Newer
Older
Access and Login
================
To gain access your account needs to be added to the **mpibgrid** access group.
Drop us an E-Mail if you would like to join, there are no restrictions, we
simply would like to talk to you beforehand.
SSH Terminal
------------
Access to the Tardis is provided via secure shell. On Mac OSX and Linux machines
the :program:`ssh` program should be already installed. To get an instant shell on the
ssh <YOUR_USERNAME>@tardis.mpib-berlin.mpg.de
On Windows you might want to try `Putty
<https://www.chiark.greenend.org.uk/~sgtatham/putty/>`_. For a while now we
also have a `web shell <https://tardis.mpib-berlin.mpg.de/>`_ for when there is
no SSH client available.
On the first connection you will be prompted to accept a host fingerprint.
This is to authenticate the host and to prevent so-called man in the middle
attacks on your connection. The fingerprint should be either one of the
following:
+------------+----------+-------------------------------------------------+
| **Cipher** | **Algo** | **Fingerprint** |
+------------+----------+-------------------------------------------------+
| RSA | MD5 | b3:c5:6a:3a:e1:cf:ca:38:57:43:19:1e:fc:45:eb:f4 |
+------------+----------+-------------------------------------------------+
| RSA | SHA-256 | EwUlbWfFa27S9IickmNrEjbKp8yYafJ4+ga+fl4MDU0= |
+------------+----------+-------------------------------------------------+
| ED25519 | MD5 | 46:5a:90:b1:06:b8:d4:96:24:cc:f5:f5:55:bf:f1:6d |
+------------+----------+-------------------------------------------------+
| ED25519 | SHA-256 | kvAQatFgyA0DidMvKMf7xmGJWehZ3ASR9E0D+nxwFd0= |
+------------+----------+-------------------------------------------------+
SSH File Transfer
-----------------
There are a number of (graphical) clients to help you transfer and mange files
and directories on the Tardis. For the most common operating systems we
recommend the following but you are of course free to use whatever you want.
Linux
^^^^^
Most modern Linux Desktops come with SSH already built-in to their file
manager. In Ubuntu you can simply use ``sftp://`` or ``ssh://`` as a protocol
in Nautilus:
.. image:: ../img/nautilus.png
:width: 80%
Apple has unfortunately not implemented the ``ssh://`` protocol family into their finder. A workaround is the `osxfuse`_ project, possibly but not necessarily in combination with `macfusion`_:
Installation
If you're using an MPIB Mac with Managed Software Center, just install the macfusion package from there:
.. image:: ../img/macfusion_munki.png
:width: 80%
Otherwise
1. Download and install `osxfuse`_ and make sure to tick the "Compatibility Layer for MacFuse" option
2. Reboot your machine
3. Either use ``sshfs`` in the command line or download and install `macfusion`_:
Macfusion Configuration
1. add a new profile with the hostname ``tardis.mpib-berlin.mpg.de`` and your username
2. in the Tab **SSH Advanced** enable the option :samp:`Defer Permissions`
3. starting with macOS High Sierra you need to pass a valid mount point below your user home, for example ``/Users/<you_username>/Volumes/tardis`` - (**Careful**: for some reason Macfusion expects the parent directory to exist, but not the last level. So make sure to create ``/Users/<your_username>/Volumes`` if you chose to use this location.)
4. run ``ssh <you_username>@tardis.mpib-berlin.mpg.de`` in the terminal and approve the host key once, see above for fingerprints
5. mount the new profile by clicking on mount
6. open in finder either by looking for it or click the cogs icon and then *Reveal*
7. A general remark: this software is really buggy, try removing and re-adding the profile when there are unexplainable errors or let us know
(Log files are helpful to isolate the problem, they can be found under *cogs*-symbol -> Log)
Using sshfs directly
Alternatively, you can simply run sshfs in the command line to mount the remote side:
lip-osx-001106:~ krause$ mkdir -p /Users/krause/Volumes/tardis # run this only once
lip-osx-001106:~ krause$ sshfs krause@tardis.mpib-berlin.mpg.de: /Users/krause/Volumes/tardis/
warning: ssh nodelay workaround disabled
krause@tardis.mpib-berlin.mpg.de's password: *******
lip-osx-001106:~ krause$
The most common utility to transfer files on Windows is `WinSCP <https://winscp.net/eng/download.php>`_:
Mounting File Servers
---------------------
You can transfer files directly from the tardis to our file servers, without
taking the detour through your client. There are multiple ways to *mount* the
servers.
When you work on network folders on the tardis there is no such thing as trash.
When you accidentally remove a folder, it is **gone**. This also accounts for
mounted network folders! Please remember that restoring network file server
backups are extremely costly and take a lot of time. Also note that the Tardis
itself (i.e. your Home Directory) does **not** have a backup at all.
Udevil is a helper program to manually mount specific folders to your home
directory and it works like this:
Create a mount location (once):
.. code-block:: bash
Now mount a folder with this command (FB-LIP in this example):
krause@master:~> $ udevil mount -t cifs smb://$USER@mpib-berlin.mpg.de/FB-LIP NetworkFolders/
krause@master:~> $ udevil mount -t cifs smb://krause@mpib-berlin.mpg.de/fb-lip NetworkFolders/
Password:
Mounted //mpib-berlin.mpg.de/fb-lip at /home/mpib/krause/NetworkFolders
krause@master:~> $ ls NetworkFolders/ConMEM
BEH EEG MRI Neurodaten Project STUDIES
If you want to mount another folder either create a different target directory or **unmount** the old folder first:
.. code-block:: bash
krause@master:~> $ udevil umount NetworkFolders/
krause@master:~> $
You can check all your currently mounted folders with :program:`mount` and filtering by
your username with :program:`mount | grep $USER`.
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
SMBNetFs (deprecated)
^^^^^^^^^^^^^^^^^^^^^
*Although it might still work, this approach is not recommended anymore.*
When you login with your password the folder :file:`MPIB-SAMBA` should be
populated with all the detected file servers, like :file:`mpib06, mpib10 or
dfs1`. You can simply navigate to the desired folder and use :program:`cp, mv,
rm etc` on those folders:
.. code-block:: bash
krause@master:~> $ cd MPIB-SAMBA/dfs1
krause@master:~/MPIB-SAMBA/dfs1> $ ls
Bibliothek FB-ABC FB-ARC FB-GG FB-LIP Misc MPFG-Affekt
MPFG-Musik MPFG-REaD MPRG-NSC mrt PR User Verwaltung
ZentraleDienste
krause@master:~/MPIB-SAMBA/dfs1> $
After a while the automatic access granting ticket will expire and you might see an error like this:
.. code-block:: bash
krause@master:~> $ ls MPIB-SAMBA/mpib11
ls: cannot open directory MPIB-SAMBA/mpib11: Permission denied
In that case you can run the script :program:`remount-smbnetfs.sh` to manually
refresh your ticket and re-mount the network folders in :file:`MPIB-SAMBA/`. No
shell or program may access the folder at that time.
.. _osxfuse: https://osxfuse.github.io/