Remote
Access to CITA
getting Internet service
mail settings
ssh
access
ssh tunnelling
accessing bobMonitor from home
UTORvpn
remote desktops via VNC
getting internet service
Most CITAzens use either Sympatico from Bell (the phone company) or
Rogers (cable). UofT staff and faculty are entitled to a 15% discount
on Sympatico service. You can register for service online at the Sympatico website but first you
will
need a special UofT
group key in order to get the discount.
In the past, CITAzens made use of the Bell Megabit Access service in order to connect to the internet through the
University
of Toronto network and thereby access services that are
usually
restricted to the university community such as the Library's electronic
journals. In early 2005 this was replaced with UTORvpn.
Mail Settings:
If you use a text-based
mail
client like pine or Eudora then all you ever need is a window that can
login
to CITA. If you're hooked on something like Thunderbird/Mozilla you'll
have to do a
bit
of configuration. See the Electronic Mail
section of these pages.
Ssh access
Access CITA machines by using ssh to reach our gateway machine
gw.cita.utoronto.ca (currently
known as falcon but this could change
without warning). Once logged on
there you can ssh into any other CITA machine. See the section below on
ssh tunneling to learn how to transparently access any CITA machine
from outside.
Linux boxes should already have an ssh client installed. If your
windows
machine does not have ssh you can download the non-commercial SSHSecureShellClient
(from
www.ssh.com ) or download putty.
Both
of these have secure ftp-like clients as well for copying files and
directories.
If one is using windows it is possible to forward graphical programs from cita linux workstations. Using VNC may provide less hassle (and better performance?) but one can also use XMing to set up an X-server in windows. Details of how to configure this can be found here.
Sometimes, when connecting to falcon, users will receive an error
message
that won't stop repeating itself ( " X11 auth data does not match
fake
data. "). Unless you need X11 forwarding it is best to turn
it
off using the -x argument to ssh. The command then takes the form
"ssh
-x username@falcon.cita.utoronto.ca". Another work around
for
this is to open another terminal window and log into falcon again while
the
first is still running, you can then close the first window.
UTORvpn
Access to certain campus
resources (such as
Library online journals) is restricted to computers connected to the
UofT network. For those who connect to the Internet through a
commercial ISP, the VPN service
allows you to establish a 'direct' connection to the UofT network. You
must login to the VPN with your UTORid and password.
Your UTORid is the key
to accessing many UofT services such as UTORvpn, UTORschedule,
MyUtoronto and for downloading Norton AntiVirus. The first step
is to get the appropriate letter from Margaret and then get a library
card by going to the
Robarts
Library (the peacock-shaped building just 1-2 blocks north of CITA at
St.
George and Harbord) . Once you have the card you will be able
to activate
your UTORid and then register
for
UTORvpn.
Remote Desktops via VNC:
You can access your desktop from home using TightVNC.
The command to do this in linux is vncviewer -via
username@falcon.cita.utoronto.ca
machine:port_number where username
is your login name, machine
is the VNC server you wish to use and port_number is the display you
wish
to use.
For most users, the easiest way to do it is to connect to the servers
on
falcon or kodiak. The following ports display the following
resolutions:
Port:
|
Resolution:
|
50
|
1600x1200
|
51
|
1280x1024
|
52
|
1024x768
|
For example, if user foo wants to connect to kodiak from
home at the resolution 1024x768, he would type: vncviewer -via
foo@falcon.cita.utoronto.ca
kodiak:52
Alternatively, you can make your own VNC server by logging into your
favourite
machine and typing vncserver and
then connecting to the port number given to you. Remember to kill your VNC servers after
you're
finished! Just like any X server, they keep all your programs in
memory
until killed.
Anti-Virus: All UofT faculty,
staff
and students are entitled to install Norton Anti-Virus (NAV) software
on
their windows machines. Before you begin, you will need to get a UTORid (NOT the same thing
as
your UTORdial account above). Then follow the NAV instructions
SSH Tunneling:
What if you want to scp a file directly from your home machine to the
scratch disk of kodiak? That looks like a problem because the outside
world can not see kodiak. Similarly, bob runs a web server but the CITA
firewall prevents outsiders from seeing it.
The way to get around such issues is to use ssh tunneling. As long as
you can ssh to gw.cita.utoronto.ca you should be able to tunnel a
connection to any other CITA machine via ssh. The following
instructions assume that you're using a linux box at home.
The same thing can be done from a windows machine by setting up
tunneling in the ssh gui or by running cygwin and then doing the linux
tricks below.
On your home machine issue the following command, login to the gateway
machine and leave that window open:
ssh -L 7777:kodiak:22
gw.cita.utoronto.ca
This effectively opens up a channel from port 7777 on your home machine
to port 22 on kodiak. The 22 is a significant and necessary number
because this is the port reserved for ssh (i.e. you can now do
scp & ssh directly
to kodiak). The choice of 7777 is NOT special - it just has to be
in the range
1025-65535.
To actually use your ssh tunnel you can now do the following from your
home machine:
ssh -p 7777 localhost (log
directly into kodiak from home)
scp -P 7777 junk1 localhost:/scratch/<username> (copies file
junk1 from home machine to scratch on kodiak).
rsync -avz -e "ssh -p 7777"
localhost:/cita/h/home-1/<username>/STUFF ~TEMP (rsyncs the
directory STUFF from kodiak back to your home machine into
directory TEMP)
One thing to note is that ssh uses "-p" for port-forwarding whereas
it's a capital letter with scp.
You can combine multiple port connections in a single line; e.g.
ssh -L 7777:kodiak:22 -L
5050:bob:80
gw.cita.utoronto.ca