Updated: 2017-04-25 17:27 EDT

1 The Course Linux Server (CLS)Indexup to index

While these instructions are prepared to connect you with the Course Linux Server for this course, the instructions also apply when making a Remote Login connection to any machine. Simply substitute that other machine’s name or IP address in the instructions below.

For Winter 2017, the Course Linux Server (CLS) is a Linux virtual machine running inside VirtualBox on a four-processor Intel(R) Xeon(R) X3220 @2.40GHz that has 8GB of memory and 1TB of RAID-1 disk.

Both the Xeon machine and the virtual machine are running Ubuntu GNU/Linux version 12.04 LTS – Long Term Support – released April 2012 and updated through 2017.

2 Problem Reporting for the Course Linux ServerIndexup to index

Any issues you have regarding the Course Linux Server must be dealt with only through your Linux instructor. Neither Algonquin ITS nor the Help Desk know anything about this Linux machine. All issues, including password resetting, must be resolved directly with your Linux instructor.

If you are having problems, here’s how to Report Problems well.

3 Getting locked out of the serverIndexup to index

The Course Linux Server runs the Denyhosts intrusion protection package and will lock out any IP address that appears to be attacking the machine. Your login attempt will fail if you:

If you fail to log in too many times, your IP address will be locked out and nothing you can do will let you (or anyone else) log in from that IP address again (until you ask your instructor to reset it, as explained below).

You will know your IP address is locked out if the connection to the CLS fails and closes before even asking for your login or password. (It might say “Network error: Software caused connection abort”.)

If you see the COURSE LINUX SERVER banner or are asked for your login userid, your IP address is not locked out by Denyhosts.

If you IP address is really blocked, you won’t see anything and the connection will drop.

3.1 How to unblock your IP addressIndexup to index

If your IP address does get locked out by Denyhosts, you must send your actual public IP address to your instructor by EMail to get your IP address unblocked again. See below for how to find your public IP address. Your request may take a day or to to process.

3.2 How to work around a blocked IP addressIndexup to index

If your IP address is locked out, you can login again if you move your computer to a different IP address, e.g. go to a friend’s house, go to school, or go to a different coffee shop or library.

IP addresses are never locked out at school, so you can always connect and submit an assignment at school.

Assignment deadlines are not extended if you lock out your home IP address, since you can always move locations to get a different IP address.

3.3 How to find out your real IP addressIndexup to index

To find out your real public IP address, do not look at the IP address of your local machine since the local machine almost certainly is on a private home NAT local network with a Private RFC1918 address, such as 192.168.0.1. Use a web tool such as http://whatismyipaddress.com/ to tell you your public IP address.

Send the public IP address to your instructor and request an un-block.

Assignment deadlines are not extended if you lock out your home IP address, since you can always move locations to get a different IP address, e.g. you can always work at the College.

4 Access to the Course Linux ServerIndexup to index

All access to the Course Linux Server is through a network Remote Login. You will need your Algonquin 8-character userid (the same userid you use for Blackboard), a special password (not your Blackboard password), and the network address of the server.

Your 8-character login userid must be all lower-case letters; do not use any capital letters.

There are two network addresses for the CLS, accessible in one of three ways. You must use the correct address or else your connection may disconnect in the middle of a session:

4.1 CLS Public Address – Off Campus – cst8207.idallen.caIndexup to index

The Course Linux Server is located on a public IPv4 network address at cst8207.idallen.ca. This public address is visible anywhere on the Internet (e.g. from your home, library, or coffee shop), giving you full access to the machine without needing to use the Algonquin VPN.

Use this public address cst8207.idallen.ca while off-campus, e.g. at home.

The public address will also work temporarily while on campus, but your session may disconnect in the middle if you leave it idle. Do not use this public address while on-campus at Algonquin College. Use the private address given below instead.

If you have problems connecting (e.g. connection closed), try the Network Diagnostics.

