Frequently Asked Question
1. Introduction
In this guide we access a virtual machine using OpenSSH from the commandline on Linux and Windows 10.
1.1. Requirements
SSH Keys
Before you continue, make sure that you have generated "SSH Keys" and sent your "Public Key" to your contact at EODC. If you haven't created your keys yet, please follow this guide:
How to create SSH Keys
Public IP, Floating IP and Private IP
The terms "Public IP", "Floating IP" and "Private IP" can be confusing. Here are some facts to lighten things up.
- A virtual machine with a "Public IP" is directly accessible from the outside world (e.g. from you personal computer)
- A virtual machine with only a "Private IP" is only accessible from the internal network (e.g. from another virtual machine inside the same network)
- A virtual machine with a Public IP also has a Private IP assigned to it.
- Every "OpenStack Project" has at least one virtual machine with a "Public IP" associated. This machine functions as a "Gateway".
- You can access internal virtual machines through the "Gateway" by using the "Proxy Jump Directive" as described later on.
- "Public IP" addresses are also called "Floating IP" addresses.
Please contact your administrator in case you need to know the IP address of the virtual machine you want to connect to.
1.1.2. On Linux
OpenSSH is installed by default on all Linux distributions.
1.1.3. On Windows 10
OpenSSH can be enabled on Windows 10 Version 1809 and higher. Follow this guide to enable it: How to install OpenSSH on Windows 10.
PLEASE NOTE: If you don't have a current Windows 10 installation or don't want to use the command-line, you can either use "MobaXterm" (recommended) or "PuTTY". See the follwing guides for more information:
- How to connect to a Virtual Machine on Windows with MobaXterm
- How to connect to a Virtual Machine on Windows using PuTTY
2. Connect to your virtual machine
2.1. Connect to a Public IP
In your OpenStack Dashboard you will find at least one Virtual Machine with a "Public IP" address, also called "Floating IP".
If you don't have access to the OpenStack Dashboard please contact your administrator.
This Machine functions as a "Gateway" through which you can access other virtual machines on the internal network. These machines have "Private IP" addresses and are not accessible from the outside world except through the "Gateway".
To access the gateway or any other machine with an public IP address associated, open a terminal and use following command.
ssh USERNAME@PUBLIC_IPReplace "USERNAME" and "PUBLIC_IP" accordingly.
Example:
ssh ubuntu@192.168.20.1232.2. "Proxy Jump" to a Private IP
To access a virtual machine having only a "Private IP" you need to pass through the "Gateway". This is done by "Proxy Jumping" The "Gateway" is the virtual machine with a "Floating IP" address.
Info: The name of the "Gateway" may differ between projects. To keep things simple we will refer to the name "Gateway".
To access the desired virtual machine you will need the "Floating IP" address of the gateway as well as the "Private IP" of the machine you wish to connect to.
- Open your OpenStack Dashboard and note down the "Floating IP" address of the "Gateway".
If you don't have access to the OpenStack Dashboard please contact your administrator.
- Note down the "Private IP" of the virtual machine you wan't to access.
- Open a terminal and use the SSH command with the "-j" option.
ssh -j USERNAME@PUBLIC_IP USERNAME@PRIVATE_IPExample:
ssh -j ubuntu@192.168.20.123 centos@10.250.10.123The username depends on the operating system of your virtual machine. For Ubuntu use "ubuntu", for CentOS the username is "centos"
2.2.1. Classic SSH Jumphost configuration
On older SSH Versions the "-j" option might not work. If that is the case you need to create a configuration file and save it as "~/.ssh/config".
A configuration like this will allow you to proxy through HOST A and reach HOST B.
Host host_a
User your_username
Hostname 192.168.20.123
Host host_b
User your_username
Hostname 10.250.10.123
Port 22
ProxyCommand ssh -q -W %h:%p host-aThen use following command to access HOST B.
ssh host_b