Help:Access to Cloud VPS instances with PuTTY and WinSCP

From Wikitech
Jump to: navigation, search

This page documents Single-click solutions for accessing your Cloud VPS instances using PuTTY and WinSCP. There are extra instructions for accessing Toolforge with them.

With appropriate proxy respectively tunnel settings via the bastion server. With the correct settings, a single click connection or file transfer is possible, and no command line input trouble is needed. pmt

Prerequisites

  • username: your username on Cloud Services, Gerrit, bastion and your instance
  • instance: your instance name like in the server name instance.eqiad.wmflabs, e.g. openid-wiki.eqiad.wmflabs
Important:
You have to manually make your first connection from bastion to your instance (i.e. not using the methods on this page). This in order to see and accept the server fingerprint! Rationale: The first connection to an SSH server requires verification of the host key. PuTTY and also WinSCP store accepted server keys, and will alert you, if they differ later.[1]
Make sure to use latest PuTTY 0.63 or later and WinSCP 5.1.6 or later.
  • PuTTY
  • plink.exe (part of PuTTY suite)
  • Pageant (PuTTY authentication agent)
  • your generated and loaded-in-Pageant ssh key
  • WinSCP

See reference section for further information about tunnels and proxies.

How to set up PuTTY for proxying through bastion.wmflabs.org to your instance

20130118-2224-PuTTY Configuration.png
20130118-2235-PuTTY Configuration.png 20130118-2236-PuTTY Configuration.png

The following uses an intermediate local proxy, part of the PuTTY suite.[2]
20130118-2240-PuTTY Configuration.png

plink.exe bastion.wmflabs.org -l <username> -agent -nc %host:%port

20130119-2156-PuTTY Configuration.png 20130119-2158-PuTTY Configuration.png

Hint: Make sure the proxy server (here: bastion) is already known to Putty before using it as a proxy. Otherwise you might just get a blank screen. If you are still getting the blank screen, you can run the plink command written above from the shell command line and accept the fingerprint. Then connect again with PuTTY as described above. Note that the proxied connection takes longer to establish than regular one (ie. you can wait 5 sec to get the remote prompt).

How to set up WinSCP for tunneling through bastion.wmflabs.org to your instance

Setting up WinSCP is very easy compared to setting up PuTTY.

20130118-2309-WinSCP Login.png
20130118-2313-WinSCP Login.png
20130118-2311-WinSCP Login.png
20130118-2312-WinSCP Login.png

References

  1. http://winscp.net/eng/docs/ssh#verifying_the_host_key
  2. Multihop SSH with Putty/WinSCP 01/09/2008 by Mike Lococo
Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=Help:Access_to_Cloud_VPS_instances_with_PuTTY_and_WinSCP&oldid=1768761"