Merge branch 'master' of bitbucket.org:sbgrid/corepublicwiki

+# Remote X11 (beta) - x2go and xpra

+

+In general x2go is easier to use and sufficient for most scenarios. Xpra has better performance and uses less resources. Both clients connect through ssh and are generally faster than ssh -Y. Support for these is beta, x2go is more familiar to the support staff. Most linux systems do not have these tools installed, so you may need to request them.

+

+We recommend using x2go. x2go is more familiar to the support staff and it is easier ti use.

+

+# x2go

+

+## download

+x2go can be downloaded from this page.

+

+https://wiki.x2go.org/doku.php/download:start

+

+## Additional Steps

+You will need to open System Preferences - Security - General - Temporarily 'Allow from anywhere' open the application, make sure you can reopen it. Then change your security setting back to 'App Store and Identified Developers'

+

+For all systems off of the sbgrid network it will be easiest if you use the [cmcd-vpn](faq-connecting-to-cmcd-vpn).

+

+x2go requires XQuartz - see [faq-using-sbgrid-programs](faq-using-sbgrid-programs) if you do not already have it installed.

+

+From the x2go application -

+Create a new session

+Make sure you fill out the following -

+ 1. host - the host that you want to connect to.

+ 2. login - your username

+ 3. port - 22

+ 4. Session type - Mate

+

+You can adjust the resolution after the session has started.

+

+

+# Xpra

+

+xpra has been described as 'tmux for X11' and we are evaluating its usefullness.

+

+## OSX to Linux workstation usage

+

+For Mac OSX newer than 10.9 the installer is on their downloads page

+https://www.xpra.org/trac/wiki/Download

+

+For our usage please us the 'pkg' installer located here -

+https://xpra.org/dists/osx/x86_64/Xpra.pkg

+

+The other version is built around a gui that we are not covering for now.

+

+### xpra, keep it simple!

+

+On your local Mac OSX system open a terminal window and run

+`xpra start ssh/oconnor@sch-boltzmann/42 --start-child=xterm`

+

+With this one command you should have a remote xterm window come up. From there you can launch whatever application you need to run on the other system, including applications that need GLX extensions such as coot.

+

+To disconnect, just ^c from the original terminal window(not the xterm that you connected to), or if you connect from another system it will automatically detach.

+

+So to reattach to attach -

+

+`xpra attach ssh/oconnor@sch-boltzmann/42`

+

+Note the number 42. You need to pick a number that someone else on the system is not using. Do not use a low number that could be inuse by the system like 0 - 5, instead pick a higher number up to 999.

+

+Note, if you simply close all the windows, including xterm, the remote server is still running

+`ssh oconnor@sch-boltzmann`

+`xpra list`

+Found the following xpra sessions:

+/run/user/46627/xpra:

+ LIVE session at :666

+`xpra stop :666`

+xpra at :666 has exited.

+

+Or one might have run

+`xpra start ssh/oconnor@sch-boltzmann/42 --start-child=xterm --window-close=shutdown`

+,but if you accidentally close the window everything will close.

+

+For all systems off of the sbgrid network it will be easiest if you use the [cmcd-vpn](faq-connecting-to-cmcd-vpn).

+

+If you are more linux saavy you can try tunneling your connections as well for exapmle -

+

+'ssh -L 4444:ja-gpu1:22 -N oconnor@crystal.harvard.edu'

+open a new terminal and then -

+`xpra start ssh/oconnor@localhost:4444/617 --start-child=xterm --window-close=shutdown`

+

+## Troubleshooting tips.

+

+Ideally you would have already set up [SSH Without a Password](faq-setting-up-passwordless-ssh)

+

+Make sure you can ssh to the host without error. You should not need to type 'yes' for ssh keys, etc.

+

+Press enter one time - is it waiting for password input?

+

+connect to the remote host and type -

+`xpra list`

+

+If there is an active session you can connect to it via `xpra attach ssh/user@host/42' from your client.

+

+There could be an active session with no windows open. Stop the session and start again.

+'xpra stop :42`

+

+Lastly try to launch a session from the host in a tmux or screen session on the remote server -

+`ssh user@myhost"

+`tmux`

+`xpra start :617 --daemon=no --start-child=xterm`

+You should see a line that that contains `xpra is ready.`

+Detach with CTRL-b - d keys and then you can attach from your own system like so

+`xpra attach ssh/oconnor@sch-boltzmann/617`

+

+The launching from within a tmux or screen session might be easier to experiment with other flags like "start-desktop"

+`xpra start-desktop --start=mate-session :618 --daemon=no'

+

+See Also

+`man xpra'

+

+There are a lot of features, but for our usage keep it simple.

+

+## xpra via https

+

+Work in progress - Not currently functional.

+

+ * ***NOTE***: All SBGrid bound Servers and Workstations on the SBGrid network in the Longwood area require 'pub' key to be ***uploaded*** to our. authentication servers. Please follow the steps named "Generate SSH Keys" and "For Systems on the SBGrid network at Longwood" below.

+

+ Off Quad systems (at MCB, HU, Tufts, Genzyme) please following the steps named "Generate SSH Keys" and "For Off-Quad SBGrid Systems" below.

+### Generate SSH Keys

+

+

+#### For Off-Quad SBGrid Systems

+ 1. Copy public key (`~/.ssh/id_rsa.pub`) to remote system: `scp ~/.ssh/id_rsa.pub remotesys:~/` If this is the first connection to the remote system, type `yes` to accept the remote system key.

+ 2. Login to remote system, configure remote system to trust public key:

+ 3. Logout of remote system, and repeat login to check that everything works correctly. If so, `~/id_rsa.pub` can be removed from the remote system.

+###For Systems on the SBGrid network at Longwood

+There is no need for ~/.ssh/authorized_keys, the file is ignored on all our linux systems on the SBGrid network at Longwood. The 'pub' key ***must*** be uploaded to our authentication servers. These examples assume you copied the pub key to your Linux home directory, you can also copy and paste the entire contents of the .pub file between systems.

+## OS X (Mac) helpful hints

+

+A good example of mounting from OSX on your local system is as follows -

+`sudo mkdir -p /sshfs/userdocs`

+`sudo chown -R $USER /sshfs`

+`/usr/local/bin/sshfs oconnor@crystal.harvard.edu:/nfs/userdocs /sshfs/userdocs -o volname=userdocs,reconnect,ServerAliveInterval=15,ServerAliveCountMax=3,idmap=user,auto_xattr,dev,suid,defer_permissions,noappledouble,noapplexattr,IdentityFile=$HOME/.ssh/sshfs-id_rsa`

+

+Basically, your local user needs to own the destination $PATH. We mount one complete filesystem from the remote site(avoids local Apple Finder issues). We give the volume a name (shows mount point on your desktop), add some additional options for server connections, etc. If you are using an [ssh key](faq-setting-up-passwordless-ssh.md) you would add it's path to the IdentityFile paramater.

+

+On occasion the mount wll become stuck and unresponsive, so you may be required to force unmount it before mounting it again.

+`umount -f /sshfs`

+

+To enable GL required by some programs like coot you will need to run this in a terminal from your account.

+```

+defaults write org.macosforge.xquartz.X11 enable_iglx -bool true

+```

+