SSH

Basics

The university-wide SSH gateway server provides an SSH (Secure SHell) encrypted connection from off-campus to the university network.

Server name

ssh.cc.uec.ac.jp

Authentication Method

public key cryptosystem

To access this server, please register your SSH public key from the SSH Public Key Registration System in advance.

Caution

  • Do not use this server for any purpose other than ssh login relay.

  • Because it is for relay use only, it is limited in capacity so that only small text files such as configuration files can be placed.

Danger

Saving anything other than a small text file may result in incorrect operation. In this case, delete the file.

Type of login (authentication)

SSH login (authentication) methods include

There are two methods of key pairing. In principle, use the key pair method.

Note

In the future, access from off-campus to the campus will gradually be limited to key pair authentication .

Required software

On UNIX, macOS, Windows and other operating systems, the ssh command is available.

Hint

The ssh command may not be available on some operating systems. In such cases, please refer to the manual of your OS and install the software.

パスワードによるログイン

ここでは,パスワードによるログイン方法として

  • OpenSSH の ssh コマンドによる方法 (UNIX, macOS, Windows10以降)

を解説します

OpenSSH等 の ssh コマンド (UNIX, macOS, Windows10以降)

  1. 端末プログラム (xterm, kterm, gnome-terminal, ターミナル など) を起動します.

  2. サーバ接続と認証を行います.

以下のように ssh コマンドを入力してください.

ssh UECアカウント名@ssh.cc.uec.ac.jp

  1. UEC アカウントのパスワードを要求されるので入力して下さい.

Note

ログアウト(接続を解除)をするには exit コマンドを実行して下さい. ウインドウが閉じない場合は、右上の「x」をクリックするなどしてください.

Login with key pair (public key and private key)

Basic flow

Generate a pair (key pair) of public key and private key. The public key is registered in the system (Sol) to which the user is logging in, and then, during authentication The public key is registered in the system (Sol) to which the user is logging in,and the private key is referenced on the PC from which the user is logging in during authentication to verify the key.

Warning

If there is a risk that your private key has been revealed to others, follow this procedure to re-generate and re-register the key pair. Public key may be known to others without any problem due to the key pair mechanism, but we recommend that you register it only with trusted servers.

Generating and registering a key pair

SSH Public Key Registration System

You can create and register a key pair at SSH Public Key Registration System ( Integrated authentication login with UEC account is required ).

After logging in, you can perform the following three types of operations.

  • For automatic key generation

    1. auto-generate > confirmation screen > download private key > register/update > end and so on.

    2. The uec_rsa_key will be downloaded to the terminal download folder and placed under the .ssh directory.

    Windows 10 or later

    C:\Users\【username】\.ssh

    Linux

    ~/.ssh

    1. Public keys are automatically registered at ssh.cc.uec.ac.jp and sol.cc.uec.ac.jp .

    Note

    Please note that it may take some time for the data to be reflected. The private/public key is registered separately from the ~/.ssh on the server side, so you can use the private/public key that you have already set.

    1. Create a config under .ssh .

    The following is a description of how to write it.

    Host <任意の名前>
  HostName ssh.cc.uec.ac.jp
  User <UECアカウント>
  IdentityFile <秘密鍵があるPATH>

    Note

    Please fill in the information enclosed in <> . Do not enter < and > . The Arbitrary name can be alphanumeric characters.

    Caution

    The file name is config . Make sure that the file does not have an extension such as config.txt .

    An example configuration is shown below.

    Host uec
  HostName ssh.cc.uec.ac.jp
  User xa000000
  IdentityFile ~/.ssh/uec_rsa_key

    1. Open a terminal program (xterm, kterm, gnome-terminal, Terminal, PowerSHell, Command Prompt, etc.) and execute the ssh command.

    ssh UECアカウント@ssh.cc.uec.ac.jp

    Note

    If the config is set up well, you can log in with ssh arbitrary name using the arbitrary name set in 4.

    In the case of the configuration example in section 4, you can log in with the following command

    ssh uec

  • To enter the key manually

    1. Upload the public key file that has already been generated in the Select File field and go to the confirmation screen .

    Note

    When “Enter text” is selected, the registration can also be performed by pasting text.

    1. The file is automatically uploaded to ssh.cc.uec.ac.jp and sol.edu.cc.uec.ac.jp and registered.

    Note

    Please note that it may take some time for the data to be reflected. The private/public key is registered separately from the ~/.ssh on the server side, so you can use the private/public key that you have already set.

    1. Create a config under .ssh .

    The following is a description of how to write it.

    Host <任意の名前>
  HostName ssh.cc.uec.ac.jp
  User <UECアカウント>
  IdentityFile <秘密鍵があるPATH>

    Note

    Please fill in the information enclosed in <> . Do not enter < and > . The Arbitrary name can be alphanumeric characters.

    Caution

    The file name is config . Make sure that the file does not have an extension such as config.txt .

    An example configuration is shown below.

