Linux Lab

From SRCIT Wiki
Jump to: navigation, search

The Stevens Linux Lab is located on the first floor of the Burchard building, room 127.

It is home to many workstations running a custom, scalable version of Ubuntu 10.04 Linux.

Contents


Features

  • 6 Ubuntu 10.04 Linux workstations
  • Secure kerberized LDAP account authentication
  • Institutionally licensed software including: Labview, Matlab r2011a, Mathematica 8, Mccabe IQ

Operations

The Linux Lab is open to all users who have accounts on the Stevens Research Computing Information Technology (SRCIT) LDAP/Kerberos system during Stevens operational hours, M-Sa 7AM-10PM.


Please contact srcit@stevens.edu for further information or visit the Helpdesk website to request an account, Request Type: SRCIT, Accounts


Linux Lab Detailed Information

Account Details
  • Username

Your username is typically the same as your pipeline username.

  • Password Requirements

SRCIT requires that all account password be at least twelve (12) characters in length and contain at least three password character classes for password strength


Passwords

You may generate your password from the command line by using the following command:

pwgen -s 12

which will generate a password such as: p7FBWvNikEWP

or, if you wish to be a little more adventurous with your password, try:

pwgen -syC 12

which will generate something like this: u=U~;*1?.f86


- If you would like to generate a still more complex password, please read the man page for pwgen

-Human generated random passwords are not advisable, as they tend not to be particularly random

- Information on changing your password may be found by visiting the SRCIT wiki on changing your password

- More detailed information of Kerberos functionality regarding passwords may be found here


You may also generate a password using an GUI tool such as Password Generator for Windows or Gnome Password Generator in Linux.


  • Problems/Requests

If you have a problem or request concerning the Linux Lab systems, please visit the Stevens Helpdesk website and file a ticket, Request Type: SRCIT, Accounts

Remote Access

Primary access to the SRCIT Linux Lab network round robin system is through remote access. As such, the following are detailed instructions on various means of remote access.


Note: For those requiring physical access, the lab is located in Burchard 127.


Connecting to your account by console

Using an SSH client, (or SCP client for file transfer access ONLY), you can log into your account from home or from other remote locations.


For Windows system, the generally preferred SSH client is putty. Download this ssh client and follow the instructions below.


For Mac and Linux systems, you simply need to open a Terminal and follow the instructions below.


Once you have completed one of the above options, you may access Linux Lab in the following manner:


Login to the Linux_Lab, using the following command (from the command line):


ssh username@lab.<dept>.stevens.edu


where username = your username and dept = cs, phy, math, or chem (all depts go to the same group of systems, so there is no requirement to use any in particular).


If, for some reason, you can not connect to lab.cs.stevens.edu, try connecting to one of the clients that make up the linux lab round robin found here.


Connecting to your account via GUI

There are two methods for connecting to the SRCIT Linux Lab via Graphical User Interface (GUI)

nx client (recommend)
a.1 downloaded nx client from nomachine (supported platform: Windows, Linux, Mac OS, Solaris)
a.2 launch 'NX Client'
a.3 input the value for following parameters:
Host: lab.cs.stevens.edu
Destkop: Unix Gnome or KDE
Display: Available Area
Login: your srcit username
Password: your srcit password
X11 forward
b.1 Recommended software: putty + Xming
b.2 Launch Xming on windows
b.3 Config putty to enable X11 forward. Launch putty
Navigate to Connection => SSH => X11
select Enable X11 forwarding
X display location: localhost:0
or run command
putty -X userid@lab.cs.stevens-tech.edu
remote desktop
c.1 Recommended software: putty + Free Edition vncviewer
c.2 setup vncserver for the first time run(If you did this before, please ignore this step and go to b.3)
Step 1: logon lab.cs.stevens.edu from your Windows station(assume putty.exe is saved on c:\, use command 'cd' to change directory if this is not the case)
c:\> putty username@lab.cs.stevens.edu
Step 2: step password for vnc session
$ vncpasswd
Step 3: create vnc startup script ~/.vnc/xstartup like below
for gnome desktop
$ vi ~/.vnc/xstartup
#!/bin/sh
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
gnome-session &
for kde desktop
$ vi ~/.vnc/xstartup
#!/bin/sh
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
startkde &
Step 4: set above script file executable
$ chmod u+x ~/.vnc/xstartup
c.3 setup ssh-tunnel to connect to remote vnc server
Step 1: On your windows station, ssh to lab.cs.stevens.edu and start vncserver(assume putty.exe is saved on c:\, use command 'cd' to change directory if this is not the case)
c:\> putty username@lab.cs.stevens.edu
[ash:~]$ vncserver
If the application runs successfully, the following message is expected.
New 'hostname:session_num (username)' desktop is hostname:session_num.
Note: The hostname and session_num are important and will be used later
for example
New 'ash:1(username)' desktop is ash:1
(Optional) you can close the window now by running exit
[ash:~]$ exit
Step 2: set ssh-tunnel, launch putty
Host Name: the same hostname in Step 1, like ash.cs.stevens.edu
Navigate to Connection => SSH => Tunnels
Source Port: 5900 + session_num (for example: 5901)
Destination: localhost:5900+session_num (for example: localhost:5901)
click button 'Add'
or run command
c:\> putty -L Source_Port:localhost:Destination_Port username@hostname.cs.stevens-tech.edu
where Source_Port: 5900+session_num; Destination_Port: 5900+session_num
for example: c:\> putty -L 5901:localhost:5901 username@ash.cs.stevens.edu
c.4 Launch vncviewer on windows
Server: localhost:session_num (for example: localhost:1)
or run command
c:\> vncviewer localhost:session_num (for example: c:\> vncviewer localhost:1)
c.5 (IMPORTANT) When finished, please remember to kill vncserver
$ vncserver -kill :session_num

Subversion Repository Access

See the SRCIT Subversion wiki for more information concerning SVN usage at Stevens.

