SSH Gateway - for Secure access to Rice campus servers and Secure file transfers (SCP or SFTP )
The SSH-Gateway is a service that:
- Allows ssh connections from off campus to on campus servers without the need for VPN.
- This service also allows SCP/SFTP connections to your home directory on storage.rice.edu, for File Transfers.
- Can also be used for SCP/SFTP connections to personal or Organizational web pages on organization.rice.edu (old, deprecated www.ruf.rice.edu )
This is a mechanism for allowing secure connections into machines on the Rice campus without the security risk of opening up SSH to the world. SSH has become the most prevalent pathway for security breaches from off campus. The gateway will limit the number of SSH connections from a specific host in order to minimize security risks. This means that you will not be able to open up a large number of connections from a single source.
Staff or Faculty access to SSH Gateway
As a staff or faculty member you can use this service by connecting to ssh-staff.rice.edu with your favorite ssh client. When you connect you will not get a shell, instead you will be prompted for the host you want to connect to. Give the fully-qualified hostname of the machine you want to connect to. This connection will be made using the NetID you used to connect to ssh-staff.rice.edu.
Student access to SSH Gateway
As a student member you can use this service by connecting to ssh-student.rice.edu with your favorite ssh client. When you connect you will not get a shell, instead you will be prompted for the host you want to connect. Give the fully-qualified hostname of the machine you want to connect to. This connection will be made using the NetID you used to connect to ssh-student.rice.edu.
Example of using SSH Gateway, then ssh'ing to remote host
When you receive the prompt Enter remote host: on the ssh gateway, enter the fully qualified name
of the host you want to connect to.
SSH Gateway, then connect to arcadien
SCP or SFTP Connections for file transfers
When you connect using SCP or SFTP it will point to the root of your home directory on Storage.rice.edu. Be aware that the connection made via SCP or SFTP will be to your home directory via an NFS protocol.
Example of command line sftp, from RHE Linux 4 system
- Command: sftp netid@ssh-student.rice.edu
jaa2@oyster-creek2 ~$ sftp jaa2@ssh-student.rice.edu
Connecting to ssh-student.rice.edu...
The Rice University Network - Unauthorized access is prohibited
jaa2@ssh-student.rice.edu's password:
sftp> pwd
Remote working directory: /storage-home/j/jaa2
sftp> dir
Application Data Desktop Documents Downloads ErrorLog.txt
Library Public autorun.inf profile
sftp> cd Public
sftp> ls
www
sftp> cd www
sftp> ls
sftp> quit
Example of scp File Transfer, using SSH Secure Shell client
Using the Rice supplied SSH Secure Shell client, you can do a secure file transfer by
- Open up ssh client, connect to: ssh-student.rice.edu with your NetID
SSH Client Connection to ssh-student.rice.edu
- At the prompt "Enter remote host:", INSTEAD, on the SSH Client Window => select Window => New File Transfer, which opens a 2nd window to use for file transfers.
SSH Client, New File Transfer Window
- The second window shows your home directory on storage.rice.edu and you can upload or download files.
Secure File Transfers for RUF
These same examples can be used to update web pages on the RUF ruf.rice.edu system, which hosts web sites
for Staff, Faculty, or Organizational accounts. Once logged into the SSH Gateway, just enter the hostname
of kennel.ruf.rice.edu to connect to the old, legacy, RUF system.