Sidebar image

Linux Resources

Secure Connections

Your Linux distribution should have OpenSSH prepackaged and, quite likely, already installed. This should make ssh and scp availabe on the command line. You may also want to check rsync, which is a command line utility to copy or synchronize entire directory trees, while transferring only the difference in file contents.

Filezilla is a GUI program for both SSH File Transfer or SFTP. Install using your distribution's software manager or download from filezilla-project.org. Lauch the program, choose File > Site Manager > New Site. Configure SFTP connection to gauss:

Host: math.dartmouth.edu
Servertype: SFTP - SSH File Transfer Protocol
Logontype: Ask for password
User: your username on gauss

Click OK to save configuration or Connect to save and connect at once.

VPN

Dartmouth VPN

In 2009 Dartmouth switched to Juniper VPN. It works fine on 32-bit Linux. It does not work on 64-bit systems (Sep. 2012). Dartmouth VPN can be started at gateway.dartmouth.edu. It uses web browser's Java applet to download and run VPN client. (Test your browser's Java here.)

Math VPN

Math VPN uses OpenVPN technology.

  1. Install OpenVPN and Network Manager's component for OpenVPN.
    (openvpn, network-manager-openvpn packages in Debian/Ubuntu).
  2. Download DigiCert root certificate.
  3. Add Math VPN connection in Network Manager:
    1. VPN Connections → Configure VPN.
    2. Add → OpenVPN → Create....
    3. Connection name: Math VPN.
    4. Gateway: 129.170.28.37.
    5. Authentication Type: Password.
    6. User name: your Math username
    7. Password: choose Always Ask
    8. CA Certificate: point to downloaded DigiCert certificate
    9. Apply.
  4. To connect click on Network Manager's applet, VPN Connections → Math VPN.
  5. To disconnect use Disconnect VPN in the same applet.

Math Email (and the DND)

If you have Math Dept. user account (also known as “gauss” account), you also have a corresponding email account. Your Math email arrives at (and can be sent from) math.dartmouth.edu server. It can be accessed instantly and globally via Webmail — this does not require any configuration! As for email applications, all of them, including mobile, can be configured to use your Math account using these generic settings:

  • Mail server type: IMAP
  • Incoming server: math.dartmouth.edu, port: 143
  • Connection type/encryption: TLS
  • Username: your Math username
  • Password: for the username above
  • Outgoing/SMTP server: math.dartmouth.edu, port: 25

Darmouth Name Directory lookups in Thunderbird

EditPreferencesCompositionAddressing
Click Edit Directories, Add:

General tab:
Name: Dartmouth Directory
Hostname: ldap.dartmouth.edu
Base DN: dc=dartmouth, dc=edu
Port number: 389
Back in the Preferences window select “Dartmouth Directory” for Directory Server.

Vacation Autoreply

Autoreply message text for your Math mail is in .vacation.msg in your home directory on gauss.

Autoreply is enabled by uncommenting the following two lines in .procmailrc:

#:0c
#|/usr/bin/vacation username
To stop autoreply, comment both lines out again, by inserting # as the first character on each line.

.vacation.msg and .procmailrc can be edited with any text editor while on gauss terminal or with a variety of GUI tools from Linux desktop, for example, Filezilla, Nautilus, Dolphin etc.

Backups

Your workstation can be backed up to Math Dept. network storage. Contact help@math.dartmouth.edu for assistance.

Printing

Math Dept. network printers are used via printing service CUPS running on gauss. With CUPS browsing enabled all Math printers should be automatically available, if your Linux machine is connected to Kemeny Hall wired network. Drivers are already installed on print server — there is no need for individual printer configuration on a client.

CUPS browsing can be enabled by from http://localhost:631:
Administration: Server Settings: enable Show printers shared by other systems.

Similar setting is likely available in system preferences/settings menu in Gnome, KDE, XFCE etc.

