1. Command line clients (Linux and Mac OS X)
Linux and Mac OS X (and other Unix versions) usually come pre-installed with the clients
sftp. For the Linux SSH client OpenSSH the commands are simple (case and quotes are important!):
ssh [<netid>@]linux-bastion.tudelft.nl scp -p '<local file>' "[<netid>@]linux-bastion.tudelft.nl:'<remote destination>'" scp -p -r '<local folder>' "[<netid>@]linux-bastion.tudelft.nl:'<remote destination>'" scp -p "[<netid>@]linux-bastion.tudelft.nl:'<remote file>'" '<local destination>' scp -p -r "[<netid>@]linux-bastion.tudelft.nl:'<remote folder>'" '<local destination>' sftp [<netid>@]linux-bastion.tudelft.nl E.g.: scp -p -r '/data/<netid>/My Files' "bastion:'/staff-bulk/ewi/mm/PRLab/<netid>/My Files'"If
<netid>is not specified, your current username is used.
1.1.1. Define connections
For the Linux SSH client OpenSSH you can define often recurring connections by placing a section like the follwoing in the configuration file
~/.ssh/config on your local computer:
Host bastion Hostname linux-bastion.tudelft.nl User <netid>You can then simply use
ssh bastion. For example:
netid@local:~> ssh bastion Last login: Thu Jan 1 00:00:00 1970 from local [netid@srv227 ~]$
1.1.2. SSH Session Multiplexing
Some SSH clients support multiple sessions over a single connection. You have to enter your password once to make the connection, and can then open multiple sessions (a.k.a. shells, terminals, ...) to that computer, or even transfer files, over the same connection. This is especially convenient when connecting to the Linux bastion server from the outside (where you have to type your password always). Note: the first connection (the
master) will stay open until all other sessions have been closed.
For the Linux SSH client OpenSSH you enable session multiplexing by placing the following lines in the configuration file
~/.ssh/config on your local computer and on the Linux bastion server:
Host * ControlMaster auto ControlPath /tmp/ssh-%r@%h:%p
1.1.3. SSH Client Support for Kerberos Authentication
Between some TU Delft installed Linux machines (such as the Bastion and compute servers) entering passwords can be skipped altogether by using Kerberos authentication. By default, the TU Delft Linux desktops do not allow Kerberos authentication for SSH logins, however they can be reconfigured to enable Kerberos authentication.
Both your SSH client and the remote computer must have been configured to support Kerberos authentication to log in. For the Linux SSH client OpenSSH you enable Kerberos authentication by placing the following lines in the configuration file
~/.ssh/config on the Linux bastion server:
Host * GSSAPIAuthentication yes GSSAPIDelegateCredentials yes
2. Graphical clients
For Windows, the (free) graphical clients PuTTY (SSH) and FileZilla (SFTP) are available. On machines with a TUD-configured Windows installation, you can find PuTTY under Start -> All Programs -> Tools -> Putty Suite -> PuTTY and FileZilla under Start -> All Programs -> Internet -> Filezilla FTP Client-> FileZilla.
Machines with a TUD-configured Mac OS X installation come with Fetch (SFTP) installed in the Application folder. FileZilla (SFTP) is available, but has to be installed. For SSH, it's probably easiest to just run SSH from a terminal.
2.1. PuTTY Settings
The following screen-shots show the most important settings for using PuTTY with the TU Delft linux servers. Unless otherwise specified, just use the default values.
2.1.1. Session Settings
Fill in the name of the TU Delft SSH server
2.1.2. Connection Data Settings
Specify your username (TU Delft NetID); if your system username is not your NetID, fill in your NetID in the
2.1.3. Connection SSH Settings
2.1.4. Connection SSH Auth GSSAPI Settings
2.1.5. Session Settings
To store these session settings, go back to the session tab, and save the settings under a session name. To activate a stored session, double-click on the session name.
2.2. FileZilla Settings
2.2.1. Quickconnect Settings
To connect, fill in the name of the TU Delft SSH server
student-linux.tudelft.nl for students), your username (NetID) and password, and the port (22), then press the
When you start a session to a server that you've never connected to before, you will be asked to confirm the server identity. This identity will be used in future sessions to detect (evil) server changes. If FileZilla detects a change, do not connect, unless you are aware of a server upgrade.
By default, FileZilla opens your home directory. If you want to access your files in the bulk or group share, you'll have to change the remote directory. Enter the desired directory path into the
Remote site (WinSCP:
Open directory) field. You need to specify the location in Linux format.
If you want, you can create bookmarks with specific local and remote directories to use.
On TU Delft installed machines, Filezilla seems to default to the Dutch language. You can change this to English in the Settings ('Bewerken' -> 'Instellingen' -> 'Taal'). You will need to restart FileZilla.