|
Size: 3614
Comment:
|
Size: 4915
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
| The following article explains how to access the desktop of a Linux host residing inside the ETH network from another host on the in- and outside. Throughout the article, the following placeholders are used: * Host '''A'''<<BR>> This is a remote host in- or outside the ETH network, i.e. your home computer. It will run the software to view a desktop, the [[#VNC_viewer_software|VNC viewer]]. * Host '''B'''<<BR>> This is the entrance gateway to the ETH network to bypass the firewall restrictions for connections from the outside, by the name of '''login.ee.ethz.ch'''. It is used to tunnel SSH connections. It is not necessary when you're using VPN. * Host '''C'''<<BR>> This is the target host you intend to connect to. If it's your personal PC in your office you know its name. Students can use an arbitrary shared student room PC like tardis-d12. If you're using a shared student PC, [[#Check_.28student.29_host_availability|check it's availability]] at login. |
The following article explains how to access the desktop of a Linux host residing inside the ETH network from another host on the in- or outside by using __V__irtual __N__etwork __C__omputing (VNC)<<FootNote([[https://en.wikipedia.org/wiki/Virtual_Network_Computing|VNC on Wikipedia]])>>. Throughout his article, the following placeholders are used: * '''current_host''': This is a remote host in- or outside the ETH network, i.e. your office computer or home computer; the host you are currently working on. It will run the software to view a remote Linux desktop, the [[#VNC_viewer_software|VNC viewer]]. * '''gateway_host''': This is the entrance gateway to the ETH network to bypass the firewall restrictions for connections from the outside, by the name of '''login.ee.ethz.ch'''. It is used to tunnel SSH connections in case you choose not to use VPN. * '''internal_host''': This is the target host you intend to connect to. If it's your personal PC in your office you know its name. Students can use an arbitrary shared student room PC like tardis-d12. If you're using a shared student PC, [[#Check_.28student.29_host_availability|check it's availability]] at login. * '''eth_username''': This is the username you use to log in anywhere on an ETH provided IT service. * '''eth_password''': This is your password used in combination with your ''eth_username'' which lets you access ETH provided IT services, except for network authentications (see below). * '''eth_network_password''': This is your password also used in combination with your ''eth_username'' which is used for authentication to network services like Wifi and VPN. It is different from your ''eth_password''. |
| Line 13: | Line 13: |
| If your host '''A''' resides outside of the ETH network, you need to connect to it by initiating a VPN connection. The following steps explain the necessary prerequisites.<<BR>> If your host is alreay inside the ETH network, skip to the next paragraph. |
If ''current_host'' resides outside of the ETH network, you need to connect to it by initiating a VPN connection. The following steps explain the necessary prerequisites.<<BR>> If ''current_host'' is alreay inside the ETH network, skip to the next paragraph. |
| Line 16: | Line 16: |
| === Know your ETH network password === * The ''ETH network password'' is used for Wifi and VPN access. It is different from your regular ''ETH password'' * If you're unsure about your ''ETH network password'', login on [[https://password.ethz.ch/|password.ethz.ch]] with your regular ''ETH password'' and change the former password to a known value. |
=== Know your eth_network_password === If you're unsure about your ''eth_network_password'', login on [[https://password.ethz.ch/|password.ethz.ch]] with your regular ''eth_password'' and change your former ''eth_network_password'' to a new password. |
| Line 20: | Line 19: |
| === Install the VPN client === * Go to [[https://sslvpn.ethz.ch/|sslvpn.ethz.ch]] and follow the instructions provided there to download, install and configure the Cisco AnyConnect VPN client provided by central IT services. * To log in, use your ''ETH username'' in combination with your ''ETH network password''. * If you have access to additional realms, a.k.a virtual private Zones (VPZ) you can list them by visiting [[https://realms.ethz.ch/|realms.ethz.ch]]. |
=== Install the VPN client on current_host === * Go to [[https://sslvpn.ethz.ch/|sslvpn.ethz.ch]] and follow the instructions provided there to download, install and configure the Cisco !AnyConnect VPN client provided by central IT services. * To log in here you have to use your ''eth_username'' in combination with your ''eth_network_password''. * If you have access to additional realms, a.k.a virtual private Zones (VPZ), you can list them by visiting [[https://realms.ethz.ch/|realms.ethz.ch]]. |
| Line 26: | Line 25: |
| * Now you are ready to connect the VPN client to the ETH network and continue with the following steps. | * Now you are ready to connect the VPN client on ''current_host'' to the ETH network and continue with the following steps. |