4.2 CLS Private Address – On Campus – cst8207-alg.idallen.caIndexup to index

If you access the machine from on-campus at Algonquin College, you should instead use the Private RFC1918 address cst8207-alg.idallen.ca that only works on-campus at Algonquin College (or via the Algonquin VPN.

Due to network configuration problems at Algonquin (session time-outs and dropped connections), use only the private address cst8207-alg.idallen.ca when on campus.

Use this private address cst8207-alg.idallen.ca while on-campus at Algonquin College.

Your connection will time-out and fail if you try to use this private address while off-campus, e.g. at home. You cannot use the private address at home or anywhere off-campus; it doesn’t work.

If you have problems connecting (e.g. connection closed), try the Network Diagnostics.

4.2.1 CLS Private Address – Off Campus via VPNIndexup to index

Rarely the College network connecting to the Public Address from home is broken, but the internal College network is working. In these rare cases, you can often start up the Algonquin VPN software at home to connect to the College network, and then use the Private Address to connect through the VPN to the CLS. This is usually slower than connecting directly to the Public Address, but it may be the only method available.

Use the private address cst8207-alg.idallen.ca when you are using the Algonquin VPN.

5 Logging in to the Course Linux ServerIndexup to index

All access to the Course Linux Server is through a network Remote Login. You will need your Algonquin 8-character userid (the same userid you use for Blackboard) and a special password (not your Blackboard password), and the network address of the server.

You must log in to the Course Linux Server using the remote terminal prococol SSH and you can transfer files using programs such as SFTP or SCP that use variations of the SSH protocol.

The CLS does not use your Algonquin network password. Your instructor can tell you your special Course Linux Server password. If you need your password reset, see your Linux instructor; do not go to ITS. Change your password when you first log in by typing the command name passwd. (Hey! Remember your password!)

You log in to this machine differently, depending on whether you are running a Unix/Linix/OSX/BSD/Cygwin system or a Windows system.

Choose the section below that corresponds to the system from which you are making the Remote Login connection:

If you have problems connecting (e.g. connection closed), try the Network Diagnostics.

5.1 Log in via SSH from Unix/Linux, Mac OSX, and CygwinIndexup to index

For Windows users before Windows 10, scroll down to the Microsoft Windows PuTTY section.

Use this section if you are using a Unix/Linux command line:

To login to the Course Linux Server from the shell prompt at another Unix machine (including from Fedora, Ubuntu, SUSE, Knoppix, BSD, from a Macintosh OSX Terminal, from Windows Cygwin, or from the Windows 10 Linux subsystem), use an SSH command line similar to the one below.

5.1.1 SSH Via cst8207-alg.idallen.ca or cst8207.idallen.caIndexup to index

Use the model SSH command line below, with these notes:

  1. Type your usual eight-character Algonquin userid (the same userid you use for Blackboard). Do not use abcd0001! Replace the userid abcd0001, below, with your usual Algonquin userid. Your 8-character login userid must be all lower-case letters; do not use any capital letters.

  2. Choose the correct host name in your SSH command below:
    • On Campus address (school): cst8207-alg.idallen.ca
    • Off Campus address (home): cst8207.idallen.ca
  3. On your first connection, you will be asked to accept the server encryption key. Answer yes (use the full word) to accept the host key, if asked “Are you sure”.

  4. Make sure the login banner says COURSE LINUX SERVER when you connect! If this is not true, you are trying to log in to the wrong machine.

    If you use the correct host name and don’t see any banner but get an immediate disconnection, your IP address is probably locked out. See the section above on Getting locked out of the server.

  5. When it asks for your password, use your special Course Linux Server password. The Course Linux Server does not use your Algonquin network or Blackboard password. The password will not echo as asterisks on your screen as you type it; you will be typing your password “blind”.

    Your instructor can tell you your special Course Linux Server password. If you need your password reset, see your Linux instructor; do not go to ITS.

