Step 1. Generate a public/private key pair
Open a terminal window and run the following command:
ssh-keygen
When prompted for a passphrase, press enter to skip.
You will see something along the lines of:
Your identification has been saved in C:\Users\josep/.ssh/id_rsa.
Your public key has been saved in C:\Users\josep/.ssh/id_rsa.pub.
Navigate to the directory in which id_rsa.pub is stored, and run the following command.
notepad id_rsa.pub
This will show your public key. Copy the result into a text editor.
Step 2. Add the key to GitLab
Open a browser and navigate to https://code.wm.edu/users/sign_in. Log in using your W&M credentials.
On the top left of the home page, select your profile photo and navigate to Preferences, then SSH Keys.
Select 'Add new key' and paste the key you copied earlier into the text field. Then select 'Add key' to save.
Step 3. Connect
Via terminal
From on campus/connected to the W&M network:
Open a terminal window and use the ssh command for a domain specific machine with your CS account username and password. An example of how you would log into bg1 is provided below.
$ ssh -JThis email address is being protected from spambots. You need JavaScript enabled to view it.
# If a key difference warning is encountered, enter 'yes'
If you receive the "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!", for Macs use the command:
$ ssh-keygen -R "host-name"
To generate a new key and try to ssh again.
For Windows, you need to locate your .ssh directory and remove the known_hosts file.
From off campus:
To SSH into one of the CS Department servers or lab machines, you will need a private and public key pair linked to your GitLab account (code.wm.edu). Documentation for how to generate a key pair is here. Add the generated key at https://code.wm.edu/-/user_settings/ssh_keys.
Open a terminal window and use the ssh command for a domain specific machine with your W&M username and CS account username and password. Your will need your W&M username and password to log in. The -J and bastion command allow you to jump through the bastion proxy server. An example of how you would log into bg1 is provided below.
$ ssh -JThis email address is being protected from spambots. You need JavaScript enabled to view it.
# If a key difference warning is encountered, enter 'yes'
# First enter your W&M password for bastion, then your CS credentials
The -J flag indicates jump. The bastion.wm.edu is where you will have to authenticate with CAS with your W&M credentials and Duo. Then you will authenticate with the CS network. More information can be found at these links:
https://en.wikipedia.org/wiki/Bastion_host
https://code.wm.edu/IT/bastion-host-instructions
https://www.wm.edu/offices/it/services/network/vpn/
If you receive the "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!", for Macs use the command:
$ ssh-keygen -R "host-name"
To generate a new key and try to ssh again.
For Windows, you need to locate your .ssh directory and remove the known_hosts file.
Via WinSCP
Start a new session and enter the file protocol as SCP, the host name as the machine you want to connect to, and your CS username and password.
Under the password box, select 'Advanced,' then 'Tunnel.'
Enter the host name as 'bastion.wm.edu,' your W&M username and password, and the path to your public key file. Then select 'OK.'
When attempting to connect, the first password it will ask for is your W&M password, which will prompt this dialog box. This is Duo authentication within WinSCP.
The next password it asks for will be your CS password.