====== First Login ======

In this exercise you will learn how to login and run commands on our infrastructure.

===== Part I: Login =====

==== Required software ====

As mentioned in the lecture, you absolutely need a //terminal emulator//:

  * on Linux: this can be one of programs Konsole, Gnome Terminal, Terminal, XTerm, ...
  * on Mac OS X/OSX/macOS Sierra: use the pre-installed Terminal application, [[https://www.iterm2.com/|iTerm2]] or the X-Windows terminal from XQuartz (see instructions below)
  * on Windows: use [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html|Putty]]

optionally you may want:

  * a X11-Server, to be able to start graphical applications on the server and have the output on your computer:
    * on Linux: it is enough to be logged-in in a graphical environment (Unity, Gnome, KDE, ...)
    * on Mac OS X/OSX/macOS Sierra: you need to install [[https://www.xquartz.org/|XQuartz]]
    * on Microsoft Windows: you need to install [[https://sourceforge.net/projects/vcxsrv/files/latest/download|VcXsrv]]
  * a file transfer tool to copy files from/to the server:
    * on Linux: put ''%%sftp://tcopt2.chem.uzh.ch%%'' as the address in your file browser and you should be able to browse your home directory after logging in
    * on Mac OS X/OSX/macOS Sierra: use [[https://cyberduck.io/|Cyberduck]]
    * one Windows: use [[https://winscp.net/|WinSCP]] or [[https://cyberduck.io/|Cyberduck]]
  * a plain text editor to edit input files if you are uncomfortable with using ''vim'', ''nano'' or ''emacs'' via SSH. Please note: It is important that your editor supports Unix line endings. If in doubt, use one of the mentioned editors on the server, or an advanced plain text editor like [[https://atom.io/|Atom]] (plus the [[https://atom.io/packages/line-ending-selector-unix|line-ending-selector-unix]] plugin) or [[https://notepad-plus-plus.org/|Notepad++]] on your local machine.

==== Login using Linux ====

  * Connect to Internet (use VPN when not on the UZH network)
  * Open a terminal (Konsole, xterm or similar)
  * Connect to the server by entering the command: ''ssh -X studentXX@tcopt2.chem.uzh.ch''


==== Login using macOS ====

  * Connect to Internet (use VPN when not on the UZH network)
  * Open a X-Windows terminal in the X11 application if you want to run graphical applications on the server, otherwise use the pre-installed //Terminal// application or an alternative like //iTerm2//
  * Connect to the server by entering the command: ''ssh -X studentXX@tcopt2.chem.uzh.ch''

==== Login using Windows with SSH (Windows 10 and later) ====

  * Connect to Internet (use VPN when not in the UZH network)
  * Start VcXsrv (optional, only required if you want to run graphical applications on the server)
  * Start the Powershell console
  * Type the command ''ssh studentXY@tcopt2.chem.uzh.ch''
  * Enter (username and) password as requested

==== Login using Windows with Putty ====

First configure Putty (only required on the first run) as follows:

  - Start the application PuTTY from the Windows menu (in the folder PuTTY)
  - Fill in the //Host Name//: ''tcopt2.chem.uzh.ch''
  - Set //Connection type// to ''SSH''
  - Type ''tcopt2'' as the name of the session below Saved Sessions and save the settings a first time
  - In the Category tree on the left side, select //Connection > Data// and enter the username you have been given in the lecture in the field //Auto-login username//
  - Select the tab ''Connection > SSH > X11'' from the ''Category'' list and enable the option ''Enable X11 Forwarding''
  - Go to //Session// again and 
  - Choose ''Session'' from the ''Category'' list and click ''Save'' again

Then continue as follows to login:

  * Connect to Internet (use VPN when not on the UZH network)
  * Start VcXsrv (optional, only required if you want to run graphical applications on the server)
  * Start Putty
  * Double click the session ''tcopt2'' to start the connection
  * Enter (username and) password as requested

==== First steps ====

<note important>Change the password of your account after your first login, using:

<code>
$ passwd
</code>
</note>


===== Part II: Advanced account configuration =====


==== Setup key-based authentication ====

To avoid having to type the password every time you log in (and to increase the security), a public-private key pair can be used for authentication instead. 

=== Instructions for macOS and Linux ===

First generate a key-pair **on your local machine** by running the following in a terminal/shell:

<code>
$ ssh-keygen
</code>

and accept the defaults proposed and do no set a password.

Upload the public key **from your local machine** to tcopt2:

<code>
$ scp ~/.ssh/id_rsa.pub studentXX@tcopt2.chem.uzh.ch:~/
</code>

Now login to ''tcopt2.chem.uzh.ch'' and move the uploaded public key to the right place and set the access permissions correct:

<code>
$ mkdir -p .ssh
$ chmod 0700 .ssh
$ mv id_rsa.pub .ssh/authorized_keys
</code>

When connecting to the server **from your local machine** now, use:

<code>
$ ssh -i ~/.ssh/id_rsa studentXX@tcopt2.chem.uzh.ch
</code>

=== Instructions for Windows using PuTTY ===

First login to the server as above and leave the terminal window open.

Then generate a key-pair **on your local machine** as follows:

  - Start the application //PuTTYgen// which was installed alongside //PuTTY// itself
  - Click on //Generate// to generate a new key (move the mouse to generate randomness, as instructed)
  - Do not set a //Key passphrase//
  - Click on //Save private key// and store the private key as ''condensed_matter.ppk''
  - On the server (in the //PuTTY// terminal window), run the following commands:
    <code>
    $ mkdir -p .ssh
    $ chmod 0700 .ssh
    $ nano -w .ssh/authorized_keys
    </code>
  - Now copy & paste the content in the field //Public key for pasting into OpenSSH authorized_keys file// from //PuTTYgen// into the terminal. Pasting in //PuTTY// is done by a right mouse click.
  - Exit //nano// by using ''CTRL+X'', press ''Y'' to save the file and confirm the name by pressing ''ENTER''
  - Enter ''exit'' to close the connection
  - Close the //PuTTYgen// application

Reconfigure //PuTTY// to use the generate key:

  - Restart //PuTTY//
  - Select the //Session// ''tcopt2'' and press //Load//
  - Select //Connection > SSH > Auth//
  - Use the //Browse...// button in //Authentication parameters// to selected the ''condensed_matter.ppk'' you generated earlier
  - Go back to //Session// and click //Save//, then //Open// to login
  - Now //PuTTY// should directly login (given that you have saved the username as well as described above) without asking for a password

==== Simplify the login ====

The following instructions **apply to OSX and Linux**.

**On your local machine** add the following part to the file ''.ssh/config'' in your home directory:

<code>
Host tcopt2
  HostName tcopt2.chem.uzh.ch
  User studentXX
</code>

after which you will be able to connect to ''tcopt2'' simply by using

<code>
$ ssh tcopt2
</code>

If you have setup key-based authentication as shown above, augment the entry to the following instead, to always use key-based authentication without having to specify ''-i ~/.ssh/id_rsa'' manually:

<code>
Host tcopt2
  HostName tcopt2.chem.uzh.ch
  User studentXX
  IdentityFile ~/.ssh/id_rsa
  IdentitiesOnly yes
  PreferredAuthentications publickey
</code>