Differences between revisions 12 and 13
Revision 12 as of 2020-03-13 14:47:38
Size: 2982
Revision 13 as of 2020-03-13 14:48:38
Size: 2980
Deletions are marked like this. Additions are marked like this.
Line 35: Line 35:
  * Firefox (Linux): Edit->Preferences->Network Settings-> Settings... :   * Firefox (Linux): Edit->Preferences->Network Settings-> Settings...

WARP USAGE for Safe Remote Login


  ssh warp.zeuthen.desy.de

  ssh warp.zeuthen.desy.de -t project=<project>
  • default project is your login group

  ssh warp.zeuthen.desy.de -t target=<wgs>
  • default target is a group wgs with the lowest load

  ssh -oProxyCommand='ssh warp.zeuthen.desy.de nc %h %p' <wgs>

  ssh -oProxyCommand='ssh warp.zeuthen.desy.de target=%h mode=proxy' <wgs>

Special Cases

Access to internal Web Pages

  • e.g. for registry.desy.de
  • establish an ssh tunnel to warp
    • ssh has built-in support to act as a SOCKS proxy.
    • UNIX: All you have to do is use the -D option.
    •   ssh -D localhost:2233 warp.zeuthen.desy.de
    • Windows:
      • putty1.png putty2.png

  • In both operating systems start your browser or other application which supports SOCKS proxies with proxy localhost and your choosen port, here 2233
    • Firefox (Linux): Edit->Preferences->Network Settings-> Settings...

    • Firefox (Windows): Tools->Preferences->General->Network Settings-> Settings...

      • choose Manual proxy configuration

      • SOCKS Host: localhost

      • Port: 2233

      • SOCKS v5 should work

* Safari: Preferences -> Advanced, Proxies: Change Settings ...

  • All outgoing and incoming data for the browsing session will be encrypted since it passes through the SSH connection.

VNC session

  • from Linux and MacOS client
    • adapt or create your .ssh/config

      •     GSSAPIAuthentication yes
            GSSAPIDelegateCredentials yes
            # GSSAPIKeyExchange yes          # does not yet work on SL5
            # GSSAPIRenewalForcesRekey yes   # does not yet work on SL5
            host warp
                Hostname warp.zeuthen.desy.de
                User <your_account>
    • start the vncserver on the wgs
      •     ssh warp vncserver -localhost
    • Look at the output and note the host name of the wgs and the Display
      • In this example it is  wgs14.zeuthen.desy.de:6 

    • create a ssh tunnel to the wgs:
      •     ssh -o ProxyCommand="ssh warp.zeuthen.desy.de nc  %h %p" <wgsname> -L 590<Local vnc display>:localhost:590<Display>
            ssh -o ProxyCommand="ssh warp.zeuthen.desy.de nc  %h %p" wgs14.zeuthen.desy.de  -L 5909:localhost:5906
    • start the vncviewer by taking the host and display addresses from the line
      • "desktop is <host>:<display>"

            vncviewer localhost:9
    • at the end stop the server by
      •     ssh warp vncserver -kill :<display>
  • from Windows client (e.g. putty) it is a bit more complicated because the option ProxyCommand isn't supported

Command Execution

  ssh warp.zeuthen.desy.de <command>
  ssh warp.zeuthen.desy.de target=<wgs> <command>
  ssh warp.zeuthen.desy.de project=<project> <command>

Warp_Login_Usage (last edited 2020-03-13 14:48:38 by ManuelaBrehmer)