    Host uec
  HostName ssh.cc.uec.ac.jp
  User xa000000
  IdentityFile ~/.ssh/uec_rsa_key

    1. Open a terminal program (xterm, kterm, gnome-terminal, Terminal, PowerSHell, Command Prompt, etc.) and execute the ssh command.

    ssh UECアカウント@ssh.cc.uec.ac.jp

    Note

    If the config is set up well, you can log in with ssh arbitrary name using the arbitrary name set in 4.

    In the case of the configuration example shown in 3, the following command can be used to log in.

    ssh uec

  • To delete a registered key

    1. Go to Confirmation screen to see the currently registered SSH public key.

    2. Go to delete to delete the registration.

Using the OpenSSH ssh command (UNIX, macOS, Windows10)

  1. From a terminal program (xterm, kterm,gnome-terminal, terminal, PowerSHell, command prompt, etc.) use the ssh-keygen command to create a key pair.

% ssh-keygen (Enter)
Generating public/private rsa key pair.
Enter file in which to save the key (/homedir/.ssh/id_rsa): (キーの保存場所.通常はそのまま Enter)
Enter passphrase (empty for no passphrase): (パスフレーズを入力)
Enter same passphrase again: (パスフレーズを再入力)
Your identification has been saved in /homedir/.ssh/id_rsa.
<略>

  1. Confirm that id_rsa (the private key) and id_rsa.pub (the public key) have been created in the ~/.ssh/ folder.

    % ls ~/.ssh/
id_rsa  id_rsa.pub

  2. Register the public key to the target server. You can use the ssh-copy-id command to register the public key you just created (id_rsa.pub ) to ~/.ssh/authorized_keys on the server you are logging into, as shown below.

% ssh-copy-id <UECアカウント名>@sol.edu.cc.uec.ac.jp

Caution

This operation is not available in Windows 10, so please do it manually.

Login

Note

The following is a method of logging in using a key pair. You need to do key pair generation and registration in advance. For login by password, see Login by password .

using the OpenSSH ssh command (UNIX, macOS, Windows10)

  1. Use the ssh-keygen command on a terminal program (xterm, kterm, gnome-terminal, terminal, etc.) to create a key pair.

% ssh-keygen (Enter)
Generating public/private rsa key pair.
Enter file in which to save the key (/homedir/.ssh/id_rsa): (キーの保存場所.通常はそのまま Enter)
Enter passphrase (empty for no passphrase): (パスフレーズを入力)
Enter same passphrase again: (パスフレーズを再入力)
Your identification has been saved in /homedir/.ssh/id_rsa.
<略>

  1. Make sure that id_rsa (your private key) and id_rsa.pub (your public key) are created in the folder ~/.ssh/.

% ls ~/.ssh/
id_rsa  id_rsa.pub

  1. Register the public key with the target server.

In order to register your public key with the server, you need to copy the contents of the public key you just created to ~/.ssh/authorized_keys on the server. (Copy the contents, not the file.)

% ssh-copy-id <UECアカウント名>@sol.edu.cc.uec.ac.jp

  1. Log in with a passphrase

If the key exchange is successful, you will be prompted to enter the passphrase you set in 1. instead of the password of your UEC account when logging in with the ssh command.

ssh <UECアカウント名>@sol.edu.cc.uec.ac.jp
Enter passphrase for key '/homedir/.ssh/id_rsa': (パスフレーズを入力)

How to use as Socks Proxy via ssh.cc.uec.ac.jp

  1. Click Download Firefox at https://www.mozilla.org/ja/ and download the Firefox installer.

  2. Open FireFox and type about:preferences to display the preferences screen.

  3. Go to Connection Settings… (E) in the “Network Settings” field at the bottom of the configuration.

  4. Select Manually configure proxies (M), select SOCKS v5(V), and enter the following information.

SOCKS Host (C)

localhost

Port(T)

1080

  1. Create a config under .ssh .

The following is a description of how to write it.

Host <任意の名前>
  HostName ssh.cc.uec.ac.jp
  User <UECアカウント>
  IdentityFile <秘密鍵があるPATH>
  DynamicForward 1080

Note

Please fill in the information enclosed in <> . Do not enter < and > . The arbitrary name can be any single-byte alphanumeric character. See SSH Public Key Registration System for information on how to register public and private keys.

Caution

The file name is config . Make sure that the file does not have an extension such as config.txt .

An example configuration is shown below.

Host uec
  HostName ssh.cc.uec.ac.jp
  User xa000000
  IdentityFile ~/.ssh/uec_rsa_key

  1. Open a terminal program (xterm, kterm, gnome-terminal, Terminal, PowerSHell, Command Prompt, etc.) and execute the ssh command.

ssh UECアカウント@ssh.cc.uec.ac.jp

Note

If the config is set up well, you can log in with ssh arbitrary name using the arbitrary name set in 4.

In the case of the configuration example in 5, the following command can be used to log in.

ssh uec

  1. It can be used as a SOCKS proxy while an SSH connection is being made.

FAQ