Using the TCC remotely over the Internet

Modem access

To access the TCC from your off-campus computer equipped with a modem, use 838-0335. We support the PAP protocol at 56KBps.

Access via Secure Shell (ssh)

To open a connection to a remote system through your modem or other connection, use ssh, the Secure SHell program. Data handled through an ssh connection is encrypted for security. The older telnet protocol is not secure and is no longer supported.

• On TCC Windows systems, use the PuTTY utility, and select the ssh protocol radiobutton. The preferred login server is rainbow. For more information on PuTTY, see `PuTTY: A Secure SHell (SSH) connection utility for Windows'.
• For a non-TCC Windows machine, see Using the TCC remotely via modem from Windows.
• Most recent Linux releases support the ssh command. For example, to log in to rainbow as user fred:

  ssh -l fred rainbow.nmt.edu

• MacOS X supports ssh. Open a terminal window from /Applications/Utilities and type the ssh command as shown above.

Periodically (generally only once or twice a year), the TCC must reconfigure its servers. When it does, certain security keys will change. These keys are necessary to verify that you are talking to the correct server and not an impostor system.

• When you first use ssh to connect to a TCC server, you will see a message that looks like this:

  The authenticity of host 'linux (129.138.2.218)' can't be established.
  RSA key fingerprint is 09:49:48:42:82:6b:b9:2e:40:e2:b7:3a:9c:42:6f:92.
  Are you sure you want to continue connecting (yes/no)? 
  

  If the value is the one shown above (09:49:48:...), then answer “yes”. A line will be added to your .ssh/known_hosts file with the current security key, to certify that you have verified the identity of that server.

• If you already have such a line for a given server in your .ssh/known_hosts file, the first time you connect there after one of TCC's periodic reconfigurations, you will see a warning something like this:

  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
  Someone could be eavesdropping on you right now (man-in-the-middle attack)!
  It is also possible that the RSA host key has just been changed.
  The fingerprint for the RSA key sent by the remote host is
  09:49:48:42:82:6b:b9:2e:40:e2:b7:3a:9c:42:6f:92.
  Please contact your system administrator.
  Add correct host key in /u/YOURLOGIN/.ssh/known_hosts to get rid of this message.
  Offending key in /u/YOURLOGIN/.ssh/known_hosts:14
  RSA host key for SERVER has changed and you have requested strict checking.
  Host key verification failed.
  

  where YOURLOGIN is your account name and SERVER is the server you are connecting to, such as login or rainbow.

  If the RSA key fingerprint is the one shown in the example above (09:49:48:42:...), then you are connecting to a real TCC server. To get rid of the message shown above, edit your .ssh/known_hosts file, find the line that starts with the server's name, and delete it. (If you are not sure what tools you need to edit this file, contact the Help Desk).

  Then ssh back in and answer “yes” to the question as in the example above.

Last updated: 2008/03/06 18:50:17 UT
URL: http://www.nmt.edu/tcc/help/modem/homepage.html