SSH/SCP

about ssh ssh, or secure shell protocol, is a cryptographic network protocol that allows secure access and management of network devices and servers over unsecured networks it provides encrypted communication, enabling secure remote login, file transfers, and command execution, thereby protecting your data from unauthorized access vast ai instances are configured to accept keys only password authentication is disabled for improved security ssh keys ssh key based authentication is a secure way to access servers without using passwords it involves two keys a public key and a private key the public key is shared with the server, while the private key is kept safe on your device when you try to connect to the server, it sends a challenge that your private key must answer if it matches, you're granted access add your public key(s) to your account at https //cloud vast ai/manage keys/ https //cloud vast ai/manage keys/ any keys stored at the account level will automatically be added to new instances as they are created if you have an existing instance you can add keys to it from the instance card ssh local port forwarding an often overlooked feature of ssh is its ability to forward local ports to another machine when you access a server remotely over ssh, you can make ports from the remote machine available as if they were listening on your own device this is a secure alternative to opening ports on the public interface as all data is transported over the ssh connection ssh p 1234 root\@180 123 123 123 l 8080\ localhost 8080 l 5000\ localhost 5000 this ssh command connects to the remote instance and sets up local port forwarding (ssh tunneling) connection details connects to ip 180 123 123 123 as user root uses port 1234 instead of the default ssh port 22 port forwarding (the key part) l 8080\ localhost 8080 creates a tunnel so when you access localhost 8080 on your local machine, it forwards to port 8080 on the remote server l 5000\ localhost 5000 same thing for port 5000 you can repeat the l arguments to forward as many ports as you need what this means after connecting, you can open your web browser and go to https //localhost 8080 or http //localhost 5000 on your local computer, and you'll actually be accessing services running on those ports on the remote server it's like creating secure "tunnels" through the ssh connection to reach applications on the remote machine that might not be directly accessible from the internet jupyter terminal ssh alternative as a simple alternative to ssh, you might like to consider jupyter terminal instead all instances started in jupyter launch mode will have this enabled it is a very straightforward web based terminal with session persistence it's great for a quick cli session access the terminal from the ssh connections interface jupyter terminal cli setup guide most computer operating systems support opening ssh connections from their cli interface this is generally the most straightforward approach if you prefer a desktop client then see the later gui setup guide open a terminal on your computer for windows, you will need to use powershell \# generate a key pair ssh keygen t rsa this will save your keys in the home directory in the ssh directory you now need to add the public key to your account we can print it out so you can copy it \# print the public key cat $home\\ ssh\id rsa pub ssh rsa aaaab3nzac1yc2eaaaadaqabaaabgqduyls1t7sv1wjvnyrubzcxv81xu4p4cl2fysdgng+uqyky44t2th/jnkol7l079oin4hunackqlyk0mb4jsbvzjgekft6xk9lpg6stpteljckqjqpk/dgpqkd1qcvqmgp3cayfwvuli7my/hvpvcf6hlaftasygixo6wqwlsfvwiar5zlyiltmm3blidohmydawl4b4fickb3aujkfhfgiqds5fhgnq19ltjkfi/3nauitqx7t3xsw1jykzy/7oa6iypmzsfbx3fo/t8kc4/br2efrwf9au2iixb7m/gf65ndb8kuc+ptjcp2myyxkmhm+7w3zp8mozfzbzfuywfnpc0q+uq9mmsaujsp+dsj3u1rum24tav6zvj9cxtg6xrauxfle6b9zw+isohqbwmra5ctu57szzvydbcezxosuir9pku6kiogxepzrtrzshzshzjweghurwjvms4femn3bxoepm68urr2uw4b9tvshqxbox/jj4hz5kkjqc6k8qz8= user\@machine add the public key into your account at https //cloud vast ai/manage keys/ https //cloud vast ai/manage keys/ adding your key here will not affect running instances to add keys to an existing instance you should open the instance specific ssh interface connecting to your instance start a new instance and click the ssh icon to see your connection information connection details now you can enter the connection command string into your terminal ssh p 20544 root\@142 214 185 187 l 8080\ localhost 8080 the authenticity of host '\[142 214 185 187] 20544 (\[142 214 185 187] 20544)' can't be established ed25519 key fingerprint is sha256\ wtuphznpn0zikmp+l5etzpich6eez2pa/7+dsxdrjt0 this key is not known by any other names are you sure you want to continue connecting (yes/no/\[fingerprint])? yes you should now see a screen similar to this you will, by default, be placed into a tmux session instance ssh session tmux we connect you to a tmux session by default for reliability and to prevent unintentional termination of foreground processes you can create a new bash terminal window with ctrl+b + c cycle through your windows with ctrl+b + n there is an excellent guide for getting to grips with tmux at https //tmuxcheatsheet com https //tmuxcheatsheet com/ if, however, you would prefer to disable tmux, you can apply the following either in a terminal or from your template's