response to Hera ticket #376
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -402,8 +402,271 @@ How do I find out what my project quota is? | |
|
|
||
| Refer to the allocation pages. | ||
|
|
||
| .. _create-port-tunnel: | ||
|
|
||
| How do I set up an ssh port tunnel? | ||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
|
|
||
| You can only establish an ssh tunnel from your initial bastion session. If you | ||
| try to establish a tunnel and see the messages like this: | ||
|
|
||
|
|
||
| .. code-block:: shell | ||
|
|
||
| ------------------- | ||
| bind [127.0.0.1]:57037: Address already in use | ||
| channel_setup_fwd_listener_tcpip: cannot listen to port: 57037 | ||
| Could not request local forwarding. | ||
| ------------------- | ||
|
|
||
| You will know that you already have an open session, and cannot | ||
| open a tunnel on this bastion. | ||
|
|
||
| To establish a new tunnel, do one of the following: | ||
|
|
||
| * Close any existing sessions on this bastion, **or**, | ||
| * Open a new session using a bastion where you have no existing sessions. | ||
|
|
||
| In the steps below, replace First.Last with your own HPC username, and | ||
| XXXXX with the unique Local Port Number assigned to you when you log | ||
| in to your specified HPC system (Hera/Jet). Use the word "localhost" | ||
| where indicated. It is not a variable, don't substitute anything else. | ||
| Before you perform the first step, close all current sessions on the | ||
| HPC where system you are trying to connect. Once the first session has | ||
elisabethpatterson marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| been opened with port forwarding, any further connections (login via | ||
| ssh, copy via scp) will work as expected. You are running these | ||
|
There was a problem hiding this comment. I'd recommend putting |
||
| commands on your local machine, not within the HPC system terminal. | ||
|
|
||
| As long as this ssh window remains open, you will be able to use this | ||
| forwarded port for data transfers. After the first session has been | ||
elisabethpatterson marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| opened with the port forwarding, any further connections (login via | ||
| ssh, copy via scp) will work as expected. | ||
|
|
||
|
|
||
|
|
||
| **1. Find your local port number** | ||
|
|
||
| To find your unique local port number, log onto your specified HPC | ||
| system (Hera/Jet). Make a note of this number - once you've recorded | ||
|
There was a problem hiding this comment. Again, this is the primary site FAQ -- I don't think we should explicitly be referencing only Hera/Jet. |
||
| it, close all sessions. Note that this number, which is a fixed | ||
| value for you, will be different on Jet and Hera. | ||
elisabethpatterson marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| .. image:: /images/linux_xfer1.png | ||
| :scale: 75% | ||
|
|
||
| .. note:: | ||
| Open two terminal windows for this process | ||
|
|
||
| **Local Client Window #1** | ||
|
|
||
| Enter the appropriate command for your environment. Remember to replace XXXXX | ||
| with the local port number identified in Step 1 or as needed. | ||
|
|
||
| For Windows Power Shell, enter: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| ssh -m [email protected] -L1234e:localhost:12345 [email protected] | ||
|
There was a problem hiding this comment. Should we be putting an explicit hera reference here? Or can we follow similar logic to the https://docs.rdhpcs.noaa.gov/connecting/index.html page (and possibly link to the https://docs.rdhpcs.noaa.gov/connecting/index.html#bastion-hostnames table?) |
||
|
|
||
|
|
||
| For Mac or Linux, enter: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| ssh -L12345:localhost:12345 [email protected] | ||
|
There was a problem hiding this comment. Again, explicit hera reference. |
||
|
|
||
| If you will be running X11 applications with x2go or normal terminals, | ||
| remember to add the -X parameter as follows: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| ssh -X -L12345:localhost:12345 [email protected] | ||
|
|
||
|
|
||
| Note that objects emphasized in this figure should be unique to your | ||
| configuration: | ||
|
|
||
| .. image:: /images/linux_xfer2.png | ||
|
There was a problem hiding this comment. This image has a "real" user name (Nikki.Ivie) -- should probably be First.Last (and maybe just do a code snippet rather than an image?) |
||
| :scale: 75% | ||
|
|
||
| Verify that the tunnel is working by doing the following in another local | ||
| window from your local machine: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| ssh -p <port> First.Last@localhost | ||
|
|
||
|
|
||
| Note that <port> is your local port number used above, First.Last is | ||
| your user ID on the RDHPCS systems and localhost is typed as-is. | ||
|
|
||
| You should be prompted for your password; enter your PIN + RSA token | ||
| and you should be able to login. Once you are able to log in, you can | ||
| log out of that session as that was only for testing the tunnel. | ||
|
|
||
| **2. Use SCP to Complete the Transfer** | ||
|
|
||
| **Local Client Window #2** | ||
|
|
||
| Once the session is open, you can use this forwarded port | ||
| for data transfers, as long as this ssh window is kept open. After the | ||
|
There was a problem hiding this comment. That 2nd sentence is also a repeat from earlier. Do we need it again here? |
||
| first session has been opened with the port forwarding, any | ||
| further connections (login via ssh, copy via scp) will work as | ||
| expected. | ||
|
|
||
|
|
||
| Remember that this is the second terminal session opened on your local | ||
| machine. Once a tunnel has been set up as in Step 1, you | ||
| can use a client such as WinSCP to do the tranfers using that tunnel. | ||
| Please keep in mind that tunnel will exist only as long as the session opened | ||
| in Step 1 is kept alive. | ||
|
|
||
|
|
||
| .. code-block:: shell | ||
|
|