Your SSH command line will look similar to this (you must make the above changes first):

$ ssh abcd0001@cst8207-alg.idallen.ca
Are you sure you want to continue connecting (yes/no)? yes
*** COURSE LINUX SERVER ***
abcd0001@cst8207.idallen.ca's password: 
Welcome to Ubuntu 12.04.5 LTS (GNU/Linux 3.2.0-74-generic x86_64)
-bash-4.2$

When you have logged in successfully, you will see a your CLS BASH shell prompt (default bash-4.2$). You can type Linux commands at this prompt.

When you are done with your session on the CLS, type exit to log out of the shell and close SSH. Do not simply close the Terminal program; always exit the shell first to avoid leaving behind a “ghost” login on the CLS. (“Ghost” logins do eventually time out and go away.)

5.1.2 SSH session time-out or broken pipeIndexup to index

If your SSH session times out or gets broken pipe errors, here is a suggestion from Oliver Bett:

Add the following line to your /etc/ssh/ssh_config file and it should keep the connection active.

ServerAliveInterval 120

I’ve set my interval to 120 seconds and seems to do the trick.

5.1.3 SSH using alternate Port numbersIndexup to index

The default SSH Port number is port 22. If you need to use a non-default Port number when connecting (your instructor will tell you this), specify the port number on the SSH command line using the -p option:

    $ ssh -p 2222 abcd0001@some.example.com

Make sure the login banner says COURSE LINUX SERVER when you connect! If this is not true, you are trying to log in to the wrong machine.

5.2 Log in via SSH from Windows using PuTTYIndexup to index

If you use Microsoft Windows, you can download and use the free PuTTY terminal program for Microsoft Windows. (You can also us any other SSH-capable program you like instead of PuTTY, but you’re on your own.) You may have to do an Internet search for PuTTY download and download and run the executable first: putty.exe

After you start PuTTY but before you open your PuTTY connection, make the PuTTY configuration changes given below and save them. Failure to make these configuration changes may result in your PuTTY session being disconnected in the middle (“Network error: Software caused connection abort”) and your session becoming inactive.

5.2.1 PuTTY Configuration options for Windows usersIndexup to index

Before you connect using PuTTY the first time, you must set the following PuTTY Configuration options in the PuTTY Configuration dialog box. Read this whole section before you log in!

Failure to make the configuration changes below may result in your laptop keypad not working or your PuTTY session being disconnected in the middle (“Network error: Software caused connection abort”) and your session becoming inactive.

PuTTY Configuration Dialog Box

PuTTY Configuration Dialog Box

Category: Terminal:
    Features (Enabling and disabling advanced terminal features)
        Disable application keypad mode: ON
Category: Connection:
    Seconds between keepalives: 55
    Disable Nagle's algorithm: ON
    Enable TCP keepalives: ON
    Internet protocol version: IPv4

Category: Session:
    Host Name (or IP address):
        cst8207.idallen.ca           (when off-campus, e.g. home)
             *OR*
        cst8207-alg.idallen.ca       (when on campus at Algonquin)
    Connection type: SSH
    Port: 22
    Saved Sessions:                 (choose your own name; see below)

After making the above configuration settings, save your settings using any name you choose:

  1. Go to the PuTTY Configuration dialog box Session Category.
  2. In the Session Category, enter a session name in the Saved Sessions box. You might choose the name on campus CLS for the on-campus host name, and off campus CLS for the off-campus host name.
  3. Use the Save button to save the session using the given name.

Save one configuration session that uses the off-campus Public host name and another configuration session that uses the on-campus host name that uses the Private IP address.

If you are on-campus at Algonquin College, you must connect to the CLS using the Private address cst8207-alg.idallen.ca to avoid connection problems. The Private address only works on-campus at Algonquin College (or via the VPN).

Read the rest of this section to the end before you first Open a session. Your session will time out and become inactive if you don’t log in within a minute of clicking on Open.

Once you have saved both the on-campus and off-campus settings, choose the correct setting and use the Load button to load it, then use the Open button to start the session and connect to the CLS.

