Norwegian version of this page

Setup of SSH with Linux, macOS or Windows

Configuration of OpenSSH client

macOS and Linux use OpenSSH as standard SSH client and SSH server. On updated Windows 10 PCs with the OpenSSH client installed, the same setup can be used. The configuration can be applied in several ways:

  • Via standard configuration from vendor, common for all users. Normally configured in /etc/ssh/ssh_config and/or under /etc/ssh/ssh_config.d/*
  • Via command line options to ssh, e.g., ssh -o Compression=yes
  • Single user setup by editing ~/.ssh/config 

An .ssh/config file can contain a general setup for all machines you want to contact. You can also make configurations specifically for single machines or groups of machines.

Configurations applicable to all machines should be put at the end of the file. SSH uses the first applicable configuration item. If you put global settings at the end, you can overrule on or more of them by setting more specific configuration items higher up in the config file.

Configuration example

Host testmachine 
        Hostname test.one-domene.com
        User test

Host *.home.com
        User homeuser
        ForwardX11 yes

Host uioproxy
        User uiouser
        Hostname login.uio.no
        DynamicForward 9000

Host *.uio.no !login.uio.no
        ProxyJump username@login.uio.no

Host *
        ControlMaster auto
        ControlPath /tmp/%r@%h:%p
        Compression yes
        ForwardX11 no
       

 

Log in to testmachine

Here you can log in to test.one-domene.com, with the user test with the following command:

[user@host ~]$ ssh testmachine

You can also run ssh test@test.one-domene.com.

Log in to home computer

Log in to any machine under *.home.com:

[user@host ~]$ ssh pc.home.com

Here you will log in to pc.home.com with the user homeuser. This is the same as running ssh -X homeuser@pc.home.com with X11 forwarding turned on.

Log in to login.uio.no

[user@host ~]$ ssh uioproxy

Here you will log on to the machine login.uio.no with the user uiouser. You will have DynamicForward turned on on local port 9000. By configuring 127.0.0.1:9000 as SOCKS proxy in your browser, all traffic from the browser will go through login.uio.no so that your browser will appear to be inside the UiO network.

Log in to officelinux.uio.no

[user@host ~]$ ssh officelinux.uio.no

Here you will login to the machine officelinux.uio.no with the user user, but the login will go through login.uio.no with the user username.

This is mainly useful for macOS or Linux laptops. Normally most people will also have the same user name on the ProxyJump machine as on their local client.

ControlMaster

Host *
        ControlMaster auto
        ControlPath /tmp/%r@%h:%p
        Compression yes
        ControlPersist 10m
        ForwardX11 no

This config applies to all connections, which will then be configured with ControlMaster. The first login to a machine will be the Master. In this case a socket is set up under /tmp with the name user@remote.host:port.

When you log in to a new session to the same machine or copy a file in another window you will not be asked for login credentials. Instead a new channel in the same session will be created, to spare you from lots of logins. When the first session is closed (remotely or by you) you have to log in again.

Compression yes enables compression for the whole session.

ControlPersists 10m keeps the ControlMaster session open 10 minutes after the last logout. If you accidentally close the master login session, you can log in again within 10 minutes without being asked for password and two-factor code again.

ForwardX11 is another config option that will hit every configuration item in our example except uioproxy, which is higher up and set to another value.

Setup on Windows

Make sure to find the correct folder and make sure the configuration files are stored without any suffix/file extension.

The correct place for the builtin ssh client is C:\Users\<brukernavn>\.ssh\config

Putty configuration

Many use Putty as SSH client on Windows. In Putty you can enable most of the options mentioned above, but the setup is stored in sessions. All settings are done per host.

After October 1st 2021 login to most machines on UiO with SSH will have to be done via a login or jump host. Putty does not directly support this, but you can achieve almost the same with the following setup.

1. Make a new session in Putty and give it a name

lag en ny putty sesjon

Under the SSH option, type in the command in the remote command window. Putty will after the first jump try to login to uiobruker@kontormaskin.uio.no. 

2. Choose the right remote command

Velg riktig remote kommando

3. Fill in UiO username

Add the user you will log in with for the first jump, normally your uio username (here uiobruker).

​sett inn uio brukernavn

4. Save the setup

Go back to Session and save the setup.

Lagre Putty sesjon

At login you will first be asked for password for first jump - your uio user on login.uio.no - and then password to the next jump which is the user on the office machine (kontormaskin).

Note: Many Putty users have asked for improvement of the ProxyJump function in Putty, so this may change in newer versions. The documentation here is based on version 0.75.

Search the user manual
Did you find what you were looking for?
Contact support

Call us

Opening hours are weekdays from 08:30 to 17:00 and Saturdays from 10:00 to 15:00.

Phone number: 22 84 00 04

Register case

Your request can be sent to it-support@uio.no.

Send email

Book a Zoom meeting

Students and employees can book a Zoom meeting with UiO Helpdesk. Available hours are Tuesday to Thursday between 11:00 and 13:00.

Book a video call

Chat with us

Our chat is open every weekday between 09:00 and 16:00.

Start chat
Published Dec. 9, 2022 5:09 AM - Last modified May 19, 2023 12:41 PM
E-mail this page