translated by Google

Machine-translated page for increased accessibility for English questioners.

Remote graphical access to Nymph

Instructions for Windows 10 and Linux

Before logging in from Windows, it is necessary to activate the SSH client, see instructions .

1.

Open Windows PowerShell ( , tip: paste from the clipboard can be right-click, copy Enter ) or Bash shell ( ). We set a variable LOGIN (in the command below, replace "xlogin" with your faculty login):

  • Windows

    PS C:\Users\user> $LOGIN="xlogin"
    
  • Linux

    local$ LOGIN=xlogin
    

2.

We will randomly select one of the permanently running ones Nymphs and also the port to be used for VNC:

  • Windows

    PS C:\Users\user> $NN= "0" + $(Get-Random -Maximum 3 -Minimum 1)
    PS C:\Users\user> $LC_PORT = $((5900 + $(Get-Random -Maximum 100)))
    PS C:\Users\user> echo $LC_PORT
    

    Make a note of the listed port number for later use.

  • Linux

   local$ NN=0$((RANDOM % 2 + 1)) && \
       export LC_PORT=$((5900 + RANDOM % 100)) && \
       echo $LC_PORT >/tmp/fi-nymfe-vnc-port

3.

Machinery Nymphs are only available from the FI network, so you need to log in via Aisu . We connect via SSH, turn on compression, and create a tunnel. You will need to enter the password twice (if you do not use an SSH key) and you will also need to confirm the SSH keys the first time you connect.

Note: Alternatively, it can be used faculty VPN , then there is no need to log in via the jump host, but you can log in directly.

  • Windows

    Windows SSH has a bug (written in February 2020) that prevents the switch from working -J (jump host). However, this can be bypassed using a configuration file config in the home directory in the folder .ssh .

    Create a file C:\Users\user\.ssh\config ("user" is your Windows user) with the following content (replace "XLOGIN" with your faculty login):

     Host nymfe*.fi.muni.cz
         ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe XLOGIN@aisa.fi.muni.cz -W %h:%p
    

    Now we can join:

     PS C:\Users\user> ssh -C $LOGIN@nymfe$NN.fi.muni.cz -L $LC_PORT":localhost:"$LC_PORT
    
  • Linux

   local$ ssh -CJ $LOGIN@{aisa,nymfe$NN}.fi.muni.cz -L $LC_PORT:localhost:$LC_PORT -o SendEnv=LC_PORT

4.

We will set a random VNC password (this is suitable due to the possibility of attacking it with brute force while the VNC server is running), make a note of the password . You only need to do this step once the first time you use this guide, but you can also repeat it each time.

nymfe$ { pwgen 8 1 | tee /dev/std{out,err}; echo n; } | vncpasswd; echo

5.

We will ensure the setting of the type of graphic session (this step does not need to be repeated):

nymfe$ test -f ~/.dmrc || echo -e "[Desktop]\nSession=default" >~/.dmrc

6.

We will create a session x11vnc including creating a new X server. You can resize the remote desktop by adjusting the parameter -geometry . From Windows ( ) variable forwarding does not work, so replace "$ LC_PORT" in the command with the port number you obtained in step 2 .

nymfe$ x11vnc -auth .Xauthority -N -localhost -rfbport $LC_PORT -usepw -create -geometry 1280x1024

Do not close the terminal window.

7.

Connect from your machine to Nymph using a VNC client (use the password from step 4 ):

  • Windows

    For Windows you can download e.g. Real VNC Viewer (you can also select the standalone version without the need for installation).

    Address: localhost:LC_PORT (Replace "LC_PORT" with the port number from step 2 ).

    You do not have to worry about the warning about an unencrypted connection, the connection from your machine to Nymph is encrypted thanks to the SSH tunnel.

  • Linux

    local$ vinagre localhost:$(cat /tmp/fi-nymfe-vnc-port)
    

Note: If you only see a black background with a white terminal ( xterm ), there seems to be a problem with the session settings. In this case, try to run it manually via this terminal:

xterm$ gnome-session

Correct end of the session

  • log out of the Gnome session, which will terminate the VNC client as well as the VNC and the X server (it may take a while, an estimated 20 seconds, before you receive the Log Out prompt: wait)
  • if the above step fails for any reason, quit x11vnc in short Ctrl-C and run gnome-session-quit --force --logout
  • in any case, check the remains of the processes one by one and kill them ( ps ux , kill PID , or if other graphics processes are not running on your machine, it may also help systemctl --user stop dbus ssh-agent gpg-agent )