Access workarounds
THIS PAGE IS OBSOLETE: siku.ace-net.ca is now accessible from the internet. --2020 March 6
Before ACENET can make Siku.ace-net.ca accessible from anywhere in the world, MUN must complete a Vulnerability Assessment (VA) to ensure that our login nodes meet the university's security standards. Until the VA is completed, Siku users from outside MUN have to get in via Placentia.ace-net.ca. --2019 Nov 8
Contents
Two-step solution
Using whatever software you would normally use to make an SSH connection:
[you@localhost ~]$ ssh you@placentia.ace-net.ca ...login messages... you@placentia: ~ $ ssh siku.ace-net.ca [you@login1 ~]$
Transferring files into Siku with this model involves moving them first to Placentia, then to Siku, and likewise two steps for transfers out. However, you can initiate a transfer from Siku (login nodes) to any site on the Internet. So if the transfer is to or from an internet-accessible machine, it can be done in one step using one of the command-line data-transfer tools on Siku, such as rsync, scp, sftp, or wget.
Tunnelling solutions
Alternatively, you can set up an SSH tunnel between your workstation and Siku, through Placentia. This requires some (fairly minimal) familiarity with port numbers, and the precise details depend on the SSH client software you are using.
Command-line port forwarding
Any text-based terminal connection, e.g. MobaXterm, or a Mac or Linux machine using the terminal will work very similarly to this. The specific instructions given below were tested with MobaXterm v12.3.
1. Start two local terminals.
2. On one local terminal, set up an SSH tunnel on Placentia between local port 8022 and remote port 22, like so:
ssh -L 8022:siku.ace-net.ca:22 you@placentia.ace-net.ca
Port number 22 is used by SSH as well as the sftp and scp file-transfer protocols. The choice of local port number 8022 is somewhat arbitrary, but we don't advise picking a random number here; you might unintentionally interfere with some other function.
3. On the other local terminal, connect to the local port 8022. This will connect you, via the tunnel, to Siku:
ssh -p 8022 you@localhost sftp -P 8022 you@localhost
Note that you here still stands for your username on Siku.
SSH config file
Most SSH command-line clients also support the use of a config file, typically ~/.ssh/config
Adding the following lines to your config file and replacing username with your username,
should allow you to connect to Siku with just ssh siku.
Host placentia
User username
Hostname placentia.ace-net.ca
Host siku
User username
Hostname siku.ace-net.ca
ProxyCommand ssh -q -W %h:%p placentia
(Thanks to F.N.C.S. for this suggestion.)
MobaXterm
You can use MobaXterm's graphical interface to accomplish the same thing.
Sessions --> New Session --> SSH --> Basic SSH settings Remote host: siku.ace-net.ca Port: 22
Sessions --> New Session --> SSH --> Network settings --> SSH gateway (jump host) Gateway SSH server: placentia.ace-net.ca Port: 22
PuTTY
MORE TO COME...