What is SSH?
Secure Shell, or SSH, is a cryptographic
(encrypted) network protocol to allow remote login, file transfer and other
network services over a secure channel. SSH implementations typically provide
sftp commands to securely copy files from one
host to another, and
rsync supports transfers via SSH by default.
SSH replaces the less secure
How do I use SSH?
Penn VPN software is required for all SSH connections from networks that are outside of PennNet.
Before connecting to a machine on PennNet via SSH from an external network, you must install and run the University Client VPN software:
The OpenSSH application suite included with MacOS, most Linux/UNIX distributions and Windows 10 (version 1803 or newer) is an industry standard and used in the examples below.
There are many other SSH client options, including WinSCP, SecureCRT, PuTTY, MobaXterm, Cygwin, WSL (Windows Subsystem for Linux), etc.
To begin using SSH, open a terminal, command prompt or PowerShell and type this command (replacing username with the SEAS account name):
The first time you connect to a host, you will be asked to verify its authenticity:
The authenticity of host 'eniac.seas.upenn.edu (2607:f470:8:64:5ea5::14)' can't be established. ECDSA key fingerprint is 3a:ea:ab:7d:d1:65:21:7d:66:88:28:a4:c6:40:92:97 [MD5]. Are you sure you want to continue connecting (yes/no)?
yes and press the Enter key to permanently
trust the fingerprint of the remote host in your local account. The list of
verified hosts is kept in
To complete your login, enter your password at the prompt (your PennKey password will work, as will your SEAS password if you have set one):
Where username is the name of the account you are connecting to.
Two-Step Verification is required when using a PennKey password for SSH authentication on SEAS systems.
If you entered your PennKey password, you will be presented with a variation of this Duo two-factor prompt:
Duo two-factor login for xxxxx Enter a passcode or select one of the following options: 1. Duo Push to phone_push (iOS) 2. Phone call to XXX-XXX-0123 3. SMS passcodes to XXX-XXX-0123 (next code starts with: 2) Passcode or option (1-3):
Enter the number of the Duo option you would like to use and complete the challenge.
You will now begin a session on the remote computer using your default shell (typically
bash), where you can type commands.
To end your session, type:
Ending your session this way will preserve your command history and perform other housekeeping tasks that might not occur if you simply close quit your terminal on your local computer, put it to sleep, or shut it down.
For additional information about the
ssh command on Linux/UNIX
environments, please check the
man page on your system:
Otherwise, check the documentation for your SSH client software.