Differences

This shows you the differences between two versions of the page.

--- access [2023/04/21 10:21] – olivier
+++ access [2025/03/10 10:51] (current) – [Computer Access] olivier
@@ Line 1: / Line 1: @@
 ====== Access to CIM Servers ======
+===== Computer Access =====
 You can use secure shell (SSH) to log into a CIM system.  On a Linux or Mac system, you can directly ssh to to a cim machine with
@@ Line 11: / Line 13: @@
 Once connected to the server, you will be presented with a Linux command line.  If unfamiliar with the Linux environment, here is a link to a [[https://ubuntu.com/tutorials/command-line-for-beginners|quick guide]] that covers the basics of Linux shell operation.
+To use Key access, refer to the following page: [[access:sshkeys| Using SSH Keys]]
+==== Private servers ====
+Some CIM computers are on a private (internal) McGill vlan (10.69.54.0/23).  These servers cannot be accessed directly from the internet.  To access these computers, you can use the McGill vpn to get on the McGill network, or you can use any public CIM server as an ssh jump host.  (SSH jump hosts are a way to proxy ssh connections through one server to access another)
+The command to connect to a private CIM computer is:
+<code>
+ssh -j <CIMUSERNAME>@barn.cim.mcgill.ca <CIMUSERNAME>@<PRIVATESERVER>.cim.mcgill.ca
+</code>
+As more people will be using jump hosts to access CIM resources, we are creating multiple publicly accessible jump hosts to help spread the load. The following jump hosts are available for use by CIM members:
+  * **cow.cim.mcgill.ca**
+  * **pig.cim.mcgill.ca**
-===== PuTTY =====
+==== PuTTY ====
 If you are on another type of operating system, we suggest using an ssh client such as [[https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html|PuTTY]] to connect to CIM computers.
@@ Line 25: / Line 37: @@
 Once configured, click open and the a shell should appear and prompt for your CIM username and password.
+=== Private servers ===
+To access private CIM servers, you'll need to configure an SSH proxy in PuTTY.  To do so, you'll need a version of putty >0.77 and navigate to ''Connection > Proxy'' and select SSH as the proxy type and specify the details of the jump host (barn.cim.mcgill.ca).
+===== File Access =====
+To transfer files to and from the CIM servers, you can use the ''scp'' (secure copy) command.
+==== From your local machine to a CIM server ====
+<code>
+scp <LOCALFILEPATH> <CIMUSERNAME>@barn.cim.mcgill.ca:/home/<GROUPDIRECTORY>/<CIMUSERNAME>/<DESTINATION>
+</code>
+==== From a CIM server to your local machine ====
+<code>
+scp <CIMUSERNAME>@barn.cim.mcgill.ca:/home/<GROUPDIRECTORY>/<CIMUSERNAME>/<REMOTEFILE> <DESTINATION>
+</code>
+It is also possible to define an ssh jump host to the scp commands by adding ''-j <CIMUSERNAME>@barn.cim.mcgill.ca'' to access files located locally on private servers.
+==== sshfs ====
+To mount directories with sshfs, while going through a jump host, the following command can be used:
+<code>
+sshfs -o ProxyJump=<cimUsername>@barn.cim.mcgill.ca <cimUsername>@<computerHostname>.cim.mcgill.ca:/home/<filesystem>/<directory> <localMountTarget>
+</code>
+If you prefer defining the jump host in your ssh_config file for more convenient access, you should specify the jump host and the target hostname separately, as such:
+<file>
+Host barn
+  HostName barn.cim.mcgill.ca
+  User <cimUsername>
+Host <computerHostname>
+  HostName <computerHostname>.cim.mcgill.ca
+  ProxyJump barn
+  User <cimUsername>
+</file>
+You can then use the following command to mount remote directories:
+<code>
+sshfs <computerHostname>:/home/<filesystem>/<directory> <localMountTarget>
+</code>
+==== Filezilla ====
+A more intuitive way to access your files is to use a file transfer client such as [[https://filezilla-project.org/index.php|filezilla]].
+To configure a connection to the CIM server, you'll have to define a new connection by navigating to ''File > Site Mananger'' and then clicking  ''New Site''.
+{{ ::filezilla1.png?direct |}}
+Set the protocol to ''SFTP'', the host to ''barn.cim.mcgill.ca'' and set your username.  You can then click ''Connect'' to connect to the CIM server.  You will then be able to access and transfer files.
+===== Sudo on CIM Workstations =====
+> "With great power comes great responsibility..." - Uncle Ben, Spiderman
+> "God, root, what is difference?" - Pitr, User Friendly
+Generally speaking, users do not have sudo/root access on CIM workstations. This is because, unlike Windows or MacOS, Linux gives much more power to the user. Windows will give you warnings and/or prevent you from erasing critical system files, whereas if you use sudo carelessly, Linux will delete the running kernel without so much as a warning.
+Things to consider as a user with sudo:
+  * sudo is the same as root which is the same as administrator.
+  * sudo can be used to break your system. If you share your system with other users, you can/will break the system for them too.
+  * If in doubt, ask us before trying something. Some things on CIM systems are done for a reason, or are configured in a specific way. There is often a reason for this.