translated by Google

Machine-translated page for increased accessibility for English questioners.

Remote graphical access to Nymph

Instructions for Windows 10 and Linux

Before logging in from Windows, it is necessary to activate the SSH client, see instructions .

1.

Open Windows PowerShell ( , tip: paste from the clipboard can be right-click, copy Enter ) or Bash shell ( ). We set a variable LOGIN (in the command below, replace "xlogin" with your faculty login):

  • Windows

     PS C:\Users\user> $LOGIN="xlogin"
    
  • Linux

     local$ LOGIN=xlogin
    

2.

We randomly select one of the permanently running ones Nymphs and also the port to be used for VNC:

  • Windows

     PS C:\Users\user> $NN= "0" + $(Get-Random -Maximum 3 -Minimum 1)
     PS C:\Users\user> $LC_PORT = $((5900 + $(Get-Random -Maximum 100)))
     PS C:\Users\user> echo $LC_PORT
    

    Make a note of the listed port number for later use.

  • Linux

     local$ NN=0$((RANDOM % 2 + 1)) && \
         export LC_PORT=$((5900 + RANDOM % 100)) && \
         echo $LC_PORT >/tmp/fi-nymfe-vnc-port
    

3.

Machinery Nymphs are only available from the FI network, so you need to log in via Aisu . We will connect via SSH, turn on compression and create a tunnel. You will need to enter the password twice (unless you are using an SSH key) and you will also need to confirm the SSH keys the first time you connect.

Note: Alternatively, it can be used faculty VPN , then there is no need to log in via the jump host, but you can log in directly.

  • Windows

    SSH in Windows has a bug (written in February 2020) that prevents the switch from working -J (jump host). However, this can be bypassed using a configuration file config in the home directory in the folder .ssh .

    Create a file C:\Users\user\.ssh\config ("user" is your Windows user) with the following content (replace "XLOGIN" with your faculty login):

     Host nymfe*.fi.muni.cz
         ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe XLOGIN@aisa.fi.muni.cz -W %h:%p
    

    Now we can join:

     PS C:\Users\user> ssh -C $LOGIN@nymfe$NN.fi.muni.cz -L $LC_PORT":localhost:"$LC_PORT
    
  • Linux

     local$ ssh -CJ $LOGIN@{aisa,nymfe$NN}.fi.muni.cz -L $LC_PORT:localhost:$LC_PORT -o SendEnv=LC_PORT
    

4.

We will set a random VNC password (this is suitable due to the possibility of attacking it with brute force while the VNC server is running), make a note of the password . You only need to do this step once the first time you use this guide, but you can also repeat it each time.

nymfe$ { pwgen 8 1 | tee /dev/std{out,err}; echo n; } | vncpasswd; echo

5.

We will ensure the setting of the type of graphic session (this step does not need to be repeated):

nymfe$ test -f ~/.dmrc || echo -e "[Desktop]\nSession=default" >~/.dmrc

6.

We will create a session x11vnc including creating a new X server. You can resize the remote desktop by adjusting the parameter -geometry . From Windows ( ) variable forwarding does not work, so replace "$ LC_PORT" in the command with the port number you obtained in step 2 .

nymfe$ x11vnc -auth .Xauthority -N -localhost -rfbport $LC_PORT -usepw -create -geometry 1280x1024

Do not close the terminal window.

7.

Connect from your machine to Nymph using a VNC client:

  • Windows

    For Windows you can download e.g. Real VNC Viewer (You can also select the standalone version without the need for installation).

    Address: localhost:LC_PORT (Replace "LC_PORT" with the port number from step 2 ).

    You don't have to worry about the warning about an unencrypted connection, the connection from your machine to the Nymph is encrypted thanks to the SSH tunnel.

  • Linux

     local$ vinagre localhost:$(cat /tmp/fi-nymfe-vnc-port)
    

Note: If you only see a black background with a white terminal ( xterm ), there seems to be a problem with the session settings. In this case, try to run it manually via this terminal:

xterm$ gnome-session

Correct end of the session

  • log out of the Gnome session, which will terminate the VNC client as well as the VNC and the X server (it may take a while, an estimated 20 seconds, before you receive the Log Out prompt: wait)
  • if the step above fails for any reason, exit x11vnc abbreviated Ctrl-C and run gnome-session-quit --force --logout
  • in any case, check the remains of the processes one after the other and kill them ( ps ux , kill PID , or if other graphics processes are not running on your machine, it may also help systemctl --user stop dbus ssh-agent gpg-agent )