Getting Started Guide
Updated December 8, 201 2011 1
Contents Introduction Introduction
4
Requesting Requesting an Account
5
Connecting to the Network
6
VPN Access
Connecting Connecting to BlueHive Connect Connect using the Command Line (No GUI)
6
7 7
Mac/Linux
7
Windows
8
Connect using a Graphical User Interface (GUI) NoMachine NX Client (All Operating Systems)
9 9
X11 Forwarding (Mac OS X/Linux/UNIX)
10
Xming (Windows)
11
To Use Xming the First Time
11
Subsequent Uses of Xming
13
Using SSH Keys Mac OS X, Linux and UNIX Systems
14 14
Generating SSH Keys
14
Sending SSH Keys to the Server
15
Connecting to CIRC Systems
15
Windows Systems
Getting Started Guide
16
2
Prerequisites
16
Generating SSH Keys
16
Sending SSH Keys to the Server
17
Connecting to CIRC Systems
17
Transferring Files Mac OS X, Linux and UNIX using the Command Line
18 18
Transferring files to CIRC Systems
18
Transferring files FROM BlueHive TO a personal computer
18
Windows using a Graphical Tool
Additional Information
Getting Started Guide
19
21
3
Introduction The instructions in this manual provide step-by-step instructions on requesting an account and preparing your computer to connect to the CIRC machines. Also included are basic tutorials on how to install select additional software that is often helpful when running jobs. If you have any questions that are not addressed in this user guide, e-mail us at
[email protected]. Please include you job number(s) if you are currently running any jobs to improve response time and in order for us to address you concerns directly.
Getting Started Guide
4
Requesting an Account Before you can use the CIRC’s systems, you must request an account. To do so, complete the online form using the link below, so that your request to access the system may be processed. Please fill out the Faculty Sponsor, Funding Information and Project Information sections completely. We do not disclose the information collected by this form outside of the University of Rochester. You will receive an e-mail to confirm your request for an account, and a follow-up e-mail notifying you when your account has been created. To fill out an account request form, follow the link: https://www.circ.rochester.edu/account_request.php
Getting Started Guide
5
Connecting to the Network All CIRC systems are located in a secure location owned by the University. Once an account has been created, users access the machines remotely. If you are using a wired connection on campus and you are not in the dorms, you may skip this section. For all other users, you must connect to the University of Rochester’s Virtual Private Network (VPN) each time before accessing the CIRC machines. This section provides information on how to connect using the VPN and a chart listing when you need the VPN to connect.
VPN Access If you are using wireless internet, are located in the dorms, or are not on campus, you need to connect to the VPN before accessing CIRC systems. If you are currently using the URMC VPN, you may also use it to connect to CIRC systems. Location
River Campus (Not in
Connection Type
VPN Required?
Wired
No
URMC
Wired
No
Dorms
Wired or Wireless
Yes
Off-Campus
Wired or Wireless
Yes
Wireless (Anywhere)
Wireless
No
Guest Wireless
Wireless
Yes
dorms)
The River Campus VPN software, installation instructions, and information on how to connect to the VPN are all available on the UR VPN Page available at https://www.rochester.edu/its/vpn. For URMC VPN users, please visit http://intranet.urmc-sh.rochester.edu/ InfoSystems/HelpResources/Network/VPN/ . Note: You will need your NetID and password to login and download the VPN software and instructions.
Getting Started Guide
6
Connecting to BlueHive CIRC users may access the CIRC systems in two different ways: using command-line and/or using a graphical user interface (GUI). A GUI connection is used when you wish to visually interact with your jobs, and is done through the NX Cluster only. New users may find a GUI interface easier than a command-line connection. To login to the CIRC machines, follow the steps below based on your operating system and according to the type of login you wish to use.