||
| Hostname: localhost | ||
| Port: your-assigned-port-used-in-Step1-above | ||
| File protocol: SFTP | ||
|
|
||
|
|
||
|
|
||
|
|
||
| To transfer a file **to** HPC Systems | ||
|
|
||
|
|
||
| For Windows Power Shell, enter: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| scp -P XXXXX /local/path/to/file First.Last@localhost:/path/to/file/on/HPCSystems | ||
|
|
||
| For Mac or Linux, enter: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| rsync <put rsync options here> -e 'ssh -l First.Last -p XXXXX' /local/path/to/files First.Last@localhost:/path/to/files/on/HPCSystems | ||
|
|
||
| .. note:: | ||
|
|
||
| Your username is case sensitive when used in the scp command. Username should be in the form of First.Last. | ||
|
|
||
| To transfer a file **from** HPC Systems: | ||
|
|
||
| For Windows Power Shell, enter: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| scp -P XXXXX First.Last@localhost:/path/to/file/on/HPCSystems /local/path/to/file | ||
|
|
||
| For Mac or Linux, enter: | ||
|
|
||
| .. code-block:: shell | ||
|
|
||
| rsync <put rsync options here> -e 'ssh -l First.Last -p XXXXX' First.Last@localhost:/path/to/files/on/HPCSystems /local/path/to/files | ||
|
|
||
|
|
||
| In either case, you will be asked for a password. Enter the password | ||
| from your RSA token (not your passphrase). Your response should be | ||
| your PIN+Token code. | ||
|
|
||
|
|
||
|
|
||
| SSH Port Tunnel For PuTTy Windows Systems | ||
| ----------------------------------------- | ||
|
|
||
| PuTTY is an SSH client, used to configure and initiate connection. | ||
| Navigate to a separate tab to install `PuTTY | ||
| <http://www.putty.org/>`_. If you cannot install software on your | ||
| machine, contact your local systems administrator. | ||
|
|
||
| **Configuration** | ||
|
|
||
| Enter host information to configure an SSH Terminal Session. The | ||
| example below defines a session to Jet via the Boulder Bastion: | ||
|
There was a problem hiding this comment. The image doesn't actually show a Jet connection -- it has a blank host name. |
||
|
|
||
| .. image:: /images/putty1.png | ||
| :scale: 75% | ||
|
|
||
| 1. Enter Username | ||
| In the left pane under Connection, select "Data" and enter your NOAA | ||
| user name as it appears in your NOAA email address. (Ex: Robin.Lee | ||
| if your NOAA email is [email protected]). User name is case | ||
| sensitive - First.Last. If you do not create a username, you will have | ||
| to enter your user name each time your open a session. | ||
|
|
||
| .. image:: /images/putty2.png | ||
| :scale: 75% | ||
|
|
||
| Complete the configuration: | ||
|
|
||
| * Select "Session" from the top of the left pane. | ||
| * Select "Save" (between Load and Delete). | ||
|
|
||
| **Open a First System Session** | ||
|
|
||
| Open the session to make sure it's working, and to record your Local | ||
| Port number to complete the Port Tunneling setup. | ||
|
|
||
| * Select the configured session from the "Saved Sessions" list. Select | ||
| Load, then Open. | ||
| * Enter your unique RSA Passcode. | ||
|
|
||
| The RSA passcode is your RSA token PIN followed by 8 digits displayed | ||
| on your RSA token. The digits must be on display when you press enter, | ||
| or access will be denied. When you open a new SSH session, wait for | ||
| the RSA token code to refresh before you enter it. | ||
|
|
||
| * Find and record your Local Host number. | ||
|
|
||
| .. image:: /images/linux_xfer1.png | ||
|
There was a problem hiding this comment. This is duplicated from above. Can we restructure this so we don't have repeated info? |
||
| :scale: 75% | ||
|
|
||
| * Click **Exit**, or close the Putty window to end the session. | ||
|
|
||
| **Port Tunnel Setup** | ||
|
|
||
| To enable data transfers, you will need to set up a Port Tunnel. | ||
|
|
||
| * Open Putty. | ||
| * Select the session from the Saved Sessions list, then Load. | ||
| * In the left pane under Connection>SSH select Tunnels. | ||
| * Check Local ports accept connections from other hosts. | ||
| * In the Source Port field, enter your Local Port number | ||
| * In the Destination Port field, enter "localhost:<local port | ||
| number>", where your local port number matches what was entered in | ||
| the Source port. | ||
| * Select Local and Auto Radio Buttons. | ||
| * Click the Add Button. | ||
|
|
||
| .. image:: /images/putty3.png | ||
|
|
||
| To save the configuration change: | ||
|
|
||
| * In the left pane, select Session. | ||
| * Select Save. | ||
|
|
||
| Select **Open** to Login and verify that the updated session works correctly. | ||
|
|
||
| Create a new Port Tunnel for each SSH system you intend to use. Each | ||
| one will have a unique Local Port number. | ||
|
|
||
| To add extra saved sessions (ex: for another Bastion) for the same | ||
| system (you already have the Local Port number): | ||
|
|
||
| * Load your current saved session | ||
| * Enter the new host name for the other Bastion | ||
| * Give the new session a new name (ex: Jet - Princeton) | ||
| * Select Save. The new session will appear in the list of saved sessions. | ||
| * Select Open to Login and verify the new session works correctly. | ||
|
|
||
|
|
||
| SSH Port Tunnel For Tectia Windows Systems | ||
| ------------------------------------------ | ||
|
|
||
| See the :ref:`tectia` pages for complete information. | ||
|
|
||
|
|
||
| How do I transfer small files to/from an RDHPCS system? | ||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
|
|
||
| The Port Tunnelling approach is useful for transferring small amount | ||
| data to/from RDHPCS systems from your local machine. | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we only be listing Hera & Jet when this is part of the main site FAQ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was one of the concerns but leaving it too generic also can be problematic. I am ok with leaving it out. Alternatively we can do something like:
"... specified HPC system (Hera/Jet/etc)?