Remote Usage of EWS

Contents:

• Introduction
• Obtaining Secure Clients and Configuring Them
• Remote Linux Servers and X-forwarding
• Windows Remote Desktop
• Contacts

---

Introduction

The College of Engineering and the Engineering Workstations Labs (EWS) are committed to providing a secure computing environment. To achieve this goal EWS has disabled any communications services that transmit clear text passwords. EWS users should use SSH and/or SFTP clients to connect to the EWS unix/linux workstations. To download and use secure clients, see "Obtaining secure clients and configuring them" on this page.

Obtaining secure clients and configuring them

All of the software listed here is free or site-licensed for free.

When you click on the links below, the software download will open in one browser window and the instructions will open in another, so that you can view both at once.

• SSH and SFTP for Windows:
  

  EWS recommends using Cygwin (www.cygwin.com), a very robust Linux-like environment for Windows, for SSH connectivity from Windows. Cygwin is freely available from www.cygwin.com.

  For SFTP connectivity, WinSCP is freely available for download from http://winscp.sourceforge.net.

  • Configuring and Using Cygwin: http://www.ews.uiuc.edu/clrtxt/cygwin/
    
  • Xming an alternative to Cygwin:http://www.straightrunning.com/XmingNotes/
    
  • Overview of SSH for Windows: http://www.cites.uiuc.edu/security/ssh/winssh.html
    
  • Overview SFTP for Windows: http://www.cites.uiuc.edu/security/ssh/winscp.html
    


• SSH and SFTP for Macintosh OS X:
  
  • SSH comes with versions 10.1 and above. See your system manuals for configuration directions.
  • SFTP connections can be made with Fugu, which has been released by the University of Michigan's Research Systems Unix Group.
  • Overview of SSH for Macintosh: http://www.cites.uiuc.edu/security/ssh/unixssh.html
  • Overview of SFTP for Macintosh: http://www.cites.uiuc.edu/security/ssh/unixscp.html
    


• SSH and SFTP for Unix (OpenSSH):
  The OpenSSH packages for various flavors of Unix are available from the OpenSSH project Web site: http://www.openssh.org/portable.html. Each platform-specific package includes both SSH and SFTP.
  
  • Overview of SSH for Unix: http://www.cites.uiuc.edu/security/ssh/unixssh.html
    
  • Overview of SFTP for Unix: http://www.cites.uiuc.edu/security/ssh/unixscp.html

X-forwarding explained

"X" is a window system (often referred to as the X Window System), which is used on many Linux machines. Under this system, it is possible to easily run programs remotely and make them appear as if they were run on the local machine.

As an alternative to X-forwarding over SSH using Cygwin or Exceed as an Xclient, EWS is now providing NX access to the remlnx.ews.uiuc.edu dedicated remote Linux servers. NX provides a secure mechanism similar to VNC or RDP, allowing the client desktop to be sent over the network with encryption and compression. The compression and client side bitmap caching allow NX to perform reasonably well even over slow network connections. See the section on NX below.

• NX Client:
  Instructions detailing the download, installation, and configuration of the NX c lient software can be found here: http://www.ews.uiuc.edu/userguide/clrtxt/nx_setup/.
  
  
• X-forwarding for Windows:
  In order to run programs with X-forwarding, SSH and a Windows X server program is needed. The EWS Windows labs currently use Hummingbird's Exceed as their X server program. For home use EWS recommends the freely distributed cygwin package which contains an X server and openSSH. Due to the fact that this is a free package, the setup may be slightly less intuitive than commercial packages. See the online documentation for cygwin for more information. Xming is another free X forwarding program avalable for free home use. The following should explain how to configure necessary software to do X-forwarding:
  
  
  • Configuring and using Cygwin
  or if you prefer to use Exceed:
  • Setting up SSH:
    
    • Start Putty.
    • Under "Edit" select the "Settings" option.
      
    • Under "Profile Settings" select the "Tunneling" option.
      
    • The option "TunnelX11 connections" needs to be enabled.
      
  • Configuring Exceed for Windows:
    • X server programs typically do not need setting up beyond setting the window size. Run the X configuration for the X server program. In Exceed, choose the Xconfig option in the start menu in order to check the setup.
      
    • The easiest setup is to have a single window set at full screen.
      
  • Running X windows software:
    
    • When everything is configured, run SSH and the Windows X server software.
      
    • On SSH, connect to a client machine (ie. remlnx.ews.uiuc.edu) and login.
      
    • Run the application (ie. Mathematica) you wish to start from the command prompt.
      
