You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

On this page we provide useful information for accessing build systems and other tools from an off-site/remote linux machine.

Useful SSH Tricks

Use ~/.ssh/config for your configurations!

Use Wildcards and Nicknames

you can apply the same config settings to multiple hosts, e.g:

Host ioc-* cpu-*
User                  laci
SendEnv               TERM=xterm
HostName              %h.slac.stanford.edu
ProxyCommand          ssh -X gateway /usr/bin/nc %h %p
StrictHostKeyChecking no
UserKnownHostsFile    /dev/null

How to Avoid "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"

If you contact a server that is frequently rebooted and has no permanent storage (embedded system) then it might recreated a new host key each time it boots. Avoid the annoying warning using /dev/null for UserKnownHostsFile as shown above.

Connecting via "Multiple Hops"

Often a ssh server is not directly reachable from the internet. In this case you can use a ProxyCommand - which is an arbitrary shell command that connects its stdio to the ssh server. In particular, you can use an ssh connection to a host which does have a connection (directly or indirectly) to the targeted server as a proxy.  See above for an example. Note that this can be applied recursively, i.e., if the 'gateway' in the previous example is not directly reachable from the internet but 'firewall' is then you can use

Host gateway
User           myself
ProxyCommand   ssh -X firewall /usr/bin/nc %h %p

Now when you say

ssh cpu-b12-xyz

then ssh will transparently set up the multi-hop connection. Note that others options can be passed and work as expected, i.e., you can set up port forwarding to the target machine, e.g.,

ssh cpu-b12-xyz -L8000:localhost:9000

sets up an encrypted port forward from the external machine (where ssh runs), port 8000 to port 9000 on cpu-b12-xyz.

screen is Your Friend!

When you run an interactive session from remote then this often carries a lot of context information (environment, running processes etc.). It can be very painful if you get disconnected and as a consequence lose all of this context and have long-running build processes killed. Use the 'screen' utility. If you work on AFS then screen also keeps your tokens alive for you (until they expire, of course) - provided that you run a pagsh:

screen pagsh

You start authenticating yourself (kinit -f; aklog) and then go about your business. You can at any time disconnect from the screen (which continues running all of its sub-processes and keeps terminal history etc) by hitting "<CTRL>-A D". You can then safely log-out and when you come back resume your screen session (hopefully that vivado build has completed in the mean time)

screen -r

If there are multiple screen sessions running then you may have to specify which one to resume. The above also works if you have been interrupted (e.g., by losing connectivity) but if screen things the last connection is still alive then you might have to reattach forcefully

screen -Dr

Remote GUI Access

While you can run X11 over ssh it is frustratingly slow if your connection is not super-fast. VNC is a much better solution (for use with a windows client see here)

Remote Access to JTAG / USB

  • No labels