Alternatively, CUPS browsing can be enabled by editing /etc/cups/cupsd.conf and setting:

    Browsing on
To limit the list of available printers to those served by gauss (i.e. Math printers only) set
    BrowseAllow 129.170.28.37
To access Math printers from Dartmouth Secure Wi-Fi add
    BrowsePoll 129.170.28.37
Restart CUPS for changes to take effect: 'service cups restart'.
Check for available printers: 'lpstat -t'.

HTCondor Installation

  1. Add system user “condor”:
    adduser --disabled-login --shell /bin/false condor
  2. Download HTCondor package from www.cs.wisc.edu and put it into /usr/local/.
  3. Unpack, install:
    cd /usr/local
    tar vxzf condor-version.tar.gz
    ln -s /usr/local/condor-version /usr/local/condor
    ./condor_configure --install --type=submit --owner=condor \
        --central-manager=math.dartmouth.edu
    mkdir /etc/condor
    ln -s /usr/local/condor/etc/condor_config /etc/condor/condor_config
    
  4. Adjust local configuration file /usr/local/condor/local.hostname/condor_config.local by adding:
    FILESYSTEM_DOMAIN = $(FULL_HOSTNAME)
    UID_DOMAIN = $(FULL_HOSTNAME)
    ALLOW_WRITE=*.dartmouth.edu, 127.*
    ALLOW_READ=*.dartmouth.edu, 127.*
    RESERVED_SWAP = 0
    
  5. Copy start/stop script to /etc/init.d/:
    cp /usr/local/condor/etc/examples/condor.boot /etc/init.d/condor
  6. Start HTCondor:
    /etc/init.d/condor start
  7. Check communication with the pool:
    /usr/local/condor/bin/condor_status
    The response should be similar to this:
    Name               OpSys  Arch   State     Activity LoadAv Mem   ActvtyTime
    slot1@math-01.grid LINUX  X86_64 Unclaimed Idle     0.020  1024  0+03:25:04
    slot2@math-01.grid LINUX  X86_64 Unclaimed Idle     0.000  1024  5+23:27:12
    slot1@math-02.grid LINUX  X86_64 Unclaimed Idle     0.000  1024  0+03:05:04
    slot2@math-02.grid LINUX  X86_64 Unclaimed Idle     0.000  1024  6+00:41:04
    slot1@math-03.grid LINUX  X86_64 Unclaimed Idle     0.000  1024  1+03:05:24
    slot2@math-03.grid LINUX  X86_64 Unclaimed Idle     0.030  1024  0+03:05:05
    ... ... ...
    HTCondor log files are in /usr/local/condor/local.hostname/log/.
  8. If firewall is in use, configure HTCondor to use port range of 9600-9700 and then open firewall for incoming and outgoing TCP and UDP in that port range. Add to condor_config.local:
    LOWPORT = 9600
    HIGHPORT = 9700
    iptables rules may look like this:
    iptables -A INPUT -s 129.170.0.0/16 -p tcp -m state --state NEW --dport 9600:9700 -j ACCEPT
    iptables -A INPUT -s 129.170.0.0/16 -p udp -m state --state NEW --dport 9600:9700 -j ACCEPT

Joining HTCondor pool as an “execute” node

Instructions above are for configuring HTCondor as a submit-only node. With only minor changes in configuration this can be changed into submit and execute node. Please consider adding your workstation as an execute node, especially if it's a fairly new machine. In your local configuration file condor_config.local replace the line

DAEMON_LIST = MASTER, SCHEDD
with
DAEMON_LIST = MASTER, SCHEDD, STARTD
Restart HTCondor. After a few moments your workstation should appear in condor_status listing. If you have Mathematica, Maple, Matlab or GP/PARI installed, add the following lines to condor_config.local:
HAS_MATH = TRUE
HAS_MAPLE = TRUE
HAS_MATLAB = TRUE
HAS_GP = TRUE
STARTD_EXPRS = HAS_MATH HAS_MAPLE HAS_MATLAB HAS_GP

Connecting to Dartmouth Secure Wireless Network

Use the following settings with your NetID and password:

Wireless Security:
Security: WPA & WPA2 Enterprise
Authentication: Protected EAP (PEAP)
Inner auth. (EAP method): MSCHAPv2
Username: your NetID

Settings in Network Manager applet