Access to Aether¶

SSH access¶

Once you have a user account, you can connect to Aether with ssh.

from within IUP-UB¶

ssh username@aether

or

ssh username@aether.iup.uni-bremen.de

This will get you to either one of the two login nodes.

from outside IUP-UB, but inside the university network¶

For connecting to login1

ssh -p54203 username@aether.uni-bremen.de

or, for connecting to login2,

ssh -p54204 username@aether.uni-bremen.de

from outside the university¶

You can use the ZfN VPN service to connect to the university network and then follow the above instructions.

A note about SSH warnings¶

When you use a simple ssh aether to connect from within the IUP-UB network, you might see warnings about changed host keys from your SSH client. This is because your SSH client randomly connects to either of the Aether login nodes, which have different SSH host keys.

As it’s always a bad idea to receive warnings about things which are not critical, we suggest you do the following to make these warnings go away:

In the file $HOME/.ssh/known_hosts, your SSH client stores the host keys of all machines it connects to. The proposed procedure is to first connect explicitly to both login nodes, confirming the connection with yes in both cases:

$ ssh login1aether
The authenticity of host 'login1aether (10.103.15.183)' can't be established.
ECDSA key fingerprint is SHA256:7fUYLmRdI6b1TMMz92ln3bGFCw8J9mJOv3jniz7Xt8c.
Are you sure you want to continue connecting (yes/no)?
$ exit

$ ssh login2aether
The authenticity of host 'login2aether (10.103.15.184)' can't be established.
ECDSA key fingerprint is SHA256:Bt81nUZAgEWm1xypvrM2AUaUtTH6l5Y1VfbgxUU//GM.
Are you sure you want to continue connecting (yes/no)?
$ exit

Then, you can check the SSH host keys of both machines:

$ grep login1aether ~/.ssh/known_hosts
login1aether ecdsa-sha2-nistp256 RANDOM_STRING_FOR_LOGIN1_HOSTKEY
$ grep login2aether ~/.ssh/known_hosts
login2aether ecdsa-sha2-nistp256 RANDOM_STRING_FOR_LOGIN2_HOSTKEY

Now, you can add these two host keys to your SSH configuration for the aether hostname (make sure to use the actual host keys from the output of the commands above):

$ echo "aether ecdsa-sha2-nistp256 RANDOM_STRING_FOR_LOGIN1_HOSTKEY" >> $HOME/.ssh/known_hosts
$ echo "aether ecdsa-sha2-nistp256 RANDOM_STRING_FOR_LOGIN2_HOSTKEY" >> $HOME/.ssh/known_hosts

This tells your SSH client that both aether and aether.uni-bremen.de have two host keys each, and you shouldn’t get any warning about potentially dangerous connections any more.

Note

If you don’t see human-readable hostnames / IP addresses in your known_hosts file, it might be because the HashKnownHosts SSH option is set to yes. Currently, the only solution available seems to be to set the HashKnownHosts option to no in your $HOME/.ssh/config.

Transferring files with rsync¶

When using rsync to transfer files to Aether from outside the IUP-UB network, you need to explicitly specify the port to use. This is done using the -e switch of the rsync command:

$ rsync -Pav -e 'ssh -p 54204' SOURCE USERNAME@aether.uni-bremen.de:DESTINATION

Note

Using the --exclude flag you can specify directories which shall not be transferred.