There are several ways of connecting to the labs' Unix computers
from the outside world. To protect our systems from attack these
access points must be restricted. Historically most connections over
the Internet have been made using the programs telnet and ftp.
Both of these programs have very serious weaknesses both in their design
and in their implementation on a number of particular computer systems,
include unfortunately Silicon Graphics computers.
You cannot use either telnet nor ftp to connect to the lab Unix computers from anywhere.
The method of access we do support is a protocol called Secure SHell (ssh) and Secure File Transfer Protocol (sftp). These are widely available protocols, but certainly are not as easily available as the older methods. In the ssh protocol (and sftp is built upon ssh) each computer has a public and a private key. Data to be sent to the remote computer is encrypted by that computer's public key. To be understood the communication stream must be decoded using the private key. Since only the true destination computer knows the private key no one on the Internet can watch the data flow. When you log on using ssh your username and password are sent over the network in encrypted form and are safe. The only problem is that the sending computer must know the receiving computer's public key. The first time you connect to the remote computer it will send its public key and you will be asked if you want to trust it. You probably do.
You don't need to know the whys of all this stuff. All you have to know is that you should use ssh to connect to our computers, that you will have to accept the public key of our computer the first time, and you will still have to enter your username and password.
ssh has an alternative scheme of personal public/private keys along with a "pass phrase". If you send your password you don't need to send a pass phrase. In most cases the pass phrase stuff is not useful and it will not be discussed further.
On the remote system you will need an "ssh client". On Unix systems
this will be called "ssh". Just type "ssh" and the
name of the remote computer and away you go. If you are on a Windows
or MacIntosh computer you will need a particular piece of software.