Connect using the Command Line (No GUI) Mac/Linux 1. Connect to the VPN (if necessary) 2. Open Terminal 3. At the prompt, type: ssh
[email protected]
and press enter or return. 4. Enter your NetID password when prompted and press enter. A message will appear that indicates you have logged in successfully. You are now logged in to the NX Cluster (See Figure 1). Note: You will not see anything appear as you type your password! Getting Started Guide
Figure 1: Shell login
7
Windows To access CIRC systems using Windows, you must first install an SSH client. The CIRC suggests using PuTTY, which is a free program. You can download it here: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html Find the link to download putty
-installer.exe on the page above. Once you have PuTTY downloaded, you can begin setting it up: 1. Run the installer. Accept all default options, and click ‘Yes’ or ‘Allow’ to any security prompts that may appear. 2. Open PuTTY (Start → All Programs → PuTTY) 3. Type bluehive.circ.rochester.edu
in the ‘Host Name (or IP Address)’ field. Set the ‘Connection Type’ to ‘SSH’ if it isn’t already (See Figure 2).
Figure 2: PuTTY settings
4. Click ‘Open.’ 5. Click ‘Yes’ at the security warning dialog. This will only happen the first time you connect to the NX Cluster and Blue Hive. A terminal window will appear and prompt you for both your NetID and password. Once you have entered them, a login message will appear (See Figure 3).
Getting Started Guide
8
Figure 3: SSH Login
Connect using a Graphical User Interface (GUI) A graphical user interface (GUI) allows users to interact with various software programs visually, such as Matlab or Mathematica. Users who wish to use a graphical interface should connect to nx.circ.rochester.edu only. The tutorials below list instructions on how to install and use several GUI programs suggested for use on the CIRC machines. Instructions for using the NX GUI are presented first, followed by instructions for alternative GUI interfaces, listed by operating system. NoMachine NX Client (All Operating Systems) The NX Client is free to download and works on any system. The CIRC recommends this method as it provides the fastest access to CIRC systems. Additionally, when you connect to NX, a ‘session’ is created for you. This session remains even when you disconnect your computer and close NX, allowing you to pick up where you left off next time you connect. 1. Download a copy of NX for free at: http://www.nomachine.com/download.php (Choose the appropriate download from the ‘NX Client Products’ section)
Getting Started Guide
9
2. Install NX, selecting all default options and clicking ‘Yes’ to any security permissions if necessary. 3. Connect to the VPN (if necessary), and then download and save the NX session file to your desktop from: https://www.circ.rochester.edu/securedownloads/ You must log in using your NetID and password to this page. You should save the file nx.circ.nxs by right-clicking the link to it, and then left-clicking ‘Download Linked File’ (or the equivalent option for your browser). 4. Double-click on the file you just saved, and enter your NetID and password in the window that appears. Then click Login. You will then have access to the graphical interface (see Figure 4). To exit NX, close the NX window as you would close a regular window. A disconnect window will appear. Select ‘Terminate.’ Once NX has been configured for the first time, you can continue to connect in the same way. However, on subsequent connections, the ‘session’ that
Figure 4: NX Login
you previously opened will still be present. You can select this and reconnect to it. X11 Forwarding (Mac OS X/Linux/UNIX) If you prefer not to use NX but still want a GUI, you can also do this from the Terminal. Please note that this requires having an X11 client installed. These are usually included with your OS, but you may have install one manually on certain Linux/UNIX systems, or use the installation media on Mac OS X. 1. Connect to the VPN (if necessary). 2. Open Terminal.
Getting Started Guide
10
3. Connect using SSH as presented in the ‘Connect using the Command Line’ instructions, but add the ‘-Y’ option: ssh -Y [email protected]
Now, when you run a graphical program (such as Mathematica), the program’s window will open on your machine. Xming (Windows) A free X11 client for Windows is Xming. If you already have PuTTY installed, download Xming here: http://download.cnet.com/Xming/3000-2094_4-10549058.html?tag=mncol If you haven’t already installed PuTTY, please review the ‘Connect using the Command Line’ section of this document and do so before proceeding. To Use Xming the First Time 1. Connect using VPN (if necessary). nx.crc.rochester.edu
2. Open Xming (Click Start → All Programs → Xming → Xming). When you do this, no window will open, but you will be ready to continue to the next step. 3. Open PuTTY (Click Start → All Programs → PuTTY → PuTTY). 4. In the PuTTY window, select
Figure 5: PuTTY setup of Xming
the ‘Session’ configuration panel on the left-hand side of the window, and enter nx.circ.rochester.edu in the ‘Host Name (or IP Address)’ field (See Figure 5).
