Difference between revisions of "Login"

From HPC users
Jump to navigationJump to search
Line 137: Line 137:
Should you want to use SSH keys, just follow these instructions:
Should you want to use SSH keys, just follow these instructions:


=== SSH Keys on Windows Client ===
=== Login with SSH Keys on Windows Client ===
Microsoft started to roll out [https://www.howtogeek.com/336775/how-to-enable-and-use-windows-10s-built-in-ssh-commands/ its own ssh client]. But since it is not available on every Windows installation (and/or has to be activated), we use the SSH standard tool [https://www.putty.org/ puTTY]. <br/>
Microsoft started to roll out [https://www.howtogeek.com/336775/how-to-enable-and-use-windows-10s-built-in-ssh-commands/ its own ssh client]. But since it is not available on every Windows installation (and/or has to be activated), we use the SSH standard tool [https://www.putty.org/ puTTY]. <br/>


Line 144: Line 144:
Now, you will need to start the .msi file and click through the installation. You will need administrator privileges at this point. <br/>
Now, you will need to start the .msi file and click through the installation. You will need administrator privileges at this point. <br/>
Afterwards, start the the program ''PuTTYgen'' by searchig for it on the windows search bar. The standard configuration is what we need: A 2048 bit long RSA key. Click ''Generate'' and you will be asked to move around the mouse a bit to generate some randomness.
Afterwards, start the the program ''PuTTYgen'' by searchig for it on the windows search bar. The standard configuration is what we need: A 2048 bit long RSA key. Click ''Generate'' and you will be asked to move around the mouse a bit to generate some randomness.
This produces two keys:
* Private key: This key is pnly for you and your devices. '''You must not hand this out to anybody!'''
* Public key: This key can be transferred to any machine or person you want to and belongs to the host machine that you want to work on.


=== SSH Keys on Linux Client ===
Now, save the two keys on your ocal machine via the save buttons. But before closing PuTTYgen, save the public key text at the upper box: right click -> seect all -> right click -> copy


=== Login with SSH Keys on Linux Client ===


== VPN: Internet / From Home==
== VPN: Internet / From Home==

Revision as of 09:23, 27 November 2019

Login nodes

The cluster provides four login servers that allow you to connect to the cluster (e.g. for submitting and monitoring jobs or editing of files). The login servers can be reached using the hostnames

carl.hpc.uni-oldenburg.de
eddy.hpc.uni-oldenburg.de

Using either of the two hostnames will connect you to one of the login servers which have the hostnames

hpcl00[1-4].hpc.uni-oldenburg.de

and are assigned in an round-robin fashion (to distribute the load on the login servers). You can also use these hostname to login to a specific server but should only be used when needed.

Intranet

If you want to connect to the cluster from a windows computer, you can use your favorite ssh client (MobaXterm, PuTTY, OpenSSH, WinSCP) on Windows- and Linux-Computers or the command line (primarily on Linux-computers).

Connect to CARL/EDDY using MobaXterm

"MobaXterm" is the recommend way to connect to the cluster from a Windows computer. The following lines will describe the basic usage of the program.

The newest version of MobaXterm can always be found here: Download

After downloading and installing you are ready to use the program. Once you opened it, click on "Session" in the top left corner. Fill in the following informations:

Connect

If you want to connect to EDDY, simply replace "carl" with "eddy" (-> eddy.hpc.uni.oldenburg.de).

As always, replace "abcd1234" with your own username. There are many settings that can be modified, for this example we will not change them though. Confirm by clicking on "OK". A new tab will open and you will be prompted to enter your password.

Password

After typing it in and confirming it with ENTER you are succesfully connected to the cluster.

You will probably immediatly see a big difference to other ssh clients: you can easily browse through the folders on the clusters without using the command line. The sidebar will look like this:

Folders

You can even drag&drop files on the cluster with this sidebar, which makes handling files very easy.


Connect to CARL/EDDY using PuTTY

We recommend to use "mobaXterm" since it offers more features and is more user-friendly. Nonetheless its your choise and if you want to use PuTTY you can follow these instructions:

Download the latest version of PuTTY from this link: Download

Enter the url "carl.hpc.uni-oldenburg.de" under the field "Host Name (or IP adress)":

PuTTY

Make sure the Port is set to "22" and the connection type is "SSH". Confirm by pressing the button "Open".

A new windows will popup and you have to type in your username (e.g. "abcd1234):

PuTTY

After you confirmed by pressing ENTER, you will be asked for your password. Type it in and confirm with ENTER again. You are now connected to the cluster.

