Connecting to office computers running Linux
If you want a command terminal...
| If your home computer is... | do this |
|---|---|
| Windows 10 |
In a CMD window, run:
ssh -o "ProxyCommand ssh.exe -a -x crsid@gate.eng.cam.ac.uk nc %h %p" crsid@computername |
| Mac OS X or Linux |
In a Terminal window, run:
ssh -J crsid@gate.eng.cam.ac.uk crsid@computername |
where computername is the name of your desktop PC and crsid is the bit before @cam.ac.uk in your email address.
The first time you ssh, it'll say that it can't confirm the identity of gate.eng.cam.ac.uk. The correct fingerprint for gate will be one of:
- ad:66:8e:86:11:7d:a9:c6:49:61:53:e4:32:42:a3:1d
- SHA256:kRkSJNfuw1WRWNUTzUvYhzb3DQd0arp91S0Hs0UoxYY
- SHA256:qAjHMRWKTXINUEr1H4Y/Mf5Dsp3iYjVPnz0vIiConxs
If it says anything else, do not login.
It's normal to have to enter the password twice. That's because you're starting two ssh connections - one from your home computer to gate, and from your home computer to your work computer.
If you want a graphics login...
Using ssh
[Simple, but least reliable and slowest.]
- Substitute 'ssh -Y' for 'ssh'. the runes above.
The X11 protocol isn't well suited for long distance connections that have a higher network latency. This method is not suitable for interactive and/or complex graphics.
If you are using a Mac or Windows, you need to install an X server. Applications that we typically use require OpenGL, which isn't as well supported on MacOS and Windows as it in on Linux.
Once you are logged in, you can launch 'matlab', 'lowriter' (Word processor) and 'nautilus' (file browser) from the terminal.
Using RDP
[Works well when the office computer is running Ubuntu 20+.]
- Follow the connecting to Windows instructions.
All our Ubuntu 20 computers run an RDP server, which is what allows the windows instructions to work. The have been some compatibility issues the older versions of Ubuntu, especially with Mac clients.
Using VNC
[Reliable and works well, but is tricky to set up.]
Starting the VNC server
First login with a command terminal by following the instructions above or otherwise, and start up the VNC server like this:
env - HOME=$HOME PATH=$PATH LANG=$LANG USER=$USER vncserver
This use of 'env' may be unfamiliar - it clears the environment so the vnc server you're starting doesn't end up with its environment being blended with your current session's environment.
If you're starting VNC for the first time, it'll ask you to set a password. Pick a good password - it's protecting your login account. When it asks if you want a view-only password, say no.
VNC will tell you which display number it has picked. Let's suppose it picked display :6.
Install a VNC client
You'll need to install a VNC client on your home computer, if your computer doesn't have one already.
On the TigerVNC download page, vncviewer64 is the portable version (runs without installing) and tigervnc64 installs as normal program in the Program Files directory. If you choose the latter, untick 'Register new TigerVNC server' and 'Start or restart Tiger VNC service' - you don't need these to run the VNC client.
Start the network connection
| If your home computer is... | do this |
|---|---|
| Windows 10 |
In a CMD window, run:
ssh -L 5901:localhost:5906 -o "ProxyCommand ssh.exe -a -x crsid@gate.eng.cam.ac.uk nc %h %p" crsid@computername |
| Mac OS X or Linux |
In a Terminal window, run:
ssh -L:5901:localhost:5906 -J crsid@gate.eng.cam.ac.uk crsid@computername |
where computername is the name of your desktop PC and crsid is the bit before @cam.ac.uk in your email address, just like the examples above. Leave the 5901 alone, but change 5906 to 5900 + the VNC display number.
Start the VNC client
Now run your VNC client on your home computer. On Linux, this is likely to be called 'vncviewer'.
Tell your VNC viewer to connect to display :1
- It may complain that the session is not encrypted, but this isn't true - it doesn't know that it is being tunnelled over ssh.
- If you forget your VNC password, login with a command terminal and run 'vncpasswd' to reset it.
- If you get a desktop session that looks like it comes from the 1980s, restart edit ~/vnc/xstartup and change the window manager from twm to /etc/X11/Xsession. This will probably be the last line of the script. Simply removing ~/.vnc/xstartup may also work.
- If you connect successfully and you can see your graphics session, but it immediately wants your password, this is just because your screen saver has locked the display - it wants your normal login password.
When you've finished, don't logout - just leave the close the VNC client window. The VNC server will stay running, and you can connect next time with the same display number.