Remote Login and File Transfer
About Remote Login and File Transfer using Public Key Authentication
Outline
- Remote login is to log in the computer which is in the distance via the network.
- On CNS, SSH is used that encrypts communications to login in distance safely.
Software which do not encrypt communications such as TELNET cannot be used on CNS. - Please refer to "Shared computing server " for the server which can be logged in remotely.
- In the past, we used password authentication when SSH was used on SFC-CNS.
However, the password authentication can be broken by brute-force attacks, and brute-force attacks have been increasing.
After September 2020, SSH password authentication from outside of Keio is terminated, and SSH pulic key authentication is only available.
About Public Key Authentication
- Authentication will use pair key (i.e., Public Key and Secret Key) and be checked whether those keys match.
- Public Key
Public Key will be kept on the server. It is like a keyhole.
This key is for public use, so it can be seen by others. - Secret Key
Secret Key will be kept on the PC which you login with SSH. It is like a key if the Public Key is a keyhole.
Please keep the secret key safe though it is protected by the pass phrase which is set when you create it.
In case you loose your secret key, you can disable it by the disposal of the public key.
- Public Key
Password authentication
- An account can be logged in if user name and password match. Therefore, it is possible to be logged in by round-robin attacks.
Procedure for Connection
Remote login
The style of keys will be different for different software. Please refer to the link of the software for the procedure.
The procedure will be the following:
Making keys -> Setting software -> Connection
File transfer
FAQ
- Is it possible to use one key with more than one PC?
- Yes. You can use one key with more than one PC by setting the secret key with PCs you want to use.
- I want to use TeraTerm for SSH, and WinSCP for file transfer.
- The secret key is different form between TeraTerm and WinSCP. However, the public key is the same.
After making keys, please download the secret keys for both TeraTerm and WinSCP.
- The secret key is different form between TeraTerm and WinSCP. However, the public key is the same.
- I lost my secret key. I lost PC with which I set a secret key.
- You can disable your secret key by deleting your public key which corresponds to your secret key.
Please delete your public key on "Key Making" page.
- You can disable your secret key by deleting your public key which corresponds to your secret key.
- I forgot to download my secret key.
- Because secret keys can be download only at the time of making. You need to remake a key on "Key Making" page.
- I want to use a pair of keys which I already have.
- You can register your public key on Key Making" page.
- I want to delete my public key
- You can delete public key on "Key Making" page. After you login, please click the checkbox of the public key which you want to delete. Then click "Delete" button.
-
What is the form of key which is made on "Key Making" page.
- ECDSA 521bit. It is RSA 4096bit until 6th October 2023. The keys with RSA 4096bit is still avaiable to login
Last-Modified: November 10, 2023
The content ends at this position.