User & Login

Terms Of Use

Registration

Please contact kai.himstedt@hitec-hamburg.de or daniel.speck@hitec-hamburg.de

Preconditions

To give you access to the RCI you will need:

• Google Authenticator App

  • see Wikipedia page for info

  • Android: Google Authenticator in Google Play store 

  • iOS: Google Authenticator in Apple App Store 

• SSH key

  • see Wikipedia page for info

  • see GitHub's key creation tutorial for creating a key: Generating a new SSH key 

SSH Config

Located at ~/.ssh/config your ssh config should be stored (Linux, Mac, WSL). With a simple entry you can configure hosts ("bookmarks") to simplify ssh access to the RCI:

host rci-head

    hostname 84.46.78.116

    port 10022

    user youruser

    IdentityFile /home/youruser/.ssh/ssh-private-key

    ForwardAgent yes

SSH Session

After editing your ssh config and having your Authenticator  app ready you can connect to the rci-head with the following command:

ssh rci-head

After running this command you will be asked for your verification code in your Authenticator  app. After entering it correctly you will be in head node of the RCI.

SHH Tunnel

An SSH tunnel is a technique that allows you to securely forward specific ports from your local machine to remote services within the Research Compute Infrastructure (RCI) via an encrypted SSH connection. Unlike a standard SSH session, which provides terminal access to the head node of the RCI, an SSH tunnel enables you to access specific internal services (e.g., databases, private web applications) that are not directly exposed to the internet. If you need to access an internal service you're running on the RCI from your local machine without exposing it to the public internet, creating an SSH tunnel is a crucial practice for maintaining security and privacy.

As you are setting up the SSH tunnel you need to specify which local port you want to forward and the internal service you want to access and on which node your internal process is running. 

You can use the following command:

ssh -L local_port:remote_host:remote_port rci-head

local_port: The port on your local machine that you want to use (e.g., 9090).

remote_host: The internal RCI server or service you want to access (e.g., the internal web server). This is  the node where your application is running.

remote_port: The port on the remote service (e.g., 8080 , 8001).

Here is an example of a tunnel command for a service which is running on 0.0.0.0:8188 on the n21 node in rci which we want to forward to or local port 8188:

ssh -L 8188:n21:8188 rci-head

IMPORTANT:

1. Please do not forget that you need to run your application on 0.0.0.0 and not on localhost or 127.0.0.1

2. The ForwardAgent should have been set to True in your ssh config in order to be able to jump from head to an other node