confluence.cc.lehigh.edu/​display/​hpc/​SSH+public-key+authentication|For more information please review this link.]]
 +
 +===== SSH =====
 +
  
 SSH access to COR@L network is blocked for security reasons. In case you need to access it, there are two ways to access it: SSH access to COR@L network is blocked for security reasons. In case you need to access it, there are two ways to access it:
  
-  - Connect to [[tutorial:​vpn|VPN]] and ssh to [[info:​coral|computer ​you want]] (coral.ie.lehigh.edu,​ polyps.ie.lehigh.edu,​ etc..) +  - Connect to [[tutorial:​vpn|VPN]] and ssh to [[info:​coral|server ​you want]] (coral.ie.lehigh.edu,​ polyps.ie.lehigh.edu,​ etc..) 
-  - Connect to ssh server of Lehigh ​(ssh.lehigh.eduwith your Lehigh username and **Lehigh password**. \\ Then type\\ ''​ssh coral.ie.lehigh.edu'' ​and enter your **[[coral:​password|COR@L password]]**.+  - Connect to ssh server of Lehigh ​<​code>​ssh username@ssh.lehigh.edu</​code> ​with your Lehigh username and **Lehigh password**. \\ Then ssh into COR@L<​code>​ssh username@coral.ie.lehigh.edu</​code> ​and enter your **[[coral:​password|COR@L password]]**. 
 + 
 +===== SCP ===== 
 + 
 +For SCP (Remote file copy) access to your files, you may use a tunnel over ssh.lehigh.edu. 
 + 
 +==== WinSCP ==== 
 + 
 +  * Enter coral.ie.lehigh.edu for the host name and your username \\ {{ :​tutorial:​1.png?​nolink |}} 
 +  * Click Advanced and Connection/​Tunnel 
 +  * Enable "​Connect through SSH Tunnel"​ and enter ''​ssh.lehigh.edu''​ as the host name and enter your username \\ {{ :​tutorial:​2.png?​nolink |}} 
 +  * Save and try to connect. You will be asked two passwords, the first one is your **Lehigh password** and second one is your **COR@L password**. 
tutorial/off_campus_access.1475523102.txt.gz · Last modified: 2016/10/03 15:31 by sertalpbilal