Translated using DeepL

Machine-translated page for increased accessibility for English questioners.

Page in original, Czech language.

Remote graphical access on Nymph

Instructions for Windows 10 and Linux

You need to activate the SSH client before logging in from Windows, see the instructions.

1.

Open the Windows PowerShell ( , hint: you can paste from the clipboard by right-clicking, copy Enter), or the Bash shell ( ). Set the variable LOGIN (in the command below, replace "xlogin" with your faculty login):

  • Windows 

    PS C:\Users\user> $LOGIN="xlogin"

  • Linux 

    local$ LOGIN=xlogin

2.

Randomly select one of the permanently running Nymphs and also the port to use for VNC:

  • Windows 

    PS C:\Users\user> $NN= "0" + $(Get-Random -Maximum 3 -Minimum 1)
PS C:\Users\user> $LC_PORT = $((5900 + $(Get-Random -Maximum 100)))
PS C:\Users\user> echo $LC_PORT

    Make a note of the port number for later use.

  • Linux 

   local$ NN=0$((RANDOM % 2 + 1)) && \
       export LC_PORT=$((5900 + RANDOM % 100)) && \
       echo $LC_PORT >/tmp/fi-nymfe-vnc-port

3.

The Nymfe machines are only accessible from the FI network, so you will need to log in via Aisu. We will connect via SSH, turn on compression, and create a tunnel. You will need to enter the password twice (unless you are using an SSH key), and you will also need to confirm the SSH key the first time you connect.

Alternatively, you can use a faculty VPN- then there is no need to use jump host when logging in via SSH.

  • Windows

    SSH in Windows has a bug (written in February 2020) that makes the -J (jump host) switch not work. However, this can be worked around by using the config configuration file in the home directory under the .ssh folder.

    Create a file C:\Users\user\.ssh\config ("user" is your Windows user) with the following content (replace "XLOGIN" with your faculty login):

     Host nymfe*.fi.muni.cz
     ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe XLOGIN@aisa.fi.muni.cz -W %h:%p

    We can now connect:

     PS C:\Users\user> ssh -C $LOGIN@nymfe$NN.fi.muni.cz -L $LC_PORT":localhost:"$LC_PORT

  • Linux 

   local$ ssh -CJ $LOGIN@{aisa,nymfe$NN}.fi.muni.cz -L $LC_PORT:localhost:$LC_PORT -o SendEnv=LC_PORT

4.

Set a random VNC password (this is appropriate due to the possibility of a brute force attack while the VNC server is running), make a note of the password. You only need to do this step once the first time you use this tutorial, but you can also repeat it each time.

nymfe$ { pwgen 8 1 | tee /dev/std{out,err}; echo n; } | vncpasswd; echo

5.

Secure the graphical session type settings (this step does not need to be repeated):

nymfe$ test -f ~/.dmrc || echo -e "[Desktop]\nSession=default" >~/.dmrc

6.

Create a session x11vnc including the creation of a new X server. You can resize the remote desktop by editing the -geometry parameter. Variable forwarding does not work from Windows ( ), so replace "$LC_PORT" in the command with the port number you obtained in step 2.

nymfe$ x11vnc -auth .Xauthority -N -localhost -rfbport $LC_PORT -usepw -create -geometry 1280x1024

Do not close the terminal window.

7.

Connect from your machine to Nymfe using the VNC client (use the password from step 4):

  • Windows

    For Windows, you can download e.g. Real VNC Viewer (you can also select the standalone version without installation).

    Address: localhost:LC_PORT ("LC_PORT" replace the port number from step 2).

    Don't be alarmed by the warning about the unencrypted connection, the connection from your machine to Nymfe is encrypted thanks to the SSH tunnel.

  • Linux 

    local$ vinagre localhost:$(cat /tmp/fi-nymfe-vnc-port)

Note: If you only see a black background with a white terminal ( xterm), there is probably a problem with the session settings. In this case, try to start it manually via this terminal:

xterm$ gnome-session

Correct session termination

  • Log out of the Gnome session, which will terminate the VNC client as well as the VNC and X server (it may take a while, estimated 20 seconds, before you get the Log Out: wait prompt)
  • if the step above fails for some reason, exit x11vnc with the shortcut Ctrl-Cand run gnome-session-quit --force --logout
  • in any case, check for any leftover processes and kill them ( ps ux, kill PID, or if you don't have any other graphics processes running on your machine, systemctl --user stop dbus ssh-agent gpg-agent may also help )