UvA network access from remote desktop

For security reasons the only system directly accesible from outside the network is staff.science.uva.nl (alias mremote.science.uva.nl) and only through a secure shell (ssh/sftp) connection. If you want direct access to any other linux/unix machine you need to use SSH tunneling to forward an SSH connection to it. Here is how to setup and use a tunnel:

1) ssh to staff.science.uva.nl
2) setup a tunnel with: ssh -g -L <portNr>:<hostname>:22 staff.science.uva.nl

where:

<portNr>: incomming port to staff.science.uva.nl

<hostname>: the hostname to which you want to connect
For <portNr> choose a port that is higher than say 1000 and not in use. Ports in use can be listed by:

• netstat -an | egrep ‘( LISTEN | ESTABLISHED )’ | awk ‘{print $1}’

Here is an example to access system u003453.science.uva.nl:

• ssh -g -L 11111:u003453.science.uva.nl:22 staff.science.uva.nl

3) Use the tunnel. Here are some ways in which we can now use our example tunnel for direct access to system u003453 from any location:

• ssh -p 11111 staff.science.uva.nl
• scp -P 11111 staff.science.uva.nl:/home/username/somefile.txt ./
• sshfs -p 11111 staff.science.uva.nl:/scratch /home/localname/existingDir

Do not use tunnels to transfer large amounts of data as the staff server is used by many others.

The last example shows how to access (mount) a ‘scratch’ partition from outside the network. Typically a ‘scratch’ partition is found on each unix-like system in the network. Beware, the ‘scratch’ partitions provide alot of disk space but there is no backup policy and the disk can in principal be removed without warning.

See for more details: ssh port forwarding.

All the information here were taken from Bas Terwijn’s webpage.