====== Lehigh VPN ======

[[http://lts.lehigh.edu/services/vpn|Lehigh VPN]] (Virtual Private Network) is a tool to access university resources from off-campus.

===== How to set up VPN? =====

Lehigh LTS provides [[https://software.lehigh.edu/install/?search=vpn|Cisco VPN software]] with easy installation steps. Software can be downloaded from Lehigh Software web page and you can follow the [[https://software.lehigh.edu/install/auth/doc.php?id=76|instructions here]].

====== Lehigh SSH Jumphost ======

Lehigh University offers ssh access to system via a Jumphost. The jumphost - **ssh.lehigh.edu** - requires dual authentication via Duo. The link below provides instructions and links to help you set up SSH access to the jumphost. 

**We are recommending that a password protected key be used when accessing ssh.lehigh.edu from off campus to protect the integrity of internal IT resources.**

__Please review the best practices from the website:__

**Best Security Practices**
  * **Always protect your key pair with a passphrase.**
  * Use a strong passphrase just as you would for your password.
  * **Do not use your password as your passphrase.**
  * Do not write your password/passphrase and store at a place that anyone can access for e.g. post-it note on your monitor.
  * Verify only your account has access to ssh keys by running chmod 700 ~/.ssh.
  * Never share your private key and/or your passphrase/password.
  * Always store your credentials in ssh-agent with a definite lifetime.
  * Change your passphrase as regularly as you change your password.
  * Do not use reuse your password and passphrase.
  * Limit the number of systems that you log in from.


[[https://confluence.cc.lehigh.edu/display/hpc/SSH+public-key+authentication|For more information please review this link.]]