General guidelines
You basically have three entities you want to interlink and provide bidirectional access.
- Personal computer
- Remote computer
- Github or Gitlab a/c server
A copy of all my ssh keys is stored in ~/Dropbox/ssh-access-keys/
Generate SSH Key Pair
SSH public and private keys can be generated by:
ssh-keygen -t ed25519
In the prompt for putting in the password, leave it blank and just press “Enter”, if ya don’t want to have a password-protected file.
The generated public and private key pairs will be saved in ~/.ssh/ and be available as: ~/.ssh/id_ed25519.pub and ~/.ssh/id_ed25519
Using VS Code Interface
To use the Microsoft VisualStudio Code interface for accessing your remote server account, follow the following directions:
Some remote linux servers can be really old. So, the VS Code plugin may not work for them!
Port Forwarding for Remote Jupyter Notebook
Do:
ssh -L 8889:user.name@host:8889
jupyter notebook --no-browser --port=8889
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
Python Package Installations
pip install --user *package-name*
Or,
conda activate *env-name*
conda install *package-name*
File Transfer with Secure Copy Protocol
To upload file(s) from your local machine to the remote server, do:
scp *local-file-path* user.name@remote.server.xyz:/home/user.name/*folder-name*
To download file(s) from the remote server to your local machine, do:
scp user.name@remote.server.xyz:/home/user.name/*remote-file-path* *local-folder-name*
Known Issues and Problems Encountered
- If the internet connection is not stable, the connection may be terminated abruptly, with an error message like:
Read from remote host ldas-pcdev12.ligo.caltech.edu: No route to host
Connection to ldas-pcdev12.ligo.caltech.edu closed.
client_loop: send disconnect: Broken pipe
Some servers require connection ported by a supported VPN service. So, the ssh connection request won’t work if the VPN is not switched on prior to making the request.
The computer accessing the remote server should have the same public key as the one originally submitted/added to the remote server. Otherwise, the ssh connection request won’t work.
Accessing Remote Servers
This is mostly a list of procedures to follow for connecting to remote servers that I have had occassion to use. All of these servers are located in some university and this data is public. The procedure to connect to any other remote server(s) should be basically the same. This is outlined here to be a guide for novice students and for the times that I forget the server ssh address and have to quickly look it up, haha!
Accessing LIGO Data Grid (LDG) CIT Cluster
To use ssh to push to github repo, you still have to provide in the username and password for your @git.ligo.org account.
You have to make sure that your SSH public key for LDG-CIT is uploaded to the git.ligo.org account, and not your personal Github account.
The primary work node in the LDG-CIT cluster are the GPU machines labelled pcdev1-12. The user workdir is shared between all these nodes and is accessible via an ssh ping to anyone of them. Do:
ssh suyog.garg@ldas-pcdev12.ligo.caltech.edu
If the public keys have been properly uploaded there won’t be any prompt to type in the password.
@2025/10/30 updates
They have suddenly decided to darn use the “Duo” app for 2-step verification. Follow the instructions here for setting this up: https://git.ligo.org/computing/iam/mfa
Then login using ssh ldas-grid.ligo.caltech.edu to directly log-in to the whole grid, instead of specifically to pcdev12 like the past time. This will login to the home directory at /home/suyog.garg !
@2025/11/12 updates
Gotta use this at every login now to get to the GPU servers at CIT-LDG:
ssh -J albert.einstein@ssh.igwn.org albert.einstein@ldas-pcdev12.ligo.caltech.edu
My username is “suyog.garg”. The above will prompt a passcode using the DUO app, if the 2-step verification has already been set up. Need to do this every time.
Use ssh jump connection on VS code
To jump from a login server within a computing cluster to the work server, update your ssh configuration file to have the proper host and jump connection names. Additional option for enabling command prompt keyboard interation during the ssh connection request needs to be defined in the configuration file. Without this the Duo app security code input prompt won’t be asked.
- Open the command palatte in VS code and navigate to “Remote ssh config file”
- Then edit the host name and other connection details.
Example of my ssh configuration file is:
Host ssh.igwn.org
HostName ssh.igwn.org
User suyog.garg
# ... other settings
PreferredAuthentications keyboard-interactive,publickey
PubkeyAuthentication yes
Host ldas-pcdev12.ligo.caltech.edu
HostName ldas-pcdev12.ligo.caltech.edu
User suyog.garg
# ... other settings
PreferredAuthentications keyboard-interactive,publickey
PubkeyAuthentication yes
ProxyJump ssh.igwn.org
Note that the ProxyJump line should always come after the InteractiveKeyboard option has been set. Otherwise the connection will terminate prematuarely.
Accessing IPMU iDark
Resources
Procedure
- All IPMU servers require connecting via the IPMU VPN service. So, first enable and switch the VPN.
- If using Cisco Connect VPN service, having installed it, type in the IPMU VPN address as: https://vpngw.ipmu.jp
- Type your IPMU account username and password, sent to you when you requested an account.
- The VPN connection should now be available, after clicking ‘connect’.
- Once the VPN is enabled, start a ssh connection request using the terminal:
ssh suyog.garg@idark.ipmu.jp
- There should not be any prompt asking for a password if the ssh public keys between the computer making the request and the remote server match.
Note that the user name is required when accessing the cluster all the time. Otherwise, how does the ssh request know about what access to ping the request to.
Accessing Einstein and Landau Clusters at Tokyo City University
Add the following ProxyJump connection to the ssh configuration file as follows:
Host einstein.sv.yc.tcu.ac.jp
HostName einstein.sv.yc.tcu.ac.jp
ForwardX11Trusted yes
Port 1022
LocalForward 8008 localhost:8088
User suyog
Host landau.sv.yc.tcu.ac.jp
HostName landau.sv.yc.tcu.ac.jp
ForwardX11Trusted yes
LocalForward 8088 localhost:8888
ProxyJump einstein.sv.yc.tcu.ac.jp
User suyog