Hugonweb | Cygwin

Setup Cygwin on Windows to Login to Linux

Follow the Cygwin installation guide:

https://cygwin.com/cygwin-ug-net/setup-net.html#internet-setup

https://cygwin.com/setup-x86_64.exe

Install these packages:

Run these commands:

echo "export DISPLAY=:0.0" >> ~/.bashrc
mkdir -p ~/.ssh
nano ~/.ssh/config

now you are editing the config file for ssh. Add this text to the file:

Host *
  ServerAliveInterval 30

Host pserv
  HostName pserv.phys.lsu.edu
  ForwardX11 yes
  ForwardX11Trusted yes

Host p01
  HostName p01.phys.lsu.edu
  ForwardX11 yes
  ForwardX11Trusted yes

Host p02
  HostName p02.phys.lsu.edu
  ForwardX11 yes
  ForwardX11Trusted yes

Host p03
  HostName p03.phys.lsu.edu
  ForwardX11 yes
  ForwardX11Trusted yes

Host p04
  HostName p04.phys.lsu.edu
  ForwardX11 yes
  ForwardX11Trusted yes

Host p05
  HostName p05.phys.lsu.edu
  ForwardX11 yes
  ForwardX11Trusted yes

Host *.fnal.gov
  ForwardAgent yes
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes

Host dunegpvm01
  HostName dunegpvm01.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm02
  HostName dunegpvm02.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm03
  HostName dunegpvm03.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm04
  HostName dunegpvm04.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm05
  HostName dunegpvm05.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm06
  HostName dunegpvm06.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm07
  HostName dunegpvm07.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm08
  HostName dunegpvm08.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm09
  HostName dunegpvm09.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes
Host dunegpvm10
  HostName dunegpvm10.fnal.gov
  ForwardX11 yes
  ForwardX11Trusted yes
  GSSAPIAuthentication yes
  GSSAPIDelegateCredentials yes

Host neutplatform
  HostName neutplatform.cern.ch
  ProxyCommand ssh -A -W %h:%p -q lxplus
  ForwardX11 yes
  ForwardX11Trusted yes
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null 

Host lxplus
  HostName lxplus7.cern.ch
  ForwardAgent yes
  ForwardX11 yes
  ForwardX11Trusted yes

and press control-X to exit and save the file. Then run:

chmod -R go-rwx ~/.ssh

to make sure only you have permissions in your ssh config folder.

Fermilab

First, to download a necessary file, you need to install and login to the Fermilab VPN. Go to:

https://vpn.fnal.gov

Download the anyconnect VPN client and install it. Run anyconnect and connect to vpn.fnal.gov

Now you can go here and download the Windows krb5.conf: http://metrics.fnal.gov/authentication/krb5conf/

After the download finishes you can disconnect from the VPN (using an icon in the taskbar).

Finally, copy that file to (by default)1: C:cygwin64etc or inside a cygwin terminal: /etc

Now you can try to get a Kerberos token:

kinit <your fermilab username>@FNAL.GOV

Using VNC

kinit <your fermilab username>@FNAL.GOV
ssh dunegpvm03

once logged into dunegpvm03 (or another of the dunegpvms):

vncserver -list # make sure you don't already have a vncserver running
vncserver # start a new vncserver
vncserver -list # see the running vncserver
exit

take note of the \"X DISPLAY #\" shown with vncserver -list. Now ssh to dunegpvm03 again, but this time open up a tunnel to port 5900 + the display number, e.g. display number 3 use port 5903:

ssh -L 5903:localhost:5903 dunegpvm03

leave that terminal open, and open a new cygwin terminal (run cygwin again from the desktop shortcut or start menu).

In this window, run startxwin. That starts up the graphical Linux window system on your computer. Leave it running.

Finally, open another cygwin terminal and run vncviewer. You want to connect to localhost:5900 + your x display number so for the example of 3 shown before you use: localhost:5903. You then put in your fermilab password. Now you have a graphical desktop on a fermilab computer.

Instead of the startxwin and vncviewer parts, you could have installed the TigerVNC VNC viewer on Windows and connect with that.

The VNC server on the dunegpvm will keep running even if you loose your ssh connection. This can be useful to leave programs running for a while. It does take up resources on the server, so it is good to kill it when you are done. For x display number 3, you run:

vncserver -kill :3

on the dunegpvm to shutdown the VNC server.

  1. https://home.fnal.gov/~jamieson/cygwin.html