The typical way to interact with a PC or Laptop is to sit in front of it, “at the console”. Remote access and remote desktop are available for Windows and Mac systems but are generally seen as add-on features for occasional use and may be disabled on “home” versions of the systems. Linux is designed for remote access and has many features to make it accessible and usable over the network, and it happily supports multiple users being logged in to work on the same machine at once. This guide outlines some ways to go about it. Most of the approaches outlined here use the secure shell (SSH) encryption system to allow you to do this securely even when connecting via the public internet.
This page assumes you are running a physical Bio-Linux machine attached to the network, with an assigned IP address or name, but you can also access Bio-Linux running on Virtualbox in the same way, so long as you have set the networking up to allow you to connect to port 22.
The ability to log in remotely gives a potential attack point for hackers, so Bio-Linux is configured to try and mitigate automated attacks. By default, only administrative users can log in remotely, so to allow remote access for, say, the user1 account you can either make that user an administrator or do:
sudo usermod -aG ssh user1
This adds the user to the ssh group so they can log in over the network. This applies to ssh, sftp and x2go access.
For all users who have the potential for remote access, you must choose a very secure password. Another option is to disable password-based login and use key-based authentication, or to restrict ssh access by reconfiguring the firewall settings, but that is beyond the scope of this document.
Due to the security concerns, a lot of sites will block external access at the firewall. You will need to ask your local IT about remote access policies.
Logging in via SSH from another machine
SSH “Secure SHell” gives you secure access to the command line on one computer from another. SSH can be run directly from the command line of other Linux/Unix machines, or is supported by programs such as PuTTY on Windows. In the command line version you type:
Where “hostname” is the network name or IP address of the Linux machine and “username” is your login name on that machine. You will be prompted for your password, then you should see a shell prompt just as if you had opened a terminal on the Linux console directly.
After logging in with SSH, it is possible to launch graphical programs just by typing the program name, eg “artemis”. To make this work, if logging in from Linux, you will need to make sure that ‘X11 forwarding’ is turned on in SSH by giving -X as a parameter. It is normally also advisable to turn on network compression – For example:
ssh -CX username@hostname
If you are logging in from Windows or MacOS 9 you will also need to run some X emulation software such as Exceed, Exodus or Cygwin. Without an X emulator running, you can log into the terminal but graphical Linux programs cannot be started. You also need to enable X11 forwarding (and maybe compression) in your SSH client, by selecting the relevant configuration options. But you can avoid all this complexity by using x2go…
Running a fast full desktop session via x2go
x2go is a system designed to enable full-speed remote desktop sessions over a slow network link. For regular work like running Artemis, Tablet, OpenOffice, Evolution, etc. it can be almost as fast as working on the local machine even when used over a home broadband connection.
The high speed is achieved by compression and caching technology, and all network communication is tunnelled through an SSH session so it is very secure. You can get a free client for Windows, Linux or Mac.
If you have problems connecting with x2go, ensure that you can connect via regular SSH, as it is easier to diagnose connection issues this way. If this works, you should be able to use x2go client with the default settings, just supplying the host and user names. Note that x2go does not work with the regular Ubuntu “Unity” desktop so you will see the alternative “MATE” desktop.
Copying files to and from Bio-Linux
SSH also has a file transfer mode called “SCP”. Although this is part of SSH it is accessed via its own “scp” command. If you are used to regular “cp” in the terminal it is very similar.
scp file.dat username@hostname:folder
Where “username”, “hostname” are the same as for SSH and “folder” is the folder in the users home dir where you want the file to be copied.
If you are using Windows, the WinSCP client will easily let you access all the files on your Linux machine. If you are not a command-line junkie, the “Connect to server” option in the Linux file browser will give you a graphical view of the remote files in much the same way.
Multiple users at the console
Only one person can be working at the console at a time, obviously, but it is possible to start a session as a new user without logging out – select Switch From… from the menu in the right hand corner of the top taskbar. The existing session will be locked but is still running and you can switch back to it.
Remote access to a VirtualBox VM
Let’s suppose that you are running Bio-Linux in VirtualBox on your Mac (or Windows PC). By default you can only access the Linux system by interacting with the VirtualBox virtual console (the desktop you see when you start up the VM). However, you might also want to talk to the VM via SSH or SFTP from MacOS. To do this, go to the VM settings in VirtualBox and under Network click Advanced then Port Forwarding.
Warning: These settings are marked advanced for a reason. The default system manager account has the password set to “manager” because it is assumed the VM will not be accessible over a network and therefore does not need to be secured. If you use port forwarding to connect the SSH server on the VM to the internet then pretty soon someone will break in and cause havoc on your machine. Therefore, before playing with port forwarding, change the manager password to something robust. Even if you think you are only forwarding local connections this is a sensible precaution!
In the port forwarding window you’ll see 6 boxes. For an SSH/SFTP connection fill them in as follows:
Name: ssh -- Just a label for the rule so could be anything Protocol: TCP Host IP: 127.0.0.1 -- If you leave this box blank it will work will be available over the external network. See warning above. Host Port: 8022 -- Could be any number but adding 8000 is useful convention Guest IP: <blank> -- As in, leave this box completely empty! Guest Port: 22 -- Port 22 is the default port for SSH
You should now find that you can connect to your VM with SSH. For example, on a Mac you can run this in a terminal:
ssh firstname.lastname@example.org -p 8022
If for some reason you chose a different Host Port, change the -p setting accordingly. You can forward other ports like port 80 which is the web server or port 8080 which is the Galaxy server. You could then access these servers from a web browser running on your local desktop as opposed to the VirtualBox desktop. Note that the only IP address I’ve suggested you type into the port forwarding settings is the localhost/loopback address which is always 127.0.0.1. There are circumstances where you might need to type in an actual IP address but for basic usage you shouldn’t need to.
If this all sounds complicated, that’s because it is! TCP/IP networking is a fiddly business. If you have doubts about what you are doing please ask for advice on the Bio-Linux mailing list.
Related issue – Running a remote Windows desktop on Linux
This is not strictly to do with “accessing Linux” but is included here as it essentially allows you to do x2go in reverse – displaying the desktop of a Windows machine within your Linux console session. You will need to have an account on a Windows XP/Vista/7/8 Pro system and the administrator must enable remote desktop access on that machine. You also need to know the network hostname of the Windows machine.
On Bio-Linux, install the ‘rdesktop’ package:
sudo apt-get install rdesktop
rdesktop -a16 -f hostname
Where hostname is the name of your Windows machine. Type “rdesktop” with no arguments to see a summary of more options.