MySQL Database Access

A MySQL database is currently hosted on anubite.phy.stevens-tech.edu.

Access to the database is currently restricted to students enrolled in database classes.

If a database account has been created for on the MySQL server, login credentials will be provided for you by your instructor and/or TA.

The default method for accessing your database account is:

mysql -u <username> -h anubite.phy -p

Your username is the same as your SRCIT LDAP account username, typically your pipelineID.

A default database has been created for your account, which may be accessed upon login by typing:

use <username>DB;

Port Lockdown

All linux lab systems are subject to the following policy for incoming connections:

  1. 22/tcp is open to both off-campus and on-campus access
  2. 53000-54000/tcp and 53000-54000/udp are open to on-campus access only

All other ports are blocked

TERMS OF SERVICE

  • I understand that Stevens Research Computing Information Technology grants computer accounts for the exclusive use of the recipient. I will not authorize or facilitate the use of my account or files by any other person, nor will I divulge my password to any other person under any circumstances. This includes fellow students, colleagues, TAs, significant others, spouses or others.
  • I will not access, or attempt to gain access to any computer, computer account, network or files without proper and explicit authorization.
  • I understand that some of the software and data that resides on file systems that I may access are protected by copyright and other laws, licenses or other contractual agreements; I will use the software according to these laws and licenses and will not breach or attempt to circumvent these regulations.
  • I will not use Stevens Research Computing Information Technology resources for obtaining, making, running or distributing unauthorized copies of any data.
  • I undertake to maintain the highest standard of honesty and personal integrity in relation to my usage of computing and network facilities. I further warrant that I will avoid any actions in relation to my usage of the Department's computing or network facilities that may bring any disrepute upon the Department or the University.
  • I understand that any processes I have running on any Stevens Research Computing Information Technology supported may be interrupted at any time if said process affects the work of others in any way.
  • I understand that my keyboard input may be monitored in the event of a real or perceived security incident.
  • I understand that acting in breach of any of the principles set out above will incur severe penalties including, but not limited to the suspension or termination of access to the computing facilities, suspension or exclusion from the University, imposition of fines and/or legal actions taken.

FAQ

Q: Why does my password have to be so long and hard to remember?

A: SRCIT requires a certain level of password strength for user passwords in order to make the system more secure. Of course, passwords are only as strong as the method by which users remember them. For that reason SRCIT suggests that you review memory techniques for remembering your password.


Q: Why don't my pipeline credentials work on the SRCIT system?

A: Campus pipeline uses a separate authentication system.


Q: My colleague/friend/roommate gave me her account credentials, but I am having trouble logging in. What should I do?

A: First of all, tell your colleague/friend/roommate that it is bad practice to share account credentials and a violation of most every account Terms of Service, including ours. Then, you should visit the Helpdesk ticketing system and request an account, Request Type: SRCIT, Accounts


Q: Why shouldn't I share my account credentials? I am working on a collaborative project.

A: There are simply better ways to work on collaborative projects than sharing account credentials. For example, collaboration is easy if you and your colleagues request a Subversion repository.


Q: OK, I requested an account, but I have not received my credentials. Are you going to create an account for me already?

A: Please login to the Helpdesk ticketing system and check the status of your account request. We change the status of the account request to private so that your unique password string is not communicated through email.


Q: I have heard that I can login to the linux lab using ssh keys. How do I do that?

A: You can take a look at the manual page for ssh-keygen if you are on a Linux or Mac system, or for Windows download PuttyGen. Instructions for generating your ssh keys may be found here.

Once you key has been generated, file a Helpdesk ticket, Request Type: SRCIT, Accounts. Attach your _public_ key to the ticket. Please remember to save the private key -- you will need it to authenticate and log in later.


Q: How do I change my shell?

A: You can change your shell by following these instructions.


Q: How do I change my locale?

A: Please review these instructions on changing your locale.


Q: What are the SSH Fingerprints for the Linux Lab systems?

A: The ssh fingerprints for the the Linux Lab systems are available here.


Q: Is there a 'known hosts' file that I can append to my ~/.ssh/known_hosts?

A: Yes. It is located here.


Q: I am trying to log in to linux lab and my connection is timing out. What is going on?

A: linux lab is a collection of a number of host systems housed in a public computer lab. From time to time, a system will hang or not behave normally due to (but not limited to) the following reasons:


-System Crash

-Load spike

-Shutdown/Reboot by end user


If you have a problem where your system is failing to connect to linux lab, it is advisable to try and flush your DNS cache if you are using a Windows or Mac system, as these systems will attempt to connect to the same host repeatedly in a DNS round robin. This is not necessary if you are logging in from a Linux system.


If you are logging in from a Linux system, please try to make a connection again.

Q: I am having a problem running firefox. When I try to open it, I receive the following error message: "Firefox is already running, but is not responding." What should I do?

A: This is well known issue with firefox that can be dealt with by the following procedure:


-cd into .mozilla/firefox/*.default in your home directory (where the name *.default is a random string created by firefox)

-Copy the file 'places.sqlite' from your .mozilla/firefox/*.default to elsewhere in your home directory

-cd ..

-rm -rf *.default

-rm profiles.ini

Note: If you are specifically saving any profile data here, you should make a backup of the file first, then remove the old file. Alternatively, you can edit the profiles.ini file to remove references to the previously deleted *.default directory in your .mozilla/firefox/

-restart firefox

-copy 'places.sqlite' previously saved to your new .mozilla/firefox/*.default, which will preserve your previously saved bookmarks.

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox