Remote graphical access to Nymph
Instructions for Windows 10 and Linux
Before logging in from Windows, it is necessary to activate the SSH client, see instructions .
1.
Open Windows PowerShell (
, tip: paste from the clipboard can be right-click, copy
Enter
) or Bash shell (
). We set a variable
LOGIN
(in the command below, replace "xlogin" with your faculty login):
-
Windows
PS C:\Users\user> $LOGIN="xlogin"
-
Linux
local$ LOGIN=xlogin
2.
We randomly select one of the permanently running ones Nymphs and also the port to be used for VNC:
-
Windows
PS C:\Users\user> $NN= "0" + $(Get-Random -Maximum 3 -Minimum 1) PS C:\Users\user> $LC_PORT = $((5900 + $(Get-Random -Maximum 100))) PS C:\Users\user> echo $LC_PORT
Make a note of the listed port number for later use.
-
Linux
local$ NN=0$((RANDOM % 2 + 1)) && \ export LC_PORT=$((5900 + RANDOM % 100)) && \ echo $LC_PORT >/tmp/fi-nymfe-vnc-port
3.
Machinery Nymphs are only available from the FI network, so you need to log in via Aisu . We will connect via SSH, turn on compression and create a tunnel. You will need to enter the password twice (unless you are using an SSH key) and you will also need to confirm the SSH keys the first time you connect.
Note: Alternatively, it can be used faculty VPN , then there is no need to log in via the jump host, but you can log in directly.
-
Windows
SSH in Windows has a bug (written in February 2020) that prevents the switch from working
-J
(jump host). However, this can be bypassed using a configuration fileconfig
in the home directory in the folder.ssh
.Create a file
C:\Users\user\.ssh\config
("user" is your Windows user) with the following content (replace "XLOGIN" with your faculty login):Host nymfe*.fi.muni.cz ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe XLOGIN@aisa.fi.muni.cz -W %h:%p
Now we can join:
PS C:\Users\user> ssh -C $LOGIN@nymfe$NN.fi.muni.cz -L $LC_PORT":localhost:"$LC_PORT
-
Linux
local$ ssh -CJ $LOGIN@{aisa,nymfe$NN}.fi.muni.cz -L $LC_PORT:localhost:$LC_PORT -o SendEnv=LC_PORT
4.
We will set a random VNC password (this is suitable due to the possibility of attacking it with brute force while the VNC server is running), make a note of the password . You only need to do this step once the first time you use this guide, but you can also repeat it each time.
nymfe$ { pwgen 8 1 | tee /dev/std{out,err}; echo n; } | vncpasswd; echo
5.
We will ensure the setting of the type of graphic session (this step does not need to be repeated):
nymfe$ test -f ~/.dmrc || echo -e "[Desktop]\nSession=default" >~/.dmrc
6.
We will create a session
x11vnc
including creating a new X server. You can change the dimensions of the remote desktop by adjusting the parameter
-geometry
. From Windows (
) variable forwarding does not work, so
replace "$ LC_PORT" in the command with the port number you obtained in step
2 .
nymfe$ x11vnc -auth .Xauthority -N -localhost -rfbport $LC_PORT -usepw -create -geometry 1280x1024
Do not close the terminal window.
7.
Connect from your machine to Nymph using a VNC client:
-
Windows
For Windows you can download e.g. Real VNC Viewer (You can also select the standalone version without the need for installation).
Address:
localhost:LC_PORT
(Replace "LC_PORT" with the port number from step 2 ).You don't have to worry about the warning about an unencrypted connection, the connection from your machine to the Nymph is encrypted thanks to the SSH tunnel.
-
Linux
local$ vinagre localhost:$(cat /tmp/fi-nymfe-vnc-port)
Note: If you only see a black background with a white terminal (
xterm
), there seems to be a problem with the session settings. In this case, try to run it manually via this terminal:
xterm$ gnome-session
Correct end of the session
- log out of the Gnome session, which will terminate the VNC client as well as the VNC and the X server (it may take a while, an estimated 20 seconds, before you receive the Log Out prompt: wait)
- if the step above fails for any reason, exit
x11vnc
abbreviatedCtrl-C
and rungnome-session-quit --force --logout
- in any case, check the remains of the processes one after the other and kill them (
ps ux
,kill PID
, or if other graphics processes are not running on your machine, it may also helpsystemctl --user stop dbus ssh-agent gpg-agent
)