If you want to connect to EDDY, simply replace "carl" with "eddy" (-> eddy.hpc.uni.oldenburg.de).

If you want to copy files from or on the cluster, you will have to use the program "WinSCP".


Connect to CARL/EDDY using the command line

Users of CARL can connect by typing:

ssh abcd1234@carl.hpc.uni-oldenburg.de

Similarly, users of EDDY login by typing:

ssh abcd1234@eddy.hpc.uni-oldenburg.de

If you want to use graphical applications on the login nodes (e.g. an editor like gedit) you need to enable X-forwarding:

ssh -X abcd1234@carl.hpc.uni-oldenburg.de

Connect to CARL/EDDY using the Remote Desktop Protocol

If you need a graphical user interface (GUI) when using the cluster, and X-forwarding is not sufficient or does not perform as needed, then you can use the Remote Desktop Protocol (RDP) to connect to the HPC cluster. Using RDP, you can open a Linux desktop on a special login node (hpcl005.hpc.uni-oldenburg.de) and use applications with a GUI as if you are sitting directly at the login node. To use RDP, you simply need a RDP client program, which is available for all common operating systems (see below for Windows and Linux).

In addition to the better graphics performance compared to X11-forwarding, the remote desktop also keeps running when your connection to the cluster gets lost. Once you have reconnected, you can continue working where you left. You need to actively logout from the remote desktop to shutdown your session.

Please be aware, that the login node hpcl005 has limited resources and is less powerful than the standard login nodes. If your GUI applications requires compute power, it is recommended that you run an interactive session on one of the compute nodes (see below).

Remote Desktop Connection from a Windows machine

Windows natively supports RDP and provides a client program for it. To start the client just search for 'remote desktop' within the start menus search function and select the corresponding program that pops up. Now, you type into the input mask the following server adress and press enter:

 hpcl005.hpc.uni-oldenburg.de

After that, a certificate warning may appear which you can safely ignore (just confirm to continue). Next, a login screen should appear and you have to type in your your credentials. Just use the same login information that you would enter when accessing the cluster the usual way. Finally, a Red desktop environment will open and you can start a termial from the application menue in the top left. If you have ever worked with a virtual linux machine (e.g. VirtualBox, VMWare), this should be familiar to you. To logout, click the power button symbol in the top right and then your name.

Once you have started a terminal, you can start working just like you would on a standard HPC session with the benefit of having a real desktop environment for applications with a GUI. As an example, we coud start gnuplot:
If you have not done yet, open a terminal by clicking Applications at the upper left corner and clicking on terminal.
Now you change the environment, load the module and start the program:

hpcl005$ module load hpc-env/6.4
hpcl005$ module load gnuplot
hpcl005$ gnuplot
gnuplot> plot sin(x)

After a short while, the windows with the plot of the sine functions will appear.

Desktop Access via Linux

Various RDP clients exist for Linux, and depending on your distribution, one is maybe already installed by default. Exemplarily, we use the client Remmina which comes natively on a lot of distributions, like Ubuntu. If you cannot start remmina directly, you could install it or use a different tool that supports RDP. CentOS users have to use the built in Remote Desktop Viewer Vinagre, for which the usage is quite self-explanatory.

The following instructions will show you how to start a RDP session with Remmina, but should be applicable to other clients as well:
Start the tool by opening a terminal and typing in remina or. Now you fill in the form as follows:

Remmina hpcl005.png

  • Name: The name for the connection is for you to decide.
  • Server: This is the login nodes server name.
  • User name: The username that you use for every other university service as well.
  • User password: The same goes for the password.
  • Color Depth: If you get an error message when leavin this on standard, try True colour (32 bpp)

When you finished filling out the mask, click 'Save as Default' and then 'Save and Connect'. Now you will directed to the node. You may have to enter your credentials again, but after that you are good to go!

