Remote access to University resources

Last modified by Niko-Ville Koljonen on 2024/03/15 11:11

These instructions apply to Cubbli and Ubuntu versions later than 18.04. If you have an older installation, you should upgrade. 

All University of Helsinki (UH) computational resources, including file shares, printers, software and computational resources can be used remotely used with Cubbli (and Linux in general), most by multiple different methods. You should also see Helpdesk's instructions.

VDI remote desktops

Easiest way to access is through remote Virtual Desktop Infrastructure (VDI) remote desktops. VDI provides both remote Windows desktops and Linux desktops. The Windows desktops are remotely  available only for the University staff because of Windows licensing restrictions.  You can access VDI  with VMWare Horizon client or from browser through link https://vdi.helsinki.fi/. If you have a University laptop installation (Windows, Linux, or MAC) you can access VDI from the Univerity Menu.  You don't need a VPN to access remote desktop resources. Please see instructions.

If you have a personal University Windows desktop hosts in University's premises, you can ask Helpdesk to provide access to it with VDI. 

UH-VPN (OpenVPN).

UH-VPN (University of Helsinki - Virtual Private Network) tunnel allows you directly access University's file shares, University's printers and some of University's servers which aren't available in the open Internet. Helpdesk has more instructions, also for other operating systems. 

The recommended way is to just click uh-vpn-helsinki-only from network settings menu:

Using UH-VPN over mobile phone connected with USB.

1708087528827-445.png

Gnome Desktop (default)

uh-vpn.png

Cinnamon Desktop

Authentication.png

Authentication dialog for VPN passsword.

If you want to direct all traffic through VPN click instead uh-vpn-helsinki-allroute. This is recommended when you are using untrusted public networks (WiFi access points). This also allows you to access some scientific publications where access is allowed by default from University Network.  Please direct all traffic through University network only when you need it,  since university's network capacity is limited. 

HY-VPN 1 tunnel doesn't have network address translation (NAT) and is bridged instead of tunneled VPN. Only use this if you have a problem with other VPNs or if for some reason you don't want NAT. HY-VPN 1 also allows Linux administrators access to your Cubbli Linux installation remotely.

You can configure UH-VPN to be enabled automatically when you connect to a WiFi network. Use the Network Settings dialog of your Wifi access point for this:

Enable UH-VPN when connected to WiFi

image2021-11-18_14-35-53.png

Setting up UH-VPN in your own Linux installation with Network Manager

If you want to have UH-VPN available for Network Manager in your own Linux (just like in the instructions above) you need to have network-manager-openvpn-gnome package (or equivalent for your Linux distribution) installed. Then download and run this script. Since it needs access to your Linux hosts Network Manager, run it in a terminal on your Desktop. Don't attempt to run it with sudo, or over ssh or in a container or in a Anaconda environment. And you shouldn't run random scripts downloaded from the Internet! Check what it does before you run it. 

https://cubbli.cs.helsinki.fi/setup-hy-vpn-tun.sh






 

jjaakkol@lx8-523-011:~$ wget --quiet  && bash ./setup-hy-vpn-tun.shThis script sets up UH-VPN for you assuming you have Linux, Network Managerand network-manager-openvpn packages installed.Last updated by Jani Jaakkola 2021-11-18.Your Univ. Helsinki user account: jjaakkolConnection 'uh-vpn-helsinkifi-only (jjaakkol)' (be1e6084-f79b-4081-a8f9-c58f88d4bf30) successfully added.Connection 'uh-vpn-allroute (jjaakkol)' (cce6ce39-57bd-43c6-b0ba-52a93b803077) successfully added.jjaakkol@lx8-523-011:~$

Here is how using older version of the script looks like in a Ubuntu 18.04 installation: 

image2020-4-8_18-10-47.png

Screenshot_ubuntu18.04-test_2020-04-07_16:10:30.png

You can configure Network Manager using the GUI too. 

Using OpenVPN from command line.

If you don't want to use Network Manager, but have admin (sudo) access and you insists on using openvpn from command line download the openvpn configuration from helpdesk.

SSH

University has multiple different remotely accessible ssh servers, which are available to all University users:

  • pangolin.it.helsinki.fi
  • melkki.cs.helsinki.fi
  • melkinkari.cs.helsinki.fi
  • melkinpaasi.cs.helsinki.fi
  • markka.it.helsinki.fi
  • login.physics.helsinki.fi
  • pultti.it.helsinki.fi (this is a larger physical machine with 256G physical memory and Intel Xeon CPU E5-2620 with 6 cores (12 threads). 

These hosts can be used to access University's shared file systems through sftp and as ssh jump hosts to other University's ssh services, which aren't directly visible to the open Internet. It possible to forward web browser requests through ssh sessions to get access to University's browser resources without having to run everything through a firewall. 

Network file shares.

MS OneDrive and other cloud storage services can be accessed with rclone. Please see Using rclone to access MS OneDrive and cloud storage for details.