| Line 28: | Line 27: |
| == Start a VNC server on host C == To start a VNC server instance on your host '''C''' you need to initiate a SSH connection to said host. |
== Start a VNC server on internal_host == To start a VNC server instance on ''internal_host'', you need to initiate a SSH connection to it. === Initiate a SSH connection to internal_host === * If ''current_host'' is a Linux client, issue the command `ssh eth_username@internal_host` in your terminal and log in with your ''eth_password''. * If ''current_host'' is a Windows 10 client you can use the optional installable feature (Apps -> Optional features -> OpenSSH Client) to issue the command as described for a Linux client above. * Alternatively, you can follow the article about [[WindowsDirectSSHAccess]] for a comfortable setup with [[https://www.chiark.greenend.org.uk/~sgtatham/putty/|putty]] on Windows. === Setup and start the VNC server === |
Contents
Remote access to a Linux host's desktop with VNC
The following article explains how to access the desktop of a Linux host residing inside the ETH network from another host on the in- or outside by using Virtual Network Computing (VNC)1. Throughout his article, the following placeholders are used:
current_host: This is a remote host in- or outside the ETH network, i.e. your office computer or home computer; the host you are currently working on. It will run the software to view a remote Linux desktop, the VNC viewer.
gateway_host: This is the entrance gateway to the ETH network to bypass the firewall restrictions for connections from the outside, by the name of login.ee.ethz.ch. It is used to tunnel SSH connections in case you choose not to use VPN.
internal_host: This is the target host you intend to connect to. If it's your personal PC in your office you know its name. Students can use an arbitrary shared student room PC like tardis-d12. If you're using a shared student PC, check it's availability at login.
eth_username: This is the username you use to log in anywhere on an ETH provided IT service.
eth_password: This is your password used in combination with your eth_username which lets you access ETH provided IT services, except for network authentications (see below).
eth_network_password: This is your password also used in combination with your eth_username which is used for authentication to network services like Wifi and VPN. It is different from your eth_password.
Connect to the ETH network
If current_host resides outside of the ETH network, you need to connect to it by initiating a VPN connection. The following steps explain the necessary prerequisites.
If current_host is alreay inside the ETH network, skip to the next paragraph.
Know your eth_network_password
If you're unsure about your eth_network_password, login on password.ethz.ch with your regular eth_password and change your former eth_network_password to a new password.
Install the VPN client on current_host
Go to sslvpn.ethz.ch and follow the instructions provided there to download, install and configure the Cisco AnyConnect VPN client provided by central IT services.
To log in here you have to use your eth_username in combination with your eth_network_password.
If you have access to additional realms, a.k.a virtual private Zones (VPZ), you can list them by visiting realms.ethz.ch.
Initiate a VPN connection
Now you are ready to connect the VPN client on current_host to the ETH network and continue with the following steps.
Start a VNC server on internal_host
To start a VNC server instance on internal_host, you need to initiate a SSH connection to it.
Initiate a SSH connection to internal_host
If current_host is a Linux client, issue the command ssh eth_username@internal_host in your terminal and log in with your eth_password.
If current_host is a Windows 10 client you can use the optional installable feature (Apps -> Optional features -> OpenSSH Client) to issue the command as described for a Linux client above.
Alternatively, you can follow the article about WindowsDirectSSHAccess for a comfortable setup with putty on Windows.
Setup and start the VNC server
View and control your remote Desktop on host C
VNC viewer software
The listed VNC software contains a viewer component and is available for both Linux and Windows:
TightVNC: Opensource
TigerVNC: Opensource, a fork of TightVNC with additional features
TurboVNC: Opensource, a fork of TightVNC with peak 3D/video performance as a goal
RealVNC: Freeware
The above list is not meant to be complete, feel free to install other solutions on your own on your home computer.
- TigerVNC viewer is installed on managed Linux clients
- On managed Windows clients, RealVNC viewer is installed on request
Check (student) host availability
Check with the command htop if any other users are using C's resources right now. If they do, log out and log in to a different host.
A list of student hosts can be shown by issuing the command grep tardis /etc/hosts
And Mac users?
To be documented. Hint: Everything you need is already available in macOS.