Technical Note - Working From Home

Summary

This tech note addresses two separate issues to working from home:
  • File transfer
  • Running software remotely

If you are looking for help with reading email, you should consult the email tech note.

Details

Which machine to connect to.

Whether you are wanting to transfer files or connect in a more interactive way, you first need to know what machine to connect to. Your files are visible on any of the School's servers but depending on what sort of user you are (Undergraduate/Graduate/Staff) you only have access to a subset of them. Likely machines to try are greta-pt.ecs.vuw.ac.nz or barretts.ecs.vuw.ac.nz as these are accessible to all.

Typically workstations (and some specialist servers) are not directly accessible from off campus. If you really need to access one of those machines do it as a two stage process: connect to an accessible server and then from there connect to the machine you want.

File Transfer

File transfer from ECS machines is achieved using SCP or SFTP. There are many clients available for a variety of operating systems.

  • Windows: We recommend WinSCP.
  • OS X: You can use the command-line scp and sftp commands, or something like Cyberduck, Mountain Duck or Fugu, if you prefer GUIs.
  • * nix variants: You should have command-line scp and sftp on your machine.

Older file transfer protocols such as ftp should not be used since they transmit passwords in clear text (unencrypted) over the network. This is particularly discouraged if you are connecting via the public internet, since you have no idea who might be snooping on the network. The one exception where it is OK to use ftp is if you are downloading from an anonymous ftp service (ie: you are not required to log in using your username/password in order to download files).

Working Remotely

Terminal (SSH)

The ECS network is configured to allow incoming ssh connections to all students. You should be able to access a machine from anywhere in the world.

  • Windows: Windows users will want to use PuTTY to get an SSH connection.
  • OS X, *nix variants: You should have ssh installed and accessible from the command-line.

Again, older protocols such as telnet which transmit information in clear text should not be used.

X Forwarding (SSH with X forwarding)

X forwarding is the process of having X windows drawn on your own screen than on the remote machine. This means that you can interact with our NetBSD GUI programs at home.

ALERT! Because all interactions have to be transmitted to an ECS machine and then the window section redrawn and sent back to you, this method can be slow, particularly so on an international connection. Where possible, it may make more sense to transfer the documents you wish to use with scp, and then run programs on your own machine. Many of the programs ECS utilises are open-source and free to install at home.

To view the X windows, you need an X window server to be running:

  • Windows: Cygwin is the best way to achieve this. To start your X server when Cygwin is installed, you run xinit from the Cygwin window.
    More recent (Nov 2016) installations of Cygwin on the School's windows workstations appear to provide a better rendered X window if you type startxwin instead of xinit
  • OS X: You need to install the X11 optional package called Xquartz https://www.xquartz.org/
  • * nix variants: You should already have an X server running.

Once the X server is running, you should run ssh -X [username]@[host]. For example, Lindsay Kingston logs in with ssh -X kingstlind@greta-pt.ecs.vuw.ac.nz.

Full Remote Session (VNC)

ALERT! Advanced users only

VNC needs to be tunneled through SSH, as the traffic it sends is unencrypted. To get a VNC session, you should do the following:
  1. Start vncserver by SSHing onto an ECS server. Not all servers will work, use embassy or regent.
    • For the first time only, run vncpasswd, to create a vnc password file.
    • Run vncserver
      • vncserver :1 # 1 is the display number, you may have to use a different number if it is already being used
    • Take note of the outputted information. You need the port number.
      • Eg. vncext: Listening for VNC connections on all interface(s), port 5901
  2. Create an SSH tunnel:
    • For Windows and PuTTY:
      • Select Connection -> SSH -> Tunnel.
      • Type port number= into the Source Port box (eg. "5901").
      • Type [host]:[port number] into the Destination box (eg. embassy.ecs.vuw.ac.nz:5901)
      • Select Open and login as normal.
    • For OS X and *nix variants: Type ssh -L [port number]:localhost:[port number] (eg. ssh -L 5901:localhost:5901 embassy.ecs.vuw.ac.nz)
  3. Start your VNC client.
  4. Type in localhost:[port number] (eg. localhost:5901).
  5. When you are finished close the client.
  6. Make sure you kill the vnc server by exiting your first ssh session
  7. Exit your SSH tunnel.

The password used by the VNC server to control access is set with the vncpasswd command and is stored in ~/.config/tigervn/passwd. If you need to reset the password delete ~/.config/tigervn/passwd first. Also an old configuration directory ~/.vnc can course problems. If it's there delete this and all it's contents 'rm -r ~/.vnc'

Full Remote Session (VPN) [Staff only]

Windows and Mac users may use Remote Desktop Connection over VPN for effective access to campus services and ECS Windows servers. For VPN installation see the ITS Remote access.
Print version | Backlinks |