Remote access using SSH and SCP
Many Linux and Unix systems are accessible using ssh, rsync, scp, sftp and other tools. Remote access can be used to retrieve files, and to run commands with access to your AFS home directory.
SSH is the preferred access method since it is secure and available for all platforms. We recommend using Kerberized SSH (GSSAPI), where no password leaves your local machine.
After configuring SSH (in ~/.ssh/config or the equivalent), you can connect to the shell server for your affiliation. In most Unix-like operating systems, this can be done using
kinit -f username@KTH.SE ssh student-shell # or faculty-shell staff-shell affiliate-shell…
- List of shell servers for affiliated users
- How to log in from Linux
- How to log in from macOS
- How to log in from Windows
Note: All examples use username and student-shell – replace this with your KTH username (without @kth.se), and the server you are connecting to.
Note on host keys
Using GSSAPIKeyExchange you will not get prompts like
The authenticity of host 'student-shell.sys.kth.se' can't be established. ECDSA key fingerprint is SHA256:kU4+41LFakE+D/D/FPPo2faB+/QjNtyemz/xAJfx+4E. Are you sure you want to continue connecting (yes/no)? username@student-shell's password:
Instead, Kerberos authentication is used both to confirm server identity (instead of host keys), and to authenticate you (instead of a password).
However, if you cannot use GSSAPI (or like ssh in macOS, cannot use GSSAPIKeyExchange), you need to use host keys. The list of public shell servers provides host keys for all servers.