Difference between revisions of "Remote Access"

From Remote Access
Jump to navigationJump to search
 
(6 intermediate revisions by the same user not shown)
Line 14: Line 14:
For more details, including how to reset your DM password, see the following doc(s):
For more details, including how to reset your DM password, see the following doc(s):


=== Docs ===
=== NX Docs ===


[https://anl.box.com/s/kex7mmqh28ze5inh2ngkci3hx1i30hkj Remote Access to APS Beamlines using NoMachine Cloud Server]
[https://anl.box.com/s/kex7mmqh28ze5inh2ngkci3hx1i30hkj Remote Access to APS Beamlines using NoMachine Cloud Server]
Line 28: Line 28:
=== VPN ===
=== VPN ===


VPN (Virtual Private Network) access to XSD computers is available via the ANL VPN appliance. VPN access requires an ANL domain account and Microsoft Authenticator application installed on your smartphone. VPN access cannot be enabled for service/group (shared password) accounts per Argonne’s Cyber Office. The main VPN appliance for the Argonne employees is https://vpn.anl.gov. Submit a Service Desk ticket to request a VPN account.
VPN (Virtual Private Network) access to XSD computers is available via the ANL VPN appliance.  
 
VPN is only permitted from Argonne-owned computers that are running Crowdstrike.
 
VPN access requires an ANL domain account and Microsoft Authenticator application installed on your smartphone.  
 
VPN access cannot be enabled for service/group (shared password) accounts per Argonne’s Cyber Office. The main VPN appliance for the Argonne employees is https://vpn.anl.gov.  
 
Submit a Service Desk ticket to request a VPN account.


=== SSH ===
=== SSH ===


IT provides multiple SSH servers for accessing XSD beamline computers from the Internet.  The hostname for the server is “xgate.xray.aps.anl.gov”.
IT provides multiple SSH servers for accessing XSD beamline computers from the Internet.   
SSH access requires the Microsoft Authenticator application to be installed on your smartphone. You must submit a support ticket for external XSD SSH access.  
 
Accounts that have had external SSH enabled, but don't use it for 12 months, will have that access removed from their account per Lab cyber policy.  
The hostname for the server is “xgate.xray.aps.anl.gov”.
External SSH access for group (shared password) accounts is not allowed per CSPO.
 
SSH access requires the Microsoft Authenticator application to be installed on your smartphone.  
 
Submit a Service Desk ticket for external XSD SSH access.  
 
Accounts that have had external SSH enabled, but don't use it for 12 months, will have that access removed from their account per Lab cyber security policy.  
 
External SSH access for group (shared password) accounts is not allowed per Lab Cyber Security Program Office.

Latest revision as of 20:25, 23 January 2024

NX Quick Start Guide

Here are the instructions for accessing beamline workstations:

  1. Login to the NoMachine Portal here: https://delos.aps.anl.gov (either your ANL LDAP username/password or the DM credentials "d<badge>/esaf password")
  2. Select the system you want to connect to, and click the Connect button.
  3. Select an existing virtual desktop, and click the Connect button.

To create a new virtual desktop, select "Create a new virtual desktop", and see the instructions here

At this point, you should be at a Gnome desktop where you can open applications.

You can adjust display settings in the Display settings panel, which you can access by clicking the "peel back" in the upper right corner. NX desktops run better with more network bandwidth. The default settings should be fine for most connections. In some cases however, you may have to make adjustments. For example, on a 15Mbps connection, you may have to lower the Quality level slider to get the desktop to run smooth.

For more details, including how to reset your DM password, see the following doc(s):

NX Docs

Remote Access to APS Beamlines using NoMachine Cloud Server

System Requirements

Guide to the NoMachine Menu Panel for Web Sessions

NX Beamline Portal Presentation

NoMachine Spectator Mode

VPN

VPN (Virtual Private Network) access to XSD computers is available via the ANL VPN appliance.

VPN is only permitted from Argonne-owned computers that are running Crowdstrike.

VPN access requires an ANL domain account and Microsoft Authenticator application installed on your smartphone.

VPN access cannot be enabled for service/group (shared password) accounts per Argonne’s Cyber Office. The main VPN appliance for the Argonne employees is https://vpn.anl.gov.

Submit a Service Desk ticket to request a VPN account.

SSH

IT provides multiple SSH servers for accessing XSD beamline computers from the Internet.

The hostname for the server is “xgate.xray.aps.anl.gov”.

SSH access requires the Microsoft Authenticator application to be installed on your smartphone.

Submit a Service Desk ticket for external XSD SSH access.

Accounts that have had external SSH enabled, but don't use it for 12 months, will have that access removed from their account per Lab cyber security policy.

External SSH access for group (shared password) accounts is not allowed per Lab Cyber Security Program Office.