Computer Laboratory

Remote access to Lab Systems

This page explains how to access Computer Laboratory systems from accounts on machines outside the Computer Laboratory network.

It is specifically to do with access from Unix/Linux systems. For other systems, see

Also, it relates to making a connection from machines already connected to the Internet. The process of connecting home machines to the Internet is described here.

Connection methods

There are a number of different connection methods. This section describes each one in decreasing order of preference. I.e. it is recommended you use the first one in the following list that works.

SSH using Kerberos.

This method works when connectiing from a machine with access to the department's Kerberos Domain Controllers, which is roughly * Obtain a kerberos key and then ssh in, as described in OpenSSH clients.

SSH using a VPN.

If outside, open a VPN to get inside, as described in VPN access to the Computer Laboratory network, and then connect using Kerberos as above.

SSH direct to host authenticating using a private key.

In this method you establish one or more public/private keys which you use to authenticate ssh connections directly to Lab machines. For details see Using SSH to connect to the Lab.

SSH to authenticating using one time passwords

In this method you set up a set of one-time passwords which you use to authenticate ssh connections to ssh relay machines. From there you can use ssh once more to connect to any machines within the lab using Unix passwords, host based authentication or private keys. For details on setting up and using one-time passwords see One-time Passwords.