SSH Gateway

We offer an SSH access to the AIP network via a gateway server (""). This server is only ment for SSH connections to the institute and not for productive work. From this server you are able to connect to other linux computers at the institute - either via an SSH command line, or an SSH tunnel.

In order to establish an SSH connection you need an SSH client program (e.g. ssh, or PuTTY) and an active AIP account incl. linux access.

When you connect to the server for the first time, you should check the "fingerprint" of the server key. This fingerprint is stored in the DNS (Domain Name System) records, you can check it using the command line paramaeter "-o VerifyHostKeyDNS=ask":

ssh -o VerifyHostKeyDNS=ask

The authenticity of host ' (' can't be established.

ECDSA key fingerprint is SHA256:NRj7YHYblxYG57KdOQOpnbwXO59xbClvyxhKWQEm//Y.

Matching host key fingerprint found in DNS.

Are you sure you want to continue connecting (yes/no)?

A simple command line access can be started the following way:

ssh -l your_account_name -Y

If you want to establish an SSH tunnel to your institute computer you need to do the following:

# In a terminal on your home computer
ssh -l your_user_name -L
# Keep the connection established!
# You can now open a direct connection to your institute computer from another terminal on your home computer:
ssh your_user_name@localhost -p 50800

Copy data from your home computer to a computer at the AIP using scp and an established SSH tunnel
scp -P 50800 your_user_name@localhost:filename remote_filename
# or by using rsync
rsync -e 'ssh -p 50800'

Open a VNC connection:
# Initialize the tunnel on your home computer:
ssh -l your_user_name -L

# In a different terminal on your home computer:
vncviewer localhost:5903

Connect using Publick Key:

You can create a password-less access by adding the your public key to the file .ssh/authorized_keys. Please use the editor "vi" for that purpose, other editors are not available on the server:

vi .ssh/authorized_keys

Please note:

  • For security reasons, your working environment on the login server is restricted. There are only a view commands you can use and access to the file system is limited, too.
  • The SSH protocol is repeatedly used for attacks. In case of heavy attacks we reserve the right to temporarily block the SSH access.

Cluster access

You can find further information regarding the cluster access on the eScience Webpages.

Last update: 28. July 2021