Access to RZG via Internet
The access to the computers at RZG and all the institutes on the campus behind the central internet-router via the internet is restricted by a firewall. MPA operates its own firewall. All rsh, rlogin and telnet connections are forbidden, and even the use of ssh/slogin is restricted to a limited number of machines. (Note: this concerns only connections from the external internet to the RZG and campus-institutes).
These machines are:
| RZG | IPP-AUG | IPP | MPE | MPQ |
|---|---|---|---|---|
| gate.rzg.mpg.de vip.rzg.mpg.de |
gate1.aug.ipp.mpg.de gate2.aug.ipp.mpg.de gate3.aug.ipp.mpg.de |
use RZG | use RZG | use RZG |
There are some other computers, which are accessible from special addresses.
You can also access other computers using SSH tunnels
Fingerprints of RSA and DSA keys for ssh connections
At RZG only version2 of the ssh protocol is enabled for external access. For security reasons machines identify themselves with a pair of private and public keys. During the first time acces the public keys are stored in your personal ssh_known_hosts file. To veryify the correctness of the key a socalled fingerprint is displayed by your ssh program during login, if the key is not yet in your ssh_known_hosts file. This fingerprint is specific for the key-file used by the remote machine. The two RZG machines with external access have the following fingerprints:
rzgate (gate, sp, ibmr)
a5:9f:f9:b1:cc:41:ec:37:11:3e:8c:81:ba:0d:27:ae (RSA) 41:b0:34:0d:92:2c:e3:44:ec:79:43:89:1a:9d:6b:86 (DSA)
vip
c5:3e:31:d6:1f:f6:c0:34:22:de:e6:7e:03:58:f6:7f (RSA) a4:0a:ab:70:c3:51:e6:4b:24:a2:74:1d:5e:c6:dc:47 (DSA)