on start section touch / no auto tmux troubleshooting you can often determine the exact cause of a connection failure by using the vv arguments with ssh to get more information common reasons include using the wrong private key incorrect permissions for your private key public key not added to instance or account connecting to the wrong port scp & sftp file transfer both scp (secure copy protocol) and sftp (ssh file transfer protocol) are tools for securely transferring files that piggyback on the ssh protocol they use the same authentication and encryption as ssh scp (secure copy protocol) what it is simple, command line tool for copying files between local and remote machines best for quick, one time file transfers syntax scp p \<port> source destination examples \# copy file to instance scp p \<ssh port> my file txt root@\<instance ip> /workspace/ \# copy file from remote server scp p \<ssh port> root@\<instance ip> /workspace/my file txt / \# copy entire directory scp p \<ssh port> r myfolder/ root@\<instance ip> /workspace/ sftp (ssh file transfer protocol) what it is interactive file transfer program with a full command set best for managing files, browsing directories, multiple operations usage cli or gui tools available example \# establish connection sftp p \<ssh port> root@\<instance ip> welcome to vast ai if authentication fails, try again after a few seconds, and double check your ssh key have fun! connected to 79 116 73 220 sftp> ls hasbooted onstart sh note that both scp and sftp take the p argument in uppercase this differs from the ssh command which uses lowercase vs code integration once you have your ssh keys set up, connecting to vs code is quite straightforward we will cover the basics here install the remote ssh extension you will need to add the remote extension named 'remote ssh' open remote window click the open remote window button enter your ssh address details in the box that appears at the top of your window now simply allow a moment for vs code to configure the instance and you will be able to work with the instance as if it was a local machine for more information, see the vs code documentation gui setup guide (windows) several gui tools are available to help with ssh connectivity while it is often most straightforward to use the terminal we will cover some of the popular options here for each application we will assume the following ip address 142 114 29 158 port 46230 username root example ssh details putty putty consists of two important components putty for making connections and puttygen for creating ssh keys first, we will generate a public and private key pair putty uses its own ppk private key type open puttygen and click the 'generate' button you will be asked to move your mouse around until the green bar is full key generation interface once the key generation has completed, save both your public and private key somewhere safe such as in your documents folder optionally you can enter a passphrase for your private key for added security next, copy the full public key to the clipboard and add it to your account at https //cloud vast ai/manage keys/ https //cloud vast ai/manage keys/ save keys interface now that we have a suitable key to use, close puttygen and open the main putty application in the 'session' tab, enter the ip address and the port putty session tab next, move to the 'connection > data` tab and set the auto login username to 'root' connection data tab now navigate to 'connection > ssh > auth > credentials' and browse for the private key ( ppk) that you saved earlier ssh credentials tab finally navigate back to the 'sessions' tab to save the connection details here i have saved the session with the instance id so that i can access it again later save connection finally, click the 'open' button to be connected to your instance putty has many additional features to explore find the full documentation here mobaxterm first, we need to create a public and private key pair mobaxterm uses putty style ppk keys open the application and navigate to tools > mobakeygen (ssh key generator) glick the 'generate' button you will be asked to move your mouse around until the green bar is full key generation interface once the key generation has completed, save both your public and private key somewhere safe such as in your documents folder optionally you can enter a passphrase for your private key for added security next, copy the full public key to the clipboard and add it to your account at https //cloud vast ai/manage keys/ https //cloud vast ai/manage keys/ save keys interface now you can close the key generation interface we will create a new session navigate to sessions > new session > ssh sesison interface important details to complete remote host specify username (root) port use private key click 'ok' and you will be connected to the instance ssh terminal you can find the documentation for mobaxterm here other gui clients many gui clients are available for windows and other operating systems, and although it is not possible to cover all of these here, the key things to remember when setting up are create a public and private key pair add the public key to your vast account and any running instances keep the private key safe ensure you are connecting to the correct ip address and port as user root