Software Navigation

Remote Access from a Linux Computer

Linux users need to make sure that they have the following programs:

  • SSH installed and configured to connect to remote-access servers.
  • SCP or SFTP for secure file transfer.
  • X11 installed and configured to run graphical applications back to your computer.
  • Remote Desktop Connection(RDC), called rdesktop, to run Windows software in the Virtual Computing Lab (VCL).

Transfer Files between a Linux Computer and AFS

Linux users will connect to remote-access servers through SCP or SFTP. These tools are recommended over conventional ftp because they encrypt and transfer data securely, whereas ftp passes everything in the clear, including passwords.

Recommended Open SSH Settings

A Secure SHell (SSH) connection is required to execute UNIX and AFS commands and run applications remotely. SSH is recommended over the older protocols of telnet and rlogin. Linux OSes have SSH and X11 built in, but there are certain configuration settings that you are going to want to set and certain information you will need to know prior to connecting to the Remote Access Servers.

  • Trusted vs. Untrusted X11 Forwarding

    Due to security concerns, OpenSSH (as of version 3.8) supports both untrusted (-X) and trusted (-Y) X11 Forwarding. The difference is what level of permissions the client application has on the X-server running on the client machine. Untrusted (-X) X11 Forwarding is more secure, but unfortunately, most applications do not support running with fewer privileges. When accessing applications remotely, using Trusted (-Y) X11 Forwarding, which was introduced in 3.8, will have fewer problems.

  • Command Line Options

    The following command sets up the needed settings for remote access:

    ssh -XC -c cipher -l unityid host

    or

    ssh -YC -c cipher -l unityid host

    Where -X enables X11 Forwarding, -Y enables Trusted X11 Forwarding, -C enables compression, -l unityid specifies the user account you wish to log in as (since the user accounts on most personal machines will not match the UnityID), plus the following values:

    host - Remote Access Servers

    -c cipher - 3des, blowfish (optional)

  • Config File Options

    Instead of entering the command-line arguments each time you wish to connect, you can enter in the following lines into one of these configuration files:

    $HOME/.ssh/config or /etc/ssh_config

    Host login.ncsu.edu remote.eos.ncsu.edu remote-linux.eos.ncsu.edu

    Compression yes

    ForwardX11Trusted yes

    ForwardX11 yes

    Cipher blowfish

  • Connecting to COE Remote Access Servers

    Once you have created the config file, you can connect to campus Remote Access Servers with the following command:

    ssh -l unityid host

    More information is available in the SSH man page.

  • SecPanel SSH-GUI

    Graphical tools are also available for Linux that manage SSH (Secure Shell) and SCP (Secure Copy) connection to the campus remote-access servers. A recommended application is SecPanel, which can be downloaded and installed from the SecPanel web site at http://secpanel.net/.

OpenSSH SCP/SFTP Command Line

SCP and SFTP use options specified in the SSH config file, so instead of entering the command-line arguments each time you wish to connect, you can modify the config file, see Recommended Open SSH Settings.

  • SFTP Command Line Options

    SFTP is used for interactive file transfer between the local computer and a remote server. The following command sets up the needed settings for remote access:

    sftp -C [unityid]@host

    Where -C enables compression, unityid specifies the user account you wish to log in to, and host is the specific remote-access server you want to log in to.

    Use get and put commands to transfer files. See the man sftp page for more information on using SFTP.

  • SCP Command Line Options

    SCP is used for copying file(s) between locations. It can be used where both source and target are local, remote, or a combination of the two. The following command sets up the needed settings for remote access:

    scp -C -c cipher [[user1@]host1:]file1 [[user2@]host2:]file2

    Where -C enables compression, and

    [[user1@]host1:]file1 - source file, whether local or remote

    [[user2@]host2:]file2 - target file, whether local or remote

    To upload a file from the current directory to your AFS home directory:

    scp -C file unityID@host:file

    To download a file from your AFS home directory to the current directory:

    scp -C unityID@host:file file

    See the man scp page for more information on using SCP.

Run Campus Software Applications Remotely

Depending on the applications you want to access remotely, you will either be connecting to VCL and running an Windows based application, connecting to VCL and running a Linux or Solaris application, or you'll be connecting to one of the COE Remote Access servers to run a Linux or Solaris application.

Using VCL or COE Remote Access Servers to Run a Linux/Solaris Application

If you have set up your Linux computer using the instructions in Recommended Open SSH Settings, you will be able to execute UNIX and AFS commands and to run both command-line and graphical applications from the remote-access servers.

  1. In a terminal window type: ssh -X unityid@hostname
    Note: Enter your own Unity ID, the "@" symbol, and the server to which you wish to connect, e.g., remote.eos.ncsu.edu, remote-linux.eos.ncsu.edu, or IP address provided by VCL.
  2. Enter your Unity password when prompted. You will be logged in to the Eos/Unity environment and placed in your home directory, where you can run UNIX and AFS commands and command-line programs. Type add or see http://www.eos.ncsu.edu/software/ for commands to launch graphical applications.

Using VCL to Run a Windows Application

You will need a Remote Desktop Connection (RDC) client to run a Windows application in the Virtual Computing Lab (VCL).

  • RDC Client for Linux

    Linux users must download and install the Remote Desktop Connection (RDC) client for Linux called rdesktop.

    http://www.rdesktop.org

    rdesktop supports all features of RDP, including mapping local drives and printers to the remote computer:

    rdesktop [options] server

    A full list of options are documented in the rdesktop man page, but a sample command line might look like the following:

    rdesktop -g 1024x768 -a 24 -r disk:home=/home/<userid> -r disk:root=/ -r printer:<localqueue>

    Users may be interested in the GTK frontend, tsclient for rdesktop at http://www.gnomepro.com/tsclient/. However, it does not support all of the features that rdesktop supports, specifically device redirection for printers, disks, and COM/LPT ports.

  • Connecting to VCL to Run a Windows Application Instructions
    1. Go to http://vcl.ncsu.edu and log in through NCSU WRAP with your Unity ID and password.
    2. Make a New Reservation for an application, or select a Current Reservation you have already made.
    3. On the command line of your local computer, run rdesktop followed by the IP address of the remote computer provided to you on the VCL Connect! web page, e.g., rdesktop 152.1.14.32.
      Note: If the RDP file fails to log you in automatically, run Remote Desktop Connection and enter the IP address provided to you on the VCL Connect! page into the Computer: field. Select Connect to open a window to the remote computer, and log in with the user name and temporary password provided on the Connect! page (also sent to you in email).
    4. In the Windows login screen, type in the temporary Password provided on the VCL Connect! page for the specific reservation.

End of Content. Return to Navigation.

North Carolina State University