Desktop Access via Mac

For Mac, there is a simple solution to get a visual access to our X11 login note: Microsoft Remote Desktop 10.
(The HPC support team didn't test it though!)
Although this is a program for accessing Windows machines, it can be used to get access to linux machines as well.
Just download and install it from the app store, start the program and type in the host name (hpcl005.hpc.uni-oldenburg.de), your login name and the password.
For more information you can visit the programs support website

Important: Best Practices

If you are using an RDP connection to hpcl005, please be kind to other and aware of the following

  • Save System Resources!
    • hpcl005 is a login node with very few ressources. So please do not carry out heavy computations on this node! Instead run them remotely on a compute node using an interactive SLURM job (in particular, take note of the command srun.x11 that allows you to run graphical applications on a compute node). The login node hpcl005 is only intended for users who are dependent on a graphical interface and is designed for short testing sequences.
  • Log out!
    • When you have finished your work on hpcl005, please quit your programs within the terminal and finally log out of the graphic node. You can do this by clicking the 'power button' on the upper right corner and selecting your name which is displayed on the menu. Now you should see a Log Out option.

Creating and Using SSH Keys

SSH Keys can make using SSH a bit more comfortable, because they bypass the password prompt.
Should you want to use SSH keys, just follow these instructions:

Login with SSH Keys on Windows Client

Microsoft started to roll out its own ssh client. But since it is not available on every Windows installation (and/or has to be activated), we use the SSH standard tool puTTY.

First of all, you need to download PuTTY. Click here and download the newest .msi file fitting your system (if you are not using an ancient PC, you very likely have to chose the 64-bit installer).

Now, you will need to start the .msi file and click through the installation. You will need administrator privileges at this point.
Afterwards, start the the program PuTTYgen by searchig for it on the windows search bar. The standard configuration is what we need: A 2048 bit long RSA key. Click Generate and you will be asked to move around the mouse a bit to generate some randomness. This produces two keys:

  • Private key: This key is pnly for you and your devices. You must not hand this out to anybody!
  • Public key: This key can be transferred to any machine or person you want to and belongs to the host machine that you want to work on.

Now, save the two keys on your ocal machine via the save buttons. But before closing PuTTYgen, save the public key text at the upper box: right click -> seect all -> right click -> copy


Login with SSH Keys on Linux Client

VPN: Internet / From Home

If you want to work from home or from any other place outside of the campus network, you have to establish a VPN tunnel to the university's intranet. After that, you can login to CARL or EDDY via ssh as described above. See the following instructions on how to setup the VPN tunnel (please note, that IT services have recently changed to the new provider/protocol GlobalProtect for VPN. The old Cisco VPN will be available for some time but eventually removed, of course not before an announcement):

Windows

Download the VPN-Client from this web site and install it following the instructions of the IT Services.

After installing the software, you only will be prompted for your university user name and password once.

Linux

Download and Installation

At first, you will need the installation file from here.

  • For Debian and derivates (e.g. Ubuntu) you will need the .deb file.
  • For Red Hat, Centos, Fedora, Mandriva, OpenSUSE etc. you will need the .rpm file.
  • If you want/need, you can get the source files with the .tgz file should you need to compile the software by yourself.

Now, you need to install the downloaded packet:

For Red Hat, Centos, Fedora, Mandriva, OpenSUSE etc.:

sudo rpm –ivh /path/to/GlobalProtect_rpm_x86_...rpm

For Debian and derivates (e.g. Ubuntu):

sudo dpkg –i /path/to/GlobalProtect_deb_x86_...deb

Alternatively, you can change to the same directory as the downloaded file and make sure that you type in the missing version. e.g.:

cd ~/Downloads
sudo rpm –ivh ./GlobalProtect_rpm_x86_64-5.0.1.0-10.rpm

After the installation, the executable globalprotect is callable from the command line.

Configuration

With globalprotect connect to the portal v.uol.de <br\> Type in your credentials when asked.

$ globalprotect connect --portal v.uol.de 
username: <Nutzerkontoname>
password: <Nutzerkontopasswort>

Connecting...

Connected

Status and Connection Details

You can always check whether your connection is set up or not:

$ globalprotect show  --status

Should you want to know more details about the current connection, you can type in:

$ globalprotect show  --details

Finally, if you need to disconnect your VPN connection, you can use

$ globalprotect disconnect

Special Case: Linux Mint

If you are using Linux Mint 19, you will additionally need to patch Global Protect after the installation. <br\> This is what you have to do:

$ wget https://uol.de/fu/itdienste/download/update_gp_client.sh
$ sudo sh update_gp_client.sh


Fall back method If, after trying the above, you cannot setup you VPN using the Global Protect, you can try to install openconnect with

sudo apt-get install network-manager-openconnect-gnome

After that, you can set up a connection with the terminal command:

sudo openconnect --protocol=gp v.uol.de

As long as the terminal stays open, every packet will be sent through the universitys network first. To terminate the connection, just close the Terminal or type in STRG + c