The Chemistry workstations do not accept ssh connections from machines outside the local domain. The only way to make an inward ssh connection is to use the VPN service, or to log into citadel, and then ssh on to the workstation you want. If you don't want to use the VPN (possibly you don't want all of your network connections to go via Chemistry as you're doing two or more things at once) this makes copying files between machines difficult. There is a way round this though, and this document describes it.
Linux and OSX
Let us say that you want to connect to a workstation, called "romulus" somewhere in the department, and your username is spqr1.
- You first need to obtain the fully qualified hostname of romulus, so when logged into romulus:
spqr1@romulus:~$ hostname -f romulus.ch.cam.ac.uk
- On your laptop set up an ssh config file. This file is called config and should be put in the .ssh directory in your home directory. It should contain something like:
Host romulus User spqr1 Hostname romulus.ch.cam.ac.uk ProxyCommand ssh email@example.com -W romulus.ch.cam.ac.uk:22
- Now you can ssh or scp to 'romulus' from your laptop when outside the department and you will be connected to romulus via citadel. If you have not set up any ssh public key authentication you'll have to type your password twice, once for citadel and once for romulus.
You can accomplish this with WinSCP. Again, determine the fully qualified hostname of the computer you wish to connect to, in this case "romulus".
- Enter the fully qualified hostname e.g. "romulus.ch.cam.ac.uk" under the hostname and select SCP for "File protocol". Enter your CRSID under Username and your AD password. Once you have entered all the information you may also wish to save the session, by giving it a name and clicking "Save As".
- Click "Advanced" and under Connection->Tunnels tick the "Connect through SSH tunnel" box. Under hostname, enter "citadel.ch.cam.ac.uk". Enter your CRSID and AD password, click "OK", then "Login".