Introduction
Macs come with ssh installed. You can use this to login - safely and securely - to the School of Informatics from the internet. This page explains how to use ssh on a Mac.
Host keys
When using ssh, security is important, so please read Host Key Management. (That page is for Linux, but ssh is the same on macOS and Linux.)
VPN
Before you can use ssh, you should be using a VPN - either the University VPN or the School's OpenVPN. The VPN page can help with that.
Kerberos and GSSAPI
This stage is optional, but we recommend it, because it will help to keep your DICE password safe, and it lets you ssh to School servers without having to type your DICE password each time you connect.
First, set up Kerberos on your Mac.
Then set up ssh for Using GSSAPI (Kerberos) authentication. Those instructions are for Linux, but ssh on the Mac should be configured similarly. (But note that the GSSAPIRenewalForcesRekey option is not supported.)
How to use ssh
You'll need the Terminal application.
It's in the Utilities folder which is on the Finder's Go menu.
Once you have a Terminal window, this is how to use ssh:
ssh username@servername
... replacing username
and servername
with the correct values.
Replace username
with your DICE username - for example s1234567
.
Replace servername
with the name of the server to connect to.
For example, if your username was s1234567
and you wanted to connect to the Informatics ssh server for students, you would type this in the Terminal window:
ssh s1234567@student.ssh.inf.ed.ac.uk
If you are using Kerberos and GSSAPI, you will now be logged in to an Informatics ssh server. If you aren't using it, you will be prompted for your DICE password at this point.
If you type the wrong password
If you type the wrong password your login will fail.
If you get it wrong several times you will be temporarily locked out. If this happens to you, just wait a while then try again. If that doesn't help, ask Informatics Computing Support for help. This is a security measure.
Public Keys
The Public Key Support section of the External Login page explains why using ssh public keys is a bad idea. To remove a public key which you may previously have generated on your Mac, open Terminal once again and type
rm ~/.ssh/id_rsa*
The key's filenames may be different - see the FILES section of
man ssh-keygen
on your Mac.