  
  
• X-forwarding for Macintosh:
  In order to run programs with X-forwarding on Macintosh OS X all you need is SSH (already provided) and X11 for Mac OS X, which is available from Apple for free. Follow the link and then download and install X11 for Mac OS X.
  
  
  • Configuring X11:
    
    • Download and install X11 for Mac OS X.
    • Beyond the install, no configuration changes are needed.
      
  • Running X11:
    
    • Run /Applications/Utilities/X11.app to start X11. This should bring up an xterm.
      Note:You might also want to create a shortcut on the dock to this.
      
    • At the prompt in the xterm, connect to an EWS workstation by typing:
      ssh -X your_netid@machine_name.ews.uiuc.edu
      or, if the -X gives you problems
      ssh -Y your_netid@machine_name.ews.uiuc.edu
      The -X enables X-forwarding. Sometimes, you might need to use -Y instead, this enables trusted X-forwarding. Hostnames (i.e. remlnx.ews.uiuc.edu) for each lab can be found on the Hours and Locations page.
      
    • Run the application (ie. Mathematica) you wish to use from the command prompt.
      
  
  
• X-forwarding for Unix/Linux:
  To run applications with X-forwarding on a non-ews unix/linux machine, you need to make sure you have X installed and you need SSH.
  
  
  • Connecting and running an application:
    • Once you have X running on your system, open an xterm. At the prompt, connect to an EWS workstation by typing:
      ssh -X your_netid@machine_name.ews.uiuc.edu
      The -X enables X11 forwarding. Hostnames (i.e. remlnx.ews.uiuc.edu) for each lab can be found on the Hours and Locations page.
      
    • Run the application (ie. Mathematica) you wish to use from the command prompt.
      
      
• Using a Remote Font Server:
  In some cases an application will require additional fonts which are not available to the X client on the machine that is connecting to EWS. When this is the case, the easiest solution it to add the EWS Font Server to the font path. After connecting to the remote EWS machine using SSH, run the following command at the prompt to add the font server to the font path:
  
     linux_prompt> xset +fp tcp/fs.ews.uiuc.edu:3389
  
  Once the font server is in the font path the application can be run.
  
  

NOTE:It is important to keep in mind that X applications require more data to be sent to the display than traditional Linux text-based applications. Please exercise good judgment when X-forwarding graphic-intensive applications from the EWS workstations.

Windows Remote Desktop

Remote desktop connections are now available to 40 workstations in Mechanical Engineering Lab between 12:01am and 4am everyday.

To connect from any edition of Windows XP:

1. Go to Start -> Programs -> Accessories -> Communications -> Remote Desktop Connection.
   Alternatively, click Start -> Run.. and type mstsc.exe (the Remote Desktop executable) and press enter.
2. Pick a workstation (ment[26-80].ews.uiuc.edu) that is shown as not currently in use below. Type the full hostname into the "computer" box and press enter.
3. Log in using your AD username and password as you normally would to an EWS workstation.

To connect from other versions of Microsoft Windows:
download the Remote Desktop Client from Microsoft at http://www.microsoft.com/windowsxp/downloads/tools/rdclientdl.mspx. After installing and running the package according to included instructions, follow from step 2 above.

To connect from Mac OS X:
download the Remote Desktop Client for Mac from Microsoft at http://www.microsoft.com/mac/otherproducts/otherproducts.aspx?pid=remotedesktopclient. After installing and running the package according to included instructions, follow from step 2 above.

To connect from another operating system such as Linux:
download rdesktop from http://www.rdesktop.org/ for platform independent source code (You will need to compile this on your system).

All EWS policies apply to remote desktop users. Additionally:

• Any session that is left idle (no user input) for 30 minutes will be automatically terminated.
• Any session that is disconnected will be automatically terminated if not reconnected within 30 minutes.
• All users will be logged off automatically at 4am. 10 minute, 5 minute, and 1 minute warnings will be given.
• Any user that has multiple remote sessions on windows running simultaneously will have their remote priviledges revoked and risk losing all EWS access.

CURRENT DESKTOP USAGE

.

in use

.

not in use

MELRDP

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

Contacts

Please send all questions or comments about these policies to manager@ews.uiuc.edu.

If after following the instructions here you have problems installing or configuring a secure client, contact the CITES Central Help Desk at 244-7000 or consult@uiuc.edu.

EWS Manager: manager_AT_ews.uiuc.edu
©2008 Engineering Workstations,
College of Engineering,
Departmental Services (DS),
Campus Information Technologies and Educational Services (CITES),
University of Illinois at Urbana Champaign