Using SSH to connect to department Linux servers - short version
As of December 10th (2025-12-10), if you want to use SSH to access department servers from outside the Campus networks (ex. from home) - you will need to:
- Use SSH Public Keys, uploaded to CS SSH Public Key Management
- Login to our login nodes (salt/peppar/itchy/scratchy), or through them ("ProxyJump" /
ssh -Jflag)
or
- Use the Terminal via the browser
Right before this, we imported all keys used in your ~/.ssh/authorized_keys at the CS file server (if you had any) - but with a short expiration date (45 days instead of the default 1 year).
Ensure you renew the keys you use so that they do not expire.
Preparations - What you probably want:
If you are an employee, please see the separate page for employee instructions.
For most students, the following instructions will be enough:
Open up a Terminal on your computer.
Create an SSH key, if you don't have one already:
yourlaptop$ ssh-keygen -N ""This command creates two files:
id_ed25519 - private key, keep safe and do not share
id_ed25519.pub - public key, may be shared
Upload the
.pubpart of it to CS SSH Public Key Management.- Linux/MacOS:
yourlaptop$ cat .ssh/id_ed25519.pub - Windows:
C:\...> type .ssh\id_ed25519.pub
- Linux/MacOS:
[Optional] Place the following in your config file (
~/.ssh/configfor Linux/WSL/MacOS,YOURHOME\.ssh\configfor Windows native/PowerShell) to tell ssh which user to connect as, to make things easier for you:
Host git.cs.umu.se
User git
Host *.cs.umu.se
User YOURCSUSER
This will instruct ssh to use 'git' as user for the Git VCS (our GitLab instance). For the rest of the CS machines, use YOURCSUSER as username.
This should work for applications such as VSCode as well. If you find applications that use ssh, but fail to use this - see below.
Usage after Preparations:
With the SSH Public key setup correctly, you'll be able to login to the department login servers without entering your password, you are instead authenticating with your private key.
yourlaptop$ ssh peppar.cs.umu.se
...
Welcome to peppar running Debian 13 x86_64!
Note: If you did not do the optional step above, you'll still need to specify your username with ssh,
ie. ssh -l YOURCSUSER peppar.cs.umu.se
(or ssh YOURCSUSER@peppar.cs.umu.se)
Paths for different operating systems
You will likely find the ssh key/config files at these locations, depending on your operating system.
| OS | Config file | Public key (upload to the system) | Private key (keep for yourself) |
|---|---|---|---|
| Linux | /home/YOURUSER/.ssh/config |
/home/YOURUSER/.ssh/id_ed25519.pub |
/home/YOURUSER/.ssh/id_ed25519 |
| MacOS | /Users/YOURUSER/.ssh/config |
/Users/YOURUSER/.ssh/id_ed25519.pub |
/Users/YOURUSER/.ssh/id_ed25519 |
| Windows | C:\Users\YOURNAME\.ssh\config |
C:\Users\YOURNAME\.ssh\id_ed25519.pub |
C:\Users\YOURNAME\.ssh\id_ed25519 |
The directory .ssh might appear hidden in some applications / file dialogs - you might need to type it yourself.
Why all this hassle?
- There is a lot of nasty people on the Internet, trying to break into our machines continously using leaked passwords or just guessing at commonly used passwords.
- We can be more safe if we only allow connections from the outside using keys that have been uploaded through a system that can utilize 2FA/MFA.
- MSB (Myndigheten för Samhällsskydd och Beredskap, soon to be called Myndigheten för civilt försvar) says that we need to have 2FA/MFA enabled for externally accessible services on government entities (which we are).
Advanced instructions
For more advanced use, see the page with detailed instructions