[taurus.pppl.gov|8] ssh-keygen
Initializing random number generator...
Generating p: ...........................++
(distance 362)
Generating q: ..................++
(distance 230)
Computing the keys...
Testing the keys...
Key generation complete.
Enter file in which to save the key (/u/dstotler/.ssh/identity):
/u/dstotler/test/identity
Enter passphrase:
Enter the same passphrase again:
Your identification has been saved in /u/dstotler/test/identity.
Your public key is:
1024 33 165141480113535719053442383331241877783679540203736808124303864595226661958423674220777901227369014178885645107617752311189670320878987019252559764693183974103846009341645321395893668701448061017525777898806725520583536109037666952203956380182555807369937420366456034426407906676824146626446573253661428910257
dstotler@taurus.pppl.gov
Your public key has been saved in /u/dstotler/test/identity.pub
The ssh-keygen utility will create two files, here named "identity" and "identity.pub". To avoid overwriting the files in my ~/.ssh directory (containing my key on the Unix cluster), I created a separate directory ~/test and instructed ssh-keygen to create the identity files there.
You may want follow this with:
[taurus.pppl.gov|28] ssh-keygen -c
Enter file key is in (/u/dstotler/.ssh/identity):
/u/dstotler/test/identity
Enter passphrase:
Key now has comment 'dstotler@taurus.pppl.gov'
Enter new comment: A new comment
The comment in your key file has been changed.
This changes the comment in the identity files from the default (here: dstotler@taurus.pppl.gov) to something more meaningful for use on your home PC.
While you're on the Unix cluster, open your existing ~/.ssh/authorized_keys file in an editor. Paste the contents of the identity.pub file you just created to the end (it's actually just one long line).
You will leave the modified ~/.ssh/authorized_keys right where it is. But, in the steps below you will be downloading the new identity and identity.pub files to your PC.
1. Download the Zip file indicated near the middle of the page (version 2.3 as of this writing):
http://hp.vector.co.jp/authors/VA002416/ttermp23.zip
We also need to download TTSSH, an implementation of SSH incorporated into TeraTermPro. Go to:
http://www.zip.com.au/~roca/ttssh.html
Follow the link there for downloads; e.g., I saw:
http://www.zip.com.au/~roca/download.html#binaries
2. Download the Zip file provided there (e.g., ttssh151.zip).
Don't download the RSAREF ("US") version of LIBEAY32.DLL, since there's currently (2000-01-07) a security bug in it. Once this but is fixed, then you should use the RSAREF version.
3. Create a temporary folder and copy ttermp23.zip into it. Unzip ttermp23.zip into this folder. If you have Norton Utilities, with its "UnZip" tool, you only need to double click ttermp23.zip.
4. Run "setup.exe" from this folder. By default, this will install TeraTermPro in C:\Program Files\Ttermpro.
5. Move ttssh151.zip into the Ttermpro folder and unzip it.
6. Use ftp (e.g., the "FTP for Windows Explorer" provided with Exceed) to download the identity and identity.pub files you created above into the Ttermpro directory on your PC. If you use Window's (DOS) text-based ftp utility, use binary mode to download the identity file. Once you've downloaded the identity (i.e., the private) file to your PC as part of the steps below, you should delete this file from the Unix cluster to prevent anyone from stealing it. To avoid confusion later, you should also delete the identity.pub file.
It's nice to also download a copy of /etc/ssh_known_hosts file from the Unix cluster to the Ttermpro folder; you should give it a different name, e.g., pppl_known_hosts. If you don't download this file, TTSSH will query you with each new host you contact, asking if you really want to connect with this machine.
7. Double-click on ttssh.exe in the Ttermpro to start TeraTermPro (with TTSSH). This will bring up an initial login screen. We will want to set up a few things first, so click "Cancel" for now.
8. Under the Setup menu, select "SSH....". Set the "Read only file" to "pppl_known_hosts" (or whatever you called the downloaded known_hosts file).
9. Under "Setup | SSH Authentication...", set "Username" to your Unix cluster login name (e.g., dstotler). Highlight the "Use RSA key to log in" radio button. Then, click "Private key file" and select the "identity" (not identity.pub) file you downloaded from the Suns (you will need to click "Open", then "OK").
10. Under "Setup | SSH Forwarding...", check the box to "Display remote X applications on local X server".
11. Under "Setup | TCP/IP", click the "History" box (this will cause TeraTermPro to keep track of all of the host names you use).
12. Under "Setup | Save Setup...", save the setup file. Leave this in the default teraterm.ini file so it gets opened automatically when ttssh is launched. If you forget to do this, you will need to repeat steps 7 through 11!
Now, when you run ttssh.exe, you can enter your PPPL host computer (e.g., taurus.pppl.gov) and click the "SSH" button. You will then be prompted for your passphrase. Click "OK" and you should be logged in. If this doesn't work, now's a good time to stop and ask what went wrong.
1. In the Ttermpro directory, right-mouse-click on ttssh.exe and select "Create Shortcut"
2. Rename this shortcut file something meaningful, say "PPPL login".
3. Right-mouse-click on the shortcut file and select "Properties"
4. The "target" box should contain something like:
"C:\Program Files\TTERMPRO\ttssh.exe"
5. Add the name of the Unix cluster computer you wish to login to, along with this other stuff:
"C:\Program Files\TTERMPRO\ttssh.exe" taurus.pppl.gov:22 /ssh /m=pppl_macro.ttl
The 22 is the port number and the /ssh tells it to use SSH. Using these switches allows you to bypass the first screen ttssh.exe brought up.
6. Click "OK".
7. The "/m=" points to a macro file (here, pppl_macro.ttl) that you are now going to create. To make it easy for Windows to find this file, keep in your TTERMPRO folder.
You can use Notepad or whatever to create this file, just be aware that by default, Notepad will probably give the file a ".txt" extension. If the file extension is not shown in Explorer (that's what they call the Finder-like file manager in Windows), go to Explorer's "View" menu and select "Options...". Click the "View" tab at the top of the resulting dialog box. Then, uncheck the box labeled "Hide MS-DOS file extensions for file types that are registered." The filename extensions should now appear in Explorer. Once the extensions are there, you can use the "Rename" command (under Explorer's "File" menu, also reachable by right-mouse clicking on the file) to change them. If you know DOS, you probably didn't bother to finish reading this paragraph.
Be sure you use the right extension in the Shortcut's "Properties" dialog. As a simple example, this file might contain:
wait '|1]'
sendln 'xterm -sl 1000 -sb &'
The first line has the macro wait until the string "|1]" appears on the screen. These are the last characters of the command line prompt I see when I log into the Unix cluster. If you see something different, use that instead.
The second line sends the string "xterm -sl 1000 -sb &" to the screen. Obviously, the computer you are logged into will launch an xterm. You should have Exceed's HWM (or equivalent) running at this point, otherwise you'll get an error. The xterm should appear in the Exceed window at this point. If there is some other X client or script you want to run at login, modify this script to execute that command instead.
More complicated login and macro tricks are possible. See the TeraTermPro and TTSSH documentation for details.
8. Finally, move the Shortcut you just created to some convenient place
(I keep mine in my Start menu, next to the shortcut to HWM). You
might also give it a more descriptive name, e.g., "pppl login".