Remote Engines SSH

[AdminX]

Now that Windows 10 has a Built-in SSH Cleint and Server, is Putty still needed for Remote Engines or is there another way? I can of course get it to work from a command line, but would like to run it in GUI without Putty if possible.

[Daniel Shawul]

You don't need putty if you have other ssh client.
For GUI try " ssh -Y user@hostname ". For this to work, you need an xwindows systems of some kind on the server ofcourse.

Daniel

[smatovic]

Now that Windows 10 has a Built-in SSH Cleint and Server, is Putty still needed for Remote Engines or is there another way? I can of course get it to work from a command line, but would like to run it in GUI without Putty if possible.

Not sure what exactly you try, but Xboard offers remote SSH engine usage:

Code: Select all

xboard -fcp "ssh -v srdja@127.0.0.1 /home/srdja/Projects/Zeta/zeta.bin" -scp crafty

I can imagine that there is something similar in Winboard?

--
Srdja

[AdminX]

You don't need putty if you have other ssh client.
For GUI try " ssh -Y user@hostname ". For this to work, you need an xwindows systems of some kind on the server ofcourse.

Daniel

I was looking at the lower half of this document from komodochess for use with InBetween and providing a windows path in place of using a linux system/ path.

Code: Select all

CommandLine := PLINK.EXE -ssh -pw SecretPassword USERNAME@localhost "/home/USERNAME/linux-engine"

https://komodochess.com/remote-engine.htm

[hgm]

Now that Windows 10 has a Built-in SSH Cleint and Server, is Putty still needed for Remote Engines or is there another way? I can of course get it to work from a command line, but would like to run it in GUI without Putty if possible.

Not sure what exactly you try, but Xboard offers remote SSH engine usage:

Code: Select all

xboard -fcp "ssh -v srdja@127.0.0.1 /home/srdja/Projects/Zeta/zeta.bin" -scp crafty

I can imagine that there is something similar in Winboard?

--
Srdja

This is not really an XBoard function, other than that XBoard allows you to specify the engine to use (and you specified it as "ssh -v srdja@127.0.0.1 /home/srdja/Projects/Zeta/zeta.bin"). On any other GUI that would allow you to specify the engine command (and that includes WinBoard) it would work exactly the same. Of course many GUIs do not allow you to specify a general engine command (i.e. with arguments), and there you would have to use tricks (like InBetween or Polyglot).

But the problem is really that the specified engine is "ssh"; with WinBoard you would presumably be working on Windows, and "ssh" is not a valid command there. You would have to install your own ssh client there, and then invoke that.

Putty is an SSH client for Windows, but I never managed to use that for this purpose, as I could not find a way to prevent it from echoing everything the GUI would send it.

For this reason I wrote "connect.exe", which can run on Windows (and on other platforms, if you compile it for those) both as client and as server, depending on its arguments. (Not an ssh client, but just a simple socket connection; I was not very worried about people eavesdropping on my engine analyses.) For the benefit of GUIs that do not allow complete engine commands I even made a version that would interpret its own filename as the arguments (i.e. the IP numer to which it should connect).

[Daniel Shawul]

You don't need putty if you have other ssh client.
For GUI try " ssh -Y user@hostname ". For this to work, you need an xwindows systems of some kind on the server ofcourse.

Daniel

I was looking at the lower half of this document from komodochess for use with InBetween and providing a windows path in place of using a linux system/ path.

Code: Select all

CommandLine := PLINK.EXE -ssh -pw SecretPassword USERNAME@localhost "/home/USERNAME/linux-engine"

https://komodochess.com/remote-engine.htm

In that case you could try to replace it with below

Code: Select all

CommandLine := ssh USERNAME@localhost "/home/USERNAME/linux-engine"

Upload your public key to your server so that you don't have to enter your password every time when logging into your server.
Make sure you can login without password on the command line first. You need to generate your public key (id_rsa.pub) if you don't already have one
and then add it to the server's authorized_keys list.

Edit
Here is how to do it on windows:

Generate your key using ssh-keygen

Code: Select all

C:\Users\scott\Desktop> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\scott/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\scott/.ssh/id_rsa.
Your public key has been saved in C:\Users\scott/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:x2vJHHXwosSSzLHQWziyx4II+scott@IRONHEART
The key's randomart image is:
+---[RSA 2048]----+
|  .   ....  .    |
|..+.  .=+=.  o   |
|   ..            |
+----[SHA256]-----+

Login to your server, first time it will ask you for password.

