SDS@hd/Access/SFTP: Difference between revisions

From bwHPC Wiki
< SDS@hd‎ | Access
Jump to navigation Jump to search
m (redirect)
Tag: New redirect
 
Line 1: Line 1:
#REDIRECT [[Data_Transfer/SFTP]]
It is possible to access the SDS@hd service from Windows, Mac and Linux using the sshfs/sftp protocol.

This enables easy access to SDS@hd without additional registration of your own computer.
This way can also be useful if you are in a network in which e.g. [[SDS@hd/Access/CIFS|SMB]] and [[SDS@hd/Access/NFS|NFS]] are not available, e.g. due to firewall restrictions.

'''Attention:'''
In principle, however, the connection is not suitable for permanent connections, since (due to technical reasons) it is not highly available.

= Prerequisites =

'''Attention:''' To access data served by SDS@hd, you need a '''''Service Password'''''. See details [[SDS@hd/Registration]].

Additionally the access to SDS@hd is currently only available inside the networks of participating Organizations, e.g. [https://www.belwue.de/netz/netz0.html belwue-Network].

This means you have to use the VPN Service of your HomeOrganization, if you want to access SDS@hd from outside the bwHPC-Clusters (e.g. via [https://www.eduroam.org/where/ eduroam] or from your personal Laptop)

= Using SFTP from Linux client =

== ''direct/interactive Access:'' ==

You can directly use sftp to "login" to SDS@hd. This will give you an interactive sftp-shell.

''Example:''
<pre>
> sftp hd_xy123@lsdf02-sshfs.urz.uni-heidelberg.de
Connected to lsdf02-sshfs.urz.uni-heidelberg.de.
sftp> ls
sd16j007 sd17c010 sd17d005
sftp>
sftp> help
...
sftp> put myfile
sftp> get myfile
</pre>

== ''mounting network drive over SFTP:'' ==

In most linux distributions you could install a package for fuse mounting a network drive. This allows you to work with SDS@hd comparable to a local folder.

''Example (debian/ubuntu):''
<pre>
> apt-get install sshfs
> mkdir ~/sds-hd
> sshfs -o reconnect hd_xy123@lsdf02-sshfs.urz.uni-heidelberg.de: ~/sds-hd
> ls ~/sds-hd
sd16j007 sd17c010 sd17d005
> touch ~/sds-hd/sd16j007/testfile
</pre>

''Example (CentOS/RedHat):''
<pre>
> yum install fuse-sshfs
> mkdir ~/sds-hd
> sshfs -o reconnect hd_xy123@lsdf02-sshfs.urz.uni-heidelberg.de: ~/sds-hd
> ls ~/sds-hd
sd16j007 sd17c010 sd17d005
> touch ~/sds-hd/sd16j007/testfile
</pre>

You can close/unmount the network drive with the command:
<pre>
fusermount -u ~/sds-hd
</pre>

You can of course also use /etc/fstab for mounting SDS@hd with the following entry:
<pre>
sshfs#hd_xy123@lsdf02-sshfs.urz.uni-heidelberg.de: <your_local_mountpoint> fuse defaults,user,noauto,exec,reconnect 0 0
</pre>

= Using SFTP from Windows and Mac client =

Windows clients do not have a SCP/SFTP client installed by default, so it needs to be installed before this protocol can be used.

'''Tools for example:'''
* [http://www.openssh.com/ OpenSSH]
*[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html Putty suite] (for Windows and Unix)
*[http://winscp.net/eng/download.php WinSCP] (for Windows)
*[https://filezilla-project.org/download.php?show_all=1 FileZilla] (for Windows, Mac and Linux)
*[https://mobaxterm.mobatek.net MobaXterm] (for Windows)
<br>
'''network drive over SFTP:'''
*[http://www.southrivertechnologies.com/download/downloadwd.html WebDrive] (for Windows, Mac, iOS, Android)
*[http://www.sftpnetdrive.com/ SFTPNetDrive] (for Windows)
*[http://www.netdrive.net/ NetDrive] (for Windows)
*[http://www.expandrive.com/expandrive ExpanDrive] (for Windows, Mac and Linux)
*[https://mountainduck.io/ MountainDuck] (for Windows and Mac)

== Connecting to SDS@hd ==

To establish a connection to SDS@hd you have to use the following parameters:
* protocol: sftp
* port: 22
* hostname: lsdf02-sshfs.urz.uni-heidelberg.de
* username: <your_username> e.g. hd_xy123
* password: <your_servicepassword>

= Best practices =

ssh/sftp has a lot of useful options. One of the important ones is the used encryption cipher.

Changing the encryption method (cipher) can have a significant impact on the transmission speed. The effects are difficult to predict because, among other things, they are depending on the client's processor. In tests on current Intel hardware (Intel (R) Xeon (R) CPU E5-2620 v4), the following ciphers turned out to be particularly fast:

{| class="wikitable"
!Cipher
!style="text-align:left;"| performance
|-
|chacha20-poly1305@openssh.com (default)
| 100%
|-
|aes128-gcm@openssh.com
|~200%
|-
|aes128-ctr
|~188%
|-
|arcfour
|~135%
|-
|}

With ssh/sshfs you can use different ciphers with the -o option:
<pre>sshfs -o Cipher=aes128-gcm@openssh.com -o reconnect hd_xy123@lsdf02-sshfs.urz.uni-heidelberg.de: <local_mountpoint></pre>

A list of available ciphers should be available with the command
<pre>ssh -Q cipher</pre>
<br>
'''Attention:'''
It has to be noted, that not all encryption methods meet the same security requirements. You have to consider the different performance and security requirements for your indiviual usecase.

Latest revision as of 16:54, 2 December 2024

Redirect to: