diff --git a/docs.it4i/general/shell-and-data-access.md b/docs.it4i/general/shell-and-data-access.md index 0be1e1838b21fd18c7e22e8184851e922352bb4d..9f8818408ffce75e4975e17d22a643fa4a60f1cb 100644 --- a/docs.it4i/general/shell-and-data-access.md +++ b/docs.it4i/general/shell-and-data-access.md @@ -2,36 +2,36 @@ ## Shell Access -The all IT4Innovations clusters are accessed by SSH protocol via login nodes loginX at the address **cluster-name.it4i.cz**. The login nodes may be addressed specifically, by prepending the login node name to the address. +All IT4Innovations clusters are accessed by the SSH protocol via login nodes loginX at the address **cluster-name.it4i.cz**. The login nodes may be addressed specifically, by prepending the login node name to the address. !!! note - The alias **cluster-name.it4i.cz** is currently not available through VPN connection. Use **loginX.cluster-name.it4i.cz** when connected to VPN. + The **cluster-name.it4i.cz** alias is currently not available through VPN connection. Use **loginX.cluster-name.it4i.cz** when connected to VPN. ### Anselm Cluster | Login address | Port | Protocol | Login node | | --------------------- | ---- | -------- | --------------------------------------| -| anselm.it4i.cz | 22 | ssh | round-robin DNS record for login[1-2] | -| login1.anselm.it4i.cz | 22 | ssh | login1 | -| login2.anselm.it4i.cz | 22 | ssh | login2 | +| anselm.it4i.cz | 22 | SSH | round-robin DNS record for login[1-2] | +| login1.anselm.it4i.cz | 22 | SSH | login1 | +| login2.anselm.it4i.cz | 22 | SSH | login2 | ### Barbora Cluster | Login address | Port | Protocol | Login node | | ------------------------- | ---- | -------- | ------------------------------------- | -| barbora.it4i.cz | 22 | ssh | round-robin DNS record for login[1-2] | -| login1.barbora.it4i.cz | 22 | ssh | login1 | -| login2.barbora.it4i.cz | 22 | ssh | login2 | +| barbora.it4i.cz | 22 | SSH | round-robin DNS record for login[1-2] | +| login1.barbora.it4i.cz | 22 | SSH | login1 | +| login2.barbora.it4i.cz | 22 | SSH | login2 | ### Salomon Cluster | Login address | Port | Protocol | Login node | | ---------------------- | ---- | -------- | ------------------------------------- | -| salomon.it4i.cz | 22 | ssh | round-robin DNS record for login[1-4] | -| login1.salomon.it4i.cz | 22 | ssh | login1 | -| login2.salomon.it4i.cz | 22 | ssh | login2 | -| login3.salomon.it4i.cz | 22 | ssh | login3 | -| login4.salomon.it4i.cz | 22 | ssh | login4 | +| salomon.it4i.cz | 22 | SSH | round-robin DNS record for login[1-4] | +| login1.salomon.it4i.cz | 22 | SSH | login1 | +| login2.salomon.it4i.cz | 22 | SSH | login2 | +| login3.salomon.it4i.cz | 22 | SSH | login3 | +| login4.salomon.it4i.cz | 22 | SSH | login4 | ## Authentication @@ -100,7 +100,7 @@ If you see a warning message **UNPROTECTED PRIVATE KEY FILE!**, use this command $ chmod 600 /path/to/id_rsa ``` -On **Windows**, use [PuTTY ssh client][2]. +On **Windows**, use the [PuTTY SSH client][2]. After logging in, you will see the command prompt @@ -123,40 +123,40 @@ Last login: Tue Jul 9 15:57:38 2013 from your-host.example.com ## Data Transfer -Data in and out of the system may be transferred by the [scp][a] and sftp protocols. +Data in and out of the system may be transferred by the [SCP][a] and SFTP protocols. ### Anselm Cluster | Address | Port | Protocol | | --------------------- | ---- | --------- | -| anselm.it4i.cz | 22 | scp | -| login1.anselm.it4i.cz | 22 | scp | -| login2.anselm.it4i.cz | 22 | scp | +| anselm.it4i.cz | 22 | SCP | +| login1.anselm.it4i.cz | 22 | SCP | +| login2.anselm.it4i.cz | 22 | SCP | ### Barbora Cluster | Address | Port | Protocol | | ------------------------- | ---- | ------- | -| barbora.it4i.cz | 22 | scp | -| login1.barbora.it4i.cz | 22 | scp | -| login2.barbora.it4i.cz | 22 | scp | +| barbora.it4i.cz | 22 | SCP | +| login1.barbora.it4i.cz | 22 | SCP | +| login2.barbora.it4i.cz | 22 | SCP | ### Salomon Cluster | Address | Port | Protocol | | ---------------------- | ---- | --------- | -| salomon.it4i.cz | 22 | scp, sftp | -| login1.salomon.it4i.cz | 22 | scp, sftp | -| login2.salomon.it4i.cz | 22 | scp, sftp | -| login3.salomon.it4i.cz | 22 | scp, sftp | -| login4.salomon.it4i.cz | 22 | scp, sftp | +| salomon.it4i.cz | 22 | SCP, SFTP | +| login1.salomon.it4i.cz | 22 | SCP, SFTP | +| login2.salomon.it4i.cz | 22 | SCP, SFTP | +| login3.salomon.it4i.cz | 22 | SCP, SFTP | +| login4.salomon.it4i.cz | 22 | SCP, SFTP | Authentication is by [private key][1] only. !!! note If you experience degraded data transfer performance, consult your local network provider. -On linux or Mac, use an scp or sftp client to transfer data to Barbora: +On Linux or Mac, use an SCP or SFTP client to transfer data to Barbora: ```console $ scp -i /path/to/id_rsa my-local-file username@cluster-name.it4i.cz:directory/file @@ -172,7 +172,7 @@ or $ sftp -o IdentityFile=/path/to/id_rsa username@cluster-name.it4i.cz ``` -A very convenient way to transfer files in and out of cluster is via the fuse filesystem [sshfs][b]. +A very convenient way to transfer files in and out of cluster is via the fuse filesystem [SSHFS][b]. ```console $ sshfs -o IdentityFile=/path/to/id_rsa username@cluster-name.it4i.cz:. mountpoint @@ -180,7 +180,7 @@ $ sshfs -o IdentityFile=/path/to/id_rsa username@cluster-name.it4i.cz:. mountpoi Using sshfs, the users Barbora home directory will be mounted on your local computer, just like an external disk. -Learn more about ssh, scp and sshfs by reading the manpages +Learn more about SSH, SCP, and SSHFS by reading the manpages: ```console $ man ssh @@ -198,15 +198,15 @@ Outgoing connections, from cluster login nodes to the outside world, are restric | Port | Protocol | | ---- | -------- | -| 22 | ssh | -| 80 | http | -| 443 | https | -| 9418 | git | +| 22 | SSH | +| 80 | HTTP | +| 443 | HTTPS | +| 9418 | Git | !!! note - Use **ssh port forwarding** and proxy servers to connect from cluster to all other remote ports. + Use **SSH port forwarding** and proxy servers to connect from cluster to all other remote ports. -Outgoing connections, from Cluster compute nodes are restricted to the internal network. Direct connections form compute nodes to the outside world are cut. +Outgoing connections, from cluster compute nodes are restricted to the internal network. Direct connections from compute nodes to the outside world are cut. ## Port Forwarding @@ -223,11 +223,11 @@ Pick some unused port on the cluster login node (for example 6000) and establis $ ssh -R 6000:remote.host.com:1234 cluster-name.it4i.cz ``` -In this example, we establish port forwarding between port 6000 on cluster and port 1234 on the remote.host.com. By accessing localhost:6000 on cluster, an application will see the response of remote.host.com:1234. The traffic will run via the user's local workstation. +In this example, we establish port forwarding between port 6000 on the cluster and port 1234 on the remote.host.com. By accessing localhost:6000 on the cluster, an application will see the response of remote.host.com:1234. The traffic will run via the user's local workstation. -Port forwarding may be done **using PuTTY** as well. On the PuTTY Configuration screen, load your cluster configuration first. Then go to *Connection->SSH->Tunnels* to set up the port forwarding. Click Remote radio button. Insert 6000 to theSource port textbox. Insert remote.host.com:1234. Click the Add button, then Open. +Port forwarding may be done **using PuTTY** as well. On the PuTTY Configuration screen, load your cluster configuration first. Then go to *Connection->SSH->Tunnels* to set up the port forwarding. Click the Remote radio button. Insert 6000 to the Source port textbox. Insert remote.host.com:1234. Click the Add button, then Open. -Port forwarding may be established directly to the remote host. However, this requires that the user has ssh access to remote.host.com +Port forwarding may be established directly to the remote host. However, this requires that the user has an SSH access to remote.host.com. ```console $ ssh -L 6000:localhost:1234 remote.host.com @@ -236,7 +236,7 @@ $ ssh -L 6000:localhost:1234 remote.host.com !!! note Port number 6000 is chosen as an example only. Pick any free port. -### Port Forwarding From Compute Nodes +### Port Forwarding from Compute Nodes Remote port forwarding from compute nodes allows applications running on the compute nodes to access hosts outside the cluster. @@ -252,12 +252,12 @@ In this example, we assume that port forwarding from `login1:6000` to `remote.ho ### Using Proxy Servers -Port forwarding is static, each single port is mapped to a particular port on a remote host. Connection to another remote host requires a new forward. +Port forwarding is static; each single port is mapped to a particular port on a remote host. Connection to another remote host requires a new forward. !!! note Applications with inbuilt proxy support experience unlimited access to remote hosts via a single proxy server. -To establish a local proxy server on your workstation, install and run SOCKS proxy server software. On Linux, sshd demon provides the functionality. To establish SOCKS proxy server listening on port 1080 run: +To establish a local proxy server on your workstation, install and run SOCKS proxy server software. On Linux, SSHD demon provides the functionality. To establish SOCKS proxy server listening on port 1080 run: ```console $ ssh -D 1080 localhost @@ -265,7 +265,7 @@ $ ssh -D 1080 localhost On Windows, install and run the free, open source [Sock Puppet][e] server. -Once the proxy server is running, establish ssh port forwarding from cluster to the proxy server, port 1080, exactly as [described above][5]: +Once the proxy server is running, establish the SSH port forwarding from cluster to the proxy server, port 1080, exactly as [described above][5]: ```console $ ssh -R 6000:localhost:1080 cluster-name.it4i.cz @@ -275,7 +275,7 @@ Now, configure the applications proxy settings to **localhost:6000**. Use port f ## Graphical User Interface -* The [X Window system][6] is the principal way to get GUI access to the clusters. +* The [X Window system][6] is the principal way to get a GUI access to the clusters. * [Virtual Network Computing][7] is a graphical [desktop sharing][f] system that uses the [Remote Frame Buffer protocol][g] to remotely control another [computer][h]. ## VPN Access