School of GeoSciences

School of GeoSciences


Secure Shell

Access to School Linux machines is principally via ssh - the secure shell. Ssh creates an encrypted link between the client and server machines allowing terminal access and all manner of other connections to be transported securely across the internet.


To improve security, ssh access is only allowed via the ssh gateway Other machines and services can still be accessed by tunnelling (see below). Shell access to another host can be achieved by simply using ssh to the gateway machine and then ssh onwards to the desired host. e.g. once connected to ssh.geos you can then use "ssh -X" to connect onwards to another machine (Baikal) inside the School's firewall.


One of the benefits of using ssh is that it allows other services to be "tunnelled" through firewalls. This should be used with caution, but does in principle allows remote use of services which would otherwise to be too insecure. The most common use of this is to tunnel the X graphical interface protocol, allowing remote use of graphical programs such as the graphical editor "nedit". With graphical ssh programs, such as PuTTY, this is selected in the "tunnelling" options tab. For command line ssh programs, X tunnelling is accomplished by means of the -X flag (e.g.: ssh -X


The Secure File Transfer Protocol also makes use of the ssh connection. To transfer files in or out of the School, you can use clients that understand this protocol. SFTP connections should only be made to Windows users can make use of clients such as WinSCP to transfer files. Apple users can use clients such as Cyberduck to transfer files. Please note that there is no equivalent of the insecure "anonymous ftp" mechanism.  If you wish to publish files, you are encouraged to do so via a web-page.