Remote Access
This page describes remote access solutions. Most of them are provided by Aalto, but there are also instruction for accessing your workstations here. See Aalto Inside for more details.
Linux shell servers
Department servers have project, archive, scratch, etc mounted, so are good to use for research purposes.
CS:
magi.cs.aalto.fi
: Department staff server (no heavy computing, access to workstations and has file systems mounted, use thekinit
command first if project directories are not accessible)NBE:
amor.org.aalto.fi
, same as above.Math:
elliptic.aalto.fi
,illposed.aalto.fi
, same as above (but no project, archive and scratch directories)
-
kosh.aalto.fi
,lyta.aalto.fi
: Aalto, for general login use (no heavy compting)brute.aalto.fi
,force.aalto.fi
: Aalto, for “light computing” (expect them to be overloaded and not that useful). If you are trying to use these for research, you really want to be using Triton instead.viila.aalto.fi
: Staff server (access to workstations and has filesystems mounted, but you need to kinit to access them.) that is kind of outdated and different.
Your home directory is shared on all Aalto shell servers, and that means
.ssh/authorized_keys
as well.You can use any of these to mount things remotely via sshfs. This is easy on Linux, harder but possible on other OSs. You are on your own here. You still need
kinit
at the same time.The CS filesystems project and archive and Triton filesystems scratch and work are mounted on
magi
(andviila.aalto.fi
) (see storage).
For any of these, if you can’t access something, run kinit
!
VPN
To access certain things, you need to be able to connect to the Aalto networks. VPN is one way of doing that. This is easy and automatically set up on Aalto computers.
Main Aalto instructions. Below is some quick reference info.
Generic: OpenConnect/Cisco AnyConnect protocols.
vpn.aalto.fi
,vpn1.aalto.fi
orvpn2.aalto.fi
Aalto Linux: Status bar → Network → VPN Connections → Aalto TLS VPN.
Aalto mac: Dock → Launchpad → Cisco AnyConnect Secure Mobility Client
Aalto windows: Start → Search → AnyConnect
Personal Linux laptops: Use OpenConnect. Configuration on Ubuntu: Networks → Add Connection → Cisco AnyConnect compatible VPN. → Set Gateway to
vpn.aalto.fi
and User Agent toAnyConnect''. Then connect and use Aalto username/password. Or from the command line: ``openconnect https://vpn.aalto.fi --useragent=AnyConnect
. This requires a new enough OpenConnect, at least Ubuntu 23.10 has it.Personal mac: use Cisco AnyConnect VPN Client
personal windows: use Cisco AnyConnect VPN Client
SSH SOCKS proxy
If you need to access the Aalto networks, but can’t send all of your traffic through the Aalto network, you can use SSH + the SSH built in SOCKS proxy. Only use this on computers that only you control, since the proxy itself doesn’t have authentication.
Connect to an Aalto server using SSH with the -D
option:
$ ssh -D 8080 USERNAME@kosh.aalto.fi
Configure your web browser or other applications to use a SOCKS5 proxy
on localhost:8080
for connections. Remember to revert when done or
else you can’t connect to anything once the SSH tunnel stops (“proxy
refusing connections”).
The web browser extension FoxyProxy Standard (available on many web browsers despite the name) may be useful here, because you can direct only the domains you want through the proxy.
Go to the FoxyProxy options
Configure a proxy with some title (“Aalto 8080” for example), Proxy type SOCKS5, Proxy IP 127.0.0.1 (localhost), port 8080 (or whatever you used in the ssh command, no username or password.
Save and edit patterns
Add a new pattern (“New White”) and use a pattern you would like, for example
*.aalto.fi
, and make sure it’s enabled.Save
Now, in this browser, when you try to access anything at
*.aalto.fi
, it will go through the SOCKS proxy and appear to come
from the computer to which you connected. By digging around in
options or using the extension button, you can direct everything
through a proxy and so on.
This can actually also be used for SSH on linux at least (install the
program netcat-openbsd
):
ssh -o 'ProxyCommand=nc -X 5 -x 127.0.0.1:8123 %h %p' HOSTNAME
Remote mounting of network filesystems
See also
Accessing your Linux workstation / Triton remotely
Remote access to desktop workstations is available via the university staff shell servers
viila.aalto.fi
or department-specific serversmagi.cs.aalto.fi
(CS),amor.org.aalto.fi
(NBE),elliptic.aalto.fi
/illposed.aalto.fi
(Math).You need to be the PrimaryUser of the desktop in order to ssh to it.
Remote access to Triton is available from any Aalto shell server:
viila
,kosh.aalto.fi
, etc.When connecting from outside Aalto, you have to use both SSH keys and a password, or use the VPN.
See SSH for generic SSH instructions.
SSHing directly to computers using openssh ProxyJump:
Put this in your .ssh/config file under the proper Host line:
ProxyJump viila.aalto.fi
(or for older SSH clients,ProxyCommand ssh viila.aalto.fi -W %h:%p
).Note that unless your local username matches your Aalto username, or unless you have defined the username for
viila.org.aalto.fi
elsewhere in the SSH config, you will have to use the formataaltousername@viila.org.aalto.fi
instead.
Remote desktop
Aalto has remote desktops available at https://vdi.aalto.fi and http://mfavdi.aalto.fi/. This works from any network.
There are both Windows and Linux desktops available. They are
arranged as virtual machines with the normal desktop installations, so
have access to all the important filesystems and all /m/{dept}/...
.