Getting Started Guide
11
5. Under ‘Connections’ on the left-hand side of the window, click the ‘Data’ configuration panel. Enter your NetID in the ‘Auto-login username’ field (see Figure 6). 6. Again under ‘Connections’ on the left-hand side of the window, click the ‘SSH’ configuration panel. Check the ‘Enable compression’ box (see Figure 7). 7. Again under ‘Connections’ on the left-hand side of the window, expand the ‘SSH’ menu and click the ‘X11’ configuration panel. Select ‘Enable X11 forwarding,’ and set the ‘X display location’ to ‘:0’ (colon zero) (see Figure 8).
Figure 6: PuTTY Login setup
8. Go back to the Session configuration panel on the lefthand side of the window. Type NX Cluster under ‘Saved Sessions,’ and then click ‘Save.’ A session named NX Cluster will be created in the ‘Saved Sessions’ menu with all the setting changes you just made. 9. Double-click on ‘NX Cluster’ under the ‘Saved Sessions’ tab. A shell window will be displayed and you will be prompted for
Getting Started Guide
Figure 7: PuTTY compression setup
12
your password. Enter it, and press Enter/Return. If a warning message appears, click ‘Yes.’ 10.Type ‘xterm ’ and press Enter/ Return. The GUI window will appear. Now, when you run a graphical program such as Mathematica, the program’s window will open on your machine. Subsequent Uses of Xming After you configure PuTTY for Xming for the first time, you can connect using the following steps: 1. Open Xming (Start → All
Figure 8: PuTTY X11 display setup
Programs → Xming → Xming). When you do this, no window will open, but you will be ready to continue to the next step. 2. Open PuTTY (Click Start → All Programs → PuTTY → PuTTY). 3. Double-click ‘NX Cluster’ under ‘Connections.’ 4. Type ‘xterm’ in the terminal that pops up, and then press Enter/Return.
Getting Started Guide
13
Using SSH Keys The purpose of this section is to help you set up SSH key authentication for CIRC systems. SSH key authentication offers an additional layer of security for your passwords and your connection. In conventional password authentication, you prove who you are by using the correct password. If a server has been compromised or traffic intercepted, an attacker can learn your password. However, in public key authentication, you instead generate a key pair made up of a public key that everyone is allowed to know, and a private key which you keep secret. Your private key is able to generate signatures, and anyone with your public key can verify that this is a genuine signature. Using SSH keys involves generating a pair on your own computer, and copying your public key to the server. When the server asks you to prove who you are, your SSH client generates a signature from your private key that the server can verify using your public key. If somehow this communication is compromised, the attacker does not gain your private key or your password, only one signature, which cannot be re-used.
Mac OS X, Linux and UNIX Systems These instructions apply to Mac OS X, Linux & UNIX systems that have SSH already installed, which most will. Generating SSH Keys The first step is to generate your personal SSH keys. Open a terminal and type the following command: ssh-keygen
You will then be prompted to choose a directory to save the file to. You can just press ‘Enter’ to accept the default (which will be /Users/username/.ssh/id_rsa on Mac OS X, and /home/username/.ssh/id_rsa on Linux/UNIX systems).
Getting Started Guide
14
Next, you will be prompted to create a passphrase for your SSH key. It is critical that you enter a passphrase here! If you do not, anyone who gains physical access to your system will be able to connect with your credentials to any system that you use this key with! Additionally, you should not use the same password as you use to connect to the CIRC, or to log on to your computer. Note: You will not see the characters as you type your password. Once you’ve finished, your key will be generated, and you’ll be given both your fingerprint and randomart image, and your keys will be stored in the .ssh folder in your home directory. It is important that you back these files up and save them in a secure location! Sending SSH Keys to the Server The next step is to send your public SSH key to the server. This allows it to verify your identity and complete the authentication process. With one command line we can easily send the keys to the server. At the terminal prompt, type: cat ~/.ssh/id_rsa.pub | ssh @bluehive.circ.rochester.edu 'cat >> .ssh/authorized_keys && chmod 600 .ssh/authorized_keys'
This command copies the contents of your public SSH key to the server, and also makes sure the permissions are correct on it. Connecting to CIRC Systems Now that your keys are on the CIRC servers, you can now access systems as you normally would, e.g.:
ssh @bluehive.circ.rochester.edu
Getting Started Guide
15
However, note that you are now prompted for your SSH key passphrase, instead of your NetID password! If you are on a Linux or Unix system, this prompt will happen in the command line. If you are on Mac OS X, you will see a pop up prompt as in Figure 9. Figure 9 - SSH Key Passphrase Prompt
Windows Systems The steps for Windows machines are for the popular PuTTY suite. Prerequisites In order to use these instructions, you will need the PuTTY client as well as PuTTYgen. They can both be downloaded for free from: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html Generating SSH Keys When you open PuTTYgen, you will see a window where you can choose to ‘Generate’ a new key pair (see Figure 1). You will want to chose an RSA key, and 2048 bits. You can then click the ‘Generate’ button. You’ll have to move your mouse around in the blank area in the PuTTYgen window to generate randomness. You should then enter a key passphrase to encrypt your key, so that your key is not an open entry to your account on the server. If you do not enter a passphrase, anyone who gains your key file can use it to log in to CIRC systems as you! Once you’ve entered your key, click the ‘Save private key’ button and save it someplace safe. You will also want to save your public key in a safe location. Next, copy the text from the ‘Public key for pasting’ box (see Figure 11).
