VNC from Mac to Psych-o

Port forwarding via SSH (SSH tunneling) creates a secure connection between a local computer and a remote machine through which services can be relayed. Because the connection is encrypted, SSH tunneling is useful for transmitting information that uses an unencrypted protocol, such as IMAP, VNC, or IRC.

Initial Setup (should only have to do these steps once)

From a terminal window on your MacOS machine, type the following: [ replace <display port> with desired display port and replace <username> with your username on psych-o ]

echo “alias psych-o-tunnel='ssh -f -L59<display port>:localhost:<display port> <username>@psych-o.hpc1.cs.cmu.edu -N'” >> .bash_profile

Example: I used port 25 and dpane as my psych-o username. Therefore I ran this command in the Terminal on my Mac laptop.

echo “alias psych-o-tunnel='ssh -f -L5925:localhost:5925 dpane@psych-o.hpc1.cs.cmu.edu -N'” >> .bash_profile

After I ran this command, I quit the Terminal window:

Next ssh to psych-o and copy a script to your home directory.

To copy the file to your home directory run this command ( you can copy this script anywhere you would like):

cp -p /home/hawk/FOR_CRESWELL/vnc.sh ~/.

Initial setup is over

About the vnc.sh script

This script is available to help users start, stop and list the open display ports on psych-o.

If you use the options --usage or -u, when running the script the usage will be displayed.

[dpane@psych-o ~]$ ./vnc.sh -u
Usage:
       vnc.sh [start|stop|list [port#]]

       Some examples of using this command are (assumption script is in home directory):

       Turn on port 56 on the vncserver:

             ~/vnc.sh start 56

       Turn on port 56 on the vncserver:

             ~/vnc.sh stop 56

       List open display ports open on separate vncserver:

             ~/vnc.sh list

[dpane@psych-o ~]$ 

Setting up display port forwarding over ssh

Why use the display port forwarding over ssh?

IMPORTANT NOTE

The first time that you run the script ( i.e. vncserver) on psych-o, you will be prompted for a password. I highly recommend that you use a strong password. Otherwise, it will open yourself up to outside attackers connecting to your session. If they do break in, they could destroy/delete/corrupt your data. Please take this seriously. The password is stored in an encrypted file in your home directory: ~/.vnc/passwd If you forget your password, you can delete this file. Then, the next time your run the script (i.e vncserver ) on psych-o, it will again prompt you for a password.

1) On Your MacOS machine: Open Terminal and type the command: psych-o-tunnel

2) ssh to psych-o and run the script to turn on vncserver to a display port.

3) On your MacOS machine from the Finder goto menu item Go -> Connect to server ...

Use the following vnc://<username>@psych-o.hpc1.cs.cmu.edu:59<display port>

when you are prompted for a psswod, use the VNC password you setup when you ran the vnc.sh script the first time.

Example: Running Matlab using VNC on Display port 25

The Below screen capture shows that I opened a Terminal window on my MacOS machine and did the following:

1) I confirmed that the .bash_profile was setup with the alias "psych-o-ssh-tunnel" on port 25

2) I ran the command psych-o-ssh-tunnel

3) confirmed that the ssh tunnel was working with "ps wwwaux | grep dpane"


Still in that same terminal window on my MacOS machine, the figure below shows that I:

1) ssh as dpane to psych-o - when prompted for a password I entered my regular psych-o password.

2) I checked to see if any display ports were open using ./vnc.sh list, and it shows there was none open.

3) Ran the command "./vnc.sh start 25" to open the vncserver display port on 25.

4) Ran "./vnc.sh list" to confirm the display port 25 was open.


Below you will see the window and vnc command that I used. I got this window from the Finder on the MacOS machine

Menu item Go-> Connect to server ...


I selected connect and was prompted for a password. I entered the password I setup when I first ran the vncserver script. Not my psych-o password.


The following window came up (psych-o GUI) and I opened two separate terminal windows.

1) In the first Terminal window, I used the pbs scheduler to get an interactive session on a compute node by typing "qsub -I". You can tell which node you get assigned, but the prompt: "dpane@compute-0-37-1", the compute-0-37-1 is the node that my interactive job was assigned.

2) Now that I have a job running on a compute node, I am allowed to ssh to that node. I used the second Terminal window to ssh to the compute node (in this case compute-0-37-1) . Therefore I used the command "ssh -X compute-0-37-1".

3) I loaded the module of the matlab software that I wanted to run. In this example, I used matlab-7.13


The below screen capture shows that Matlab is starting its' GUI.