> Do you know of a way to download multiple files without upsetting the
> spa.umn connections limit?

Two way, you can combine.

First, set up a tunnel!

You can do all of it manually or add some of the things into you .ssh/config file

First, make the tunnel, pick a free port, like 2222 (need to see which are free, but most above 1024 should be)

ssh -f -N -L 2222:b:22 zinger@ssh.physics.umn.edu

now your local port 2222 is forwarded to 22 on b

you can also do several at once as in

ssh -f \
    -L 10222:b:22 \
    -L 10322:c:22 \
    -L 10422:d:22 \
    -L 10522:e:22 \
    -L 10622:f:22 \
    -L 10722:g:22 \
    -L 10822:h:22 \
    -L 10922:i:22 \
    -L 11122:k:22 \
    -L 11222:l:22 \
    -L 12222:v:22 \
    -L 12322:w:22 \
    -L 15022:localhost:22 \
    -L 15222:wen:22 \
    -L 15322:hou:22 \
    -L 15422:behemoth:22 \
    -L 15522:mc:22 \
    -L 15622:vo:22 \
    -N pp

attached my script that also kills a running runnel using

#!/bin/tcsh -fx

set x=`ps -fC ssh | grep 10322:c:22 | cut -c 8-14`

if ( $x != "" ) then
    kill -9 $x
endif

Next, you use the tunnel, do

ssh -P 2222 alexey@localhost

or to scp

ssh -P 2222 alexey@localhost:[files] [local_files]

or

ssh -P 2222 [local_files] alexey@localhost:[files]

Note that -P 2222 alexey@localhost stands for the remote machine!

If you want to do things transparently and have a fast connection, you can use sshfs as well.  Then you would not need a tunnel, but could still use it.

mkdir x
sshfs -P 2222 alexey@localhost:[directory_to_link] x

than you can use the files in x as if they were local, read and write, just slow...

More conveninet is to make an ~/.ssh/config file that only you can write otherwise it is ignored, maybe only you are allowed to read either, similar to the .ssh directory

For example, define

Host b
HostName localhost
Port 2222
User alexey

Host pp
hostname physics.umn.edu
User zinger

Host *
Compression yes
CompressionLevel 9
ForwardX11 yes
ForwardX11Trusted yes
ForwardAgent yes
Protocol 2
NoHostAuthenticationForLocalhost yes

then you can use just 'b' where we had to use "-P 2222 alexey@localhost" before.  As in

ssh -f -N -L 2222:b:22 pp

tot set up the tunnel,

sshfs b:[directory_to_link] x

so use sshfs, or to log in

ssh b

I hope this helps.

========================================================

Duncan,
Essentially, I first need to know what your background on ssh is, what you already have and know.

the basic steps would be

1) generate ssh ID (in .ssh/), copy the public key part to .ssh/known-hosts on the machines you want to access (your machine at work and the gateway machine).  In order to work, all the files and directories need to have the right permissions.

~>l .ssh
drwx--S---.   2 alex  4096 Oct  8 07:53 ./
drwxr-xr-x. 148 alex 20480 Oct 21 07:26 ../
-rw-------.   1 alex  3000 Aug  1  2007 authorized_keys
-rw-------    1 alex  2653 Oct  8 07:53 config
-rw-r-----.   1 alex   231 Sep  2  2003 id_rsa.pub
-rw-------.   1 alex   951 Sep  2  2003 id_rsa
-rw-r--r--.   1 alex  7749 Oct 16 15:35 known_hosts

I think this includes that your home directory must not have write permission to other than yourself (so people can't modify your .ssh).

use a passphrase for the key.  A good passphrase.

1A) then, to start a using the ID

ssh-agent tcsh
ssh-add

(if you use tcsh as shell, you could replace by whatever your shell is)

2) configure ssh to allow you do things easily.
You need to create/modify .ssh/config

at the *bottom* of the file you should have general configuration settings

Host *
Compression yes
CompressionLevel 6
ForwardX11 yes
ForwardAgent yes
Protocol 2
NoHostAuthenticationForLocalhost yes

above that, you specify your specific settings.
for example for the gateway

Host s
hostname sg1.its.monash.edu.au
User galloway

then you set up the port for the tunnel (port # can be arbitrary but > 10000, different for the different hosts

# tunnel to xray
Host x
HostName localhost
Port 10122
User duncan

if you had another machine, say burst.maths.monash.edu.au, add

# tunnel to burst
Host b
HostName localhost
Port 10222
User duncan

all these go *before* the general section

the configuration file aliases "s" with sg1.its.monash.edu.au and the tunnels to xray.its.monash.edu.au to x, etc.

3) set up the tunnel
Now this is the only easy part...

after you did the above (you always need to do 1A before, in some distributions this is handled more transparently, you can open more terminals from within after you do this, all inherit the agent - should)

ssh -f -N -L 10122:xray:22 -L 10222:burst:22 s

after that, you should be able to just use x as remote for xray.its.monash.edu.au

for example,
ssh x
scp localfile x:remotefile
scp localfile x:remotedir
rsync -e ssh -vazu --progress mydir x:
scp x:remotedir/remotefile .

with some luck, this works.  I have made this work many time, including macs, and at LANL, so it should be doable in most places.

what the tunnel "-L" does is for forward your local port (10122) to sgl which then sends the request to port 22 on xray as if it was coming from sgl.  These can be chained in case they make you go through more than one gateway. ;-)

-Alexander