Remote Access
NX Quick Start Guide
Here are the instructions for accessing beamline workstations:
- Login to the NoMachine Portal here: https://delos.aps.anl.gov (either your ANL LDAP username/password or the DM credentials "d<badge>/esaf password")
- Select the system you want to connect to, and click the Connect button.
- Select an existing virtual desktop, and click the Connect button.
To create a new virtual desktop, select "Create a new virtual desktop", and see the instructions here
At this point, you should be at a Gnome desktop where you can open applications.
You can adjust display settings in the Display settings panel, which you can access by clicking the "peel back" in the upper right corner. NX desktops run better with more network bandwidth. The default settings should be fine for most connections. In some cases however, you may have to make adjustments. For example, on a 15Mbps connection, you may have to lower the Quality level slider to get the desktop to run smooth.
For more details, including how to reset your DM password, see the following doc(s):
Docs
Remote Access to APS Beamlines using NoMachine Cloud Server
Guide to the NoMachine Menu Panel for Web Sessions
NX Beamline Portal Presentation
VPN
VPN (Virtual Private Network) access to XSD computers is available via the ANL VPN appliance.
VPN access requires an ANL domain account and Microsoft Authenticator application installed on your smartphone.
VPN access cannot be enabled for service/group (shared password) accounts per Argonne’s Cyber Office. The main VPN appliance for the Argonne employees is https://vpn.anl.gov.
Submit a Service Desk ticket to request a VPN account.
SSH
IT provides multiple SSH servers for accessing XSD beamline computers from the Internet.
The hostname for the server is “xgate.xray.aps.anl.gov”.
SSH access requires the Microsoft Authenticator application to be installed on your smartphone.
You must submit a support ticket for external XSD SSH access.
Accounts that have had external SSH enabled, but don't use it for 12 months, will have that access removed from their account per Lab cyber policy.
External SSH access for group (shared password) accounts is not allowed per CSPO.