Provides access to a machine on the center's internal network via SSH from the outside. This service is intended to access the center's network in cases where it is not possible to use the VPN.

First, check in the Xici Account and Permissions section if the service Ext. Access SSH Gateway is already listed. In that case, the service is already active for your account.

The registration must be requested through the requests and incidents form. To access the form you need your CiTIUS username and password. If you have problems remembering the username or password, you can request a reactivation at citius.tic@usc.es.

You must also add an SSH public key to your account in the «Biography and other data» section of Xici, since only SSH key authentication is accepted.

To generate the keys, run the following command from a terminal:

ssh-keygen -t rsa

Enter a password to protect your keys. This will generate the files ~/.ssh/id_rsa (the private key) and ~/.ssh/id_rsa.pub (the public key). The latter is what you need to enter in Xici.

• Server: 193.144.78.45
• Port: 22
• User: Your CiTIUS username

To connect, you can use the SSH command. Optionally, you can specify the location of the private key if it is not in its default location.

ssh -i ~/.ssh/id_rsa username@193.144.78.45

Once connected, you can connect to other machines in the center, for example to your work machine. Remember that you can turn it on (and off) using the remote power on service.

You can use the PuTTY program, using the same data provided above.

To connect, you need to convert the private key from SSH format to PuTTY format. You can do this with PuTTYgen which you can find on the same PuTTY page. To do this:

• Access the Conversions menu » Import key.
• Locate the private key in SSH format (the default name is id_rsa).
• Enter the passphrase, if you have one.
• Click on the Save private key button and select a location to save the generated .ppk file.

Once you have the file with the ppk extension, you can use it in the Private key file field of both PuTTY and WinSCP.

You can use the SSH gateway to access a CITIUS service, mapping the necessary ports from the machine that offers the service to your local machine.

For example, you can access storage via SSH by mapping the service as follows:

ssh -i ~/.ssh/id_rsa username@193.144.78.45 -L 8000:172.16.242.41:22

Once connected, you can access the files via SSH at the address 127.0.0.1:8000. In the same way, you can access other services.

It can also be done from Windows, via the WinSCP program. To do this, you must click on Advanced options and fill in the connection details in the Tunnel panel.