Getting Started Guide
16
Sending SSH Keys to the Server You should now connect to the CIRC systems using PuTTY as you normally would. (If you need assistance with this, see the Getting Started Guide). Once you are logged in, you can then load up your favorite text editor and modify/create the file ~/.ssh/authorized_keys, e.g.: vi ~/.ssh/authorized_keys
At the bottom of this file, you can paste the line you copied previously, and save the file. You will then want to ensure that the permissions on this file are appropriate: chmod 600 ~/.ssh/authorized_keys
Connecting to CIRC Systems Now that your keys are put on the CIRC servers, you can now access systems as you normally would, but you will have to change one option in the PuTTY settings. In the Auth panel, add the location of your private key file to the ‘Private key file for authentication’ box (see Figure 12). You should then re-save your session. When you connect to CRC’s systems in the future, you will be prompted for your SSH key passphrase instead of your NetID password.
Getting Started Guide
17
Transferring Files This section provides a brief overview of transferring files to the CIRC systems.
Mac OS X, Linux and UNIX using the Command Line Transferring files to CIRC Systems 1. Connect to VPN if necessary (see the VPN section more information). All steps must be performed on your LOCAL machine (i.e. not BlueHive). 2. Start Terminal (for Mac) or open a shell window (Linux). 3. Change directories to where the file you would like to transfer is located. 4. Enter cd /PathToFile/DirectoryOfFile
in the command-line window. To find what directory you are currently in, enter pwd in your command-line terminal 5. Enter the following in the command-line: scp FileName [email protected]:/home/NetID
6. Enter your BlueHive password. Your files will now be transferred securely.
Transferring files FROM BlueHive TO a personal computer 1. Connect to VPN if necessary (see the VPN section more information). All steps must be performed on your LOCAL machine (i.e. not BlueHive). 2. Start Terminal (for Mac) or open a shell window (Linux). 3. Change directories to where you would like to save the file.
Getting Started Guide
18
4. Enter scp [email protected]:FileName .
(Be sure to include the space and period after the file you wish to transfer.) 5. Enter your BlueHive Password. Your files will now be transferred securely.
Windows using a Graphical Tool WinSCP is an open-source software program that allows for easy file transfers between BlueHive and Windows-based computers. WinSCP may be downloaded free at http://winscp.net Use the default installation configuration and accept any security precautions that may appear. 1. Connect to VPN if necessary (see the VPN section more information). 2. Upon opening WinSCP, enter [email protected] for the Host Name, your NetID as the Username, and your password in the Password field.
3. Click Login. A window displaying your directories will appear.
Getting Started Guide
19
4. Files may be easily transferred to and from BlueHive by dragging and dropping files to the desired location. Files from your personal computer are on the left, while files on your BlueHive account are in the right column. You may also right click on the file you wish to transfer and then select “copy”. A window will appear asking you to specify the file destination location. 5. To end your BlueHive session, simply click the exit button in the top right corner of the window. Click OK in the termination window that appears.
Getting Started Guide
20
Additional Information For more information on using the systems, visit our web site at http:// www.circ.rochester.edu Questions? Comments? Email [email protected] for technical support and answers to questions not addressed in this guide.
Getting Started Guide
21