...
Because all the shared SCU servers mount your home directory, this file will be read by any shared SCU machine we want to connect to. Once you are logged onto the SCU infrastructure, you should be able to connect to any other shared SCU server you have access to without ever typing in a password again.
Avoiding Fail2ban and SSH Proxy
Fail2ban will block invalid connection attempts when users attempt multiple logins with wrong username.
When logging into a server if you don't explicitly specify username then the default for ssh is to try username of current user. So if you laptop has the username of "joe" then typing "ssh aphrodite.med.cornell.edu" will include "joe" as the user for authentication.
...
.
For example:
| Code Block |
|---|
Host *.pbtech User scu_ldap_username ProxyCommand ssh -W %h:%p scu_ldap_username@scu.login.node ControlMaster auto ControlPersist 60 ServerAliveInterval 120 IdentityFile ~/.ssh/your_private_key Host *.med.cornell.edu |
...
User scu_ldap_username |
...
ControlMaster auto |
...
ServerAliveInterval 120 |
...
ControlPersist 60 |
...
IdentityFile ~/.ssh/your_private_key |
If you place this at bottom of ~/.ssh/config file then it will be read last and these settings are applied to any server with "med.cornell.edu" in the hostname. This will also allow proxying through a login node to reach our internal HPC network.
Then you can just do "ssh aphrodite" and the user name will never be incorrect.
Related articles
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...