Code: Select all

C:\Users\scott\Desktop> ssh pi@crowpi
pi@crowpi's password:
Linux crowpi 2018 armv7l

pi@crowpi:~ $ ls .ssh/
authorized_keys  id_rsa  id_rsa.pub  known_hosts
pi@crowpi:~ $ exit
logout
Connection to crowpi closed.

Copy your public key to your server

Code: Select all

C:\Users\scott\Desktop> type C:\Users\scott\.ssh\id_rsa.pub | ssh pi@crowpi 'cat >> .ssh/authorized_keys'
pi@crowpi's password:

Now we can login without password

Code: Select all

C:\Users\scott\Desktop> ssh pi@crowpi
pi@crowpi: ~ $ 

Daniel

[schack]

If any of you can write a full, explicit manual for how to use engines via ssh in Win 10, it would be a great service to the chess playing community. Without revealing names I know at least a couple of GMs who would be very interested in such information.

[smatovic]

If any of you can write a full, explicit manual for how to use engines via ssh in Win 10, it would be a great service to the chess playing community. Without revealing names I know at least a couple of GMs who would be very interested in such information.

Well, I am no Windows user, so out of the game, but I think the main point are
dynamic IP addresses, these change with common internet accounts every 24 hours
or so, so you have to change your ssh connection strings too. A workaround is
dyndns, to use an service that translates an fix URL to your changin IP address,
i saw already some home routers with built in dyndns support.

Beside the changing IP address and setting up an ssh engine in the GUI, it
should be straight forward.

1. set up an ssh server with user access to the chess engine
2. call engine via ssh client command

Like Daniel mentioned, you should use pub/private keys to authenticate the
client to the server, imo additional to an password.

If you grant other people access, you should limit the shh access to the chess
engine only.

I guess ChessBase offers an solution for all above via their Engine Cloud?

--
Srdja

[AdminX]

In that case you could try to replace it with below

Code: Select all

CommandLine := ssh USERNAME@localhost "/home/USERNAME/linux-engine"

Upload your public key to your server so that you don't have to enter your password every time when logging into your server.
Make sure you can login without password on the command line first. You need to generate your public key (id_rsa.pub) if you don't already have one
and then add it to the server's authorized_keys list.

Edit
Here is how to do it on windows:

Generate your key using ssh-keygen

Code: Select all

C:\Users\scott\Desktop> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\scott/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\scott/.ssh/id_rsa.
Your public key has been saved in C:\Users\scott/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:x2vJHHXwosSSzLHQWziyx4II+scott@IRONHEART
The key's randomart image is:
+---[RSA 2048]----+
|  .   ....  .    |
|..+.  .=+=.  o   |
|   ..            |
+----[SHA256]-----+

Login to your server, first time it will ask you for password.

Code: Select all

C:\Users\scott\Desktop> ssh pi@crowpi
pi@crowpi's password:
Linux crowpi 2018 armv7l

pi@crowpi:~ $ ls .ssh/
authorized_keys  id_rsa  id_rsa.pub  known_hosts
pi@crowpi:~ $ exit
logout
Connection to crowpi closed.

Copy your public key to your server

Code: Select all

C:\Users\scott\Desktop> type C:\Users\scott\.ssh\id_rsa.pub | ssh pi@crowpi 'cat >> .ssh/authorized_keys'
pi@crowpi's password:

Now we can login without password

Code: Select all

C:\Users\scott\Desktop> ssh pi@crowpi
pi@crowpi: ~ $ 

Daniel

Hi Daniel,

Thanks for you assistance, it was helpful in isolating the issue on my system. My problem is that even after using the keys it is sill prompting me to enter password. After doing some further Googling on the problem it appears to be a windows issue as I have discovered others who have had to same problem.

One solution was to edit the default SSHD config (Windows) file

Code: Select all

Match Group administrators
       AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys
       
 

and change it to

Code: Select all

#Match Group administrators
#       AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys
AllowGroups users

However thats not helping me as I am still being prompted for password. I am going to keep at it as I feel I am close to discovering the answer.

Thanks again.

[schack]

Is there a way to use InBetween to pass uci commands to an engine? I'm trying to run Stockfish remotely and configure it to access Syzygy tablebases, and I can see in the log that Chessbase sends "setoption name" to the remote engine. It'd be nice to be able to specify them.