On your first connection, a PuTTY Security Alert dialog box will appear and you will be asked to accept the server’s host encryption key. Click on “yes”:

PuTTY Security Alert Dialog Box

PuTTY Security Alert Dialog Box

Next, you will be prompted with the line login as: to enter your login userid. Type your usual eight-character Algonquin userid (the same userid you use for Blackboard). Do not use abcd0001! Replace the userid abcd0001, below, with your usual Algonquin userid. Your 8-character login userid must be all lower-case letters; do not use any capital letters.

Make sure the login banner says COURSE LINUX SERVER when you connect! If this is not true, you are trying to log in to the wrong machine.

If you use the correct host name and don’t see any banner but get an immediate disconnection, your IP address is probably locked out. See the section above on Getting locked out of the server.

When it asks for your password, use your special Course Linux Server password. The Course Linux Server does not use your Algonquin network or Blackboard password. The password will not echo as asterisks on your screen as you type it; you will be typing your password “blind”.

Your instructor can tell you your special Course Linux Server password. If you need your password reset, see your Linux instructor; do not go to ITS.

Your PuTTY session will look similar to this (you must make the above changes):

login as: abcd0001
*** COURSE LINUX SERVER ***
abcd0001@cst8207.idallen.ca's password:
Welcome to Ubuntu 12.04.5 LTS (GNU/Linux 3.2.0-74-generic x86_64)
-bash-4.2$

When you have logged in successfully, you will see a bash-4.2$ shell prompt. You can type Linux commands at this prompt.

When you are done with your session on the CLS, type exit to log out of the shell and close PuTTY. Do not simply close PuTTY; always exit the shell first to avoid leaving behind a “ghost” login on the CLS. (“Ghost” logins do eventually time out and go away.)

Optional: If you have IPv6 connectivity at home, you can experiment using the IPv6 host name ipv6.cst8207.idallen.ca and Internet protocol version: IPv6 to connect to the Course Linux Server.

5.2.2 Changing and saving PuTTY Configuration optionsIndexup to index

Using the mouse on the little screen icon in the top-left corner of your PuTTY session, you can bring down a menu that lets you change your PuTTY options for the current session. You can then re-save the changed settings to be available for your future sessions.

If you do not re-save the changes options, they will be lost and you will get the old settings when you re-start PuTTY.

6 Choosing a Good CLS PasswordIndexup to index

Change your password when you first log in by typing the command name passwd. (Hey! Remember your password!)

The CLS is on the open Internet and is being attacked both domestically and from foreign countries every hour. The only thing that stops these attackers from gaining access to the machine is your password.

You should change your CLS password when you first connect to the machine. Your password must be easy for you to remember but hard for a computer to generate at random.

Read Guidelines for strong passwords.

Here is one suggestion for choosing a good password from XKCD that uses words instead of letters.

Dilbert Comic: Good Password http://dilbert.com/strip/2005-09-10/

Good Password Haiku and Blood

Good Password Haiku and Blood

7 File Transfer to/from the Course Linux ServerIndexup to index

The Course Linux Server supports only secure SCP/SFTP-style file transfers, based on the secure SSH protocol. The server does not have the old insecure FTP protocol installed.

The Class Notes file on File Transfer has the details for file transfer between Linux, Windows, Mac OSX, and Cygwin systems.

8 EMail on the CLSIndexup to index

Your CLS account can both send and receive electronic mail (EMail).

The CLS has various commands that send EMail to users on other machines, and commands that read EMail that has arrived. Usually the same command name can do both send and read, depending on the arguments used.

Most Unix/Linux systems come with a basic mail sending and reading program named mail that is either the old GNU mailutils program or the basic BSD mailx program. Both these simple programs have some common commands for sending and reading EMail, described below:

8.1 Reading EMail on the CLSIndexup to index

Email messages arriving for your account on the CLS are stored sequentially in one file that is named for your userid under directory /var/mail (sometimes under /var/spool/mail).

You can see the subject lines of any EMail you might have waiting by typing from at a shell prompt:

$ from
CST8207-13F Guest Account B     test
Ian Allen                       using the mail program
Richard Stallman                free software is good

If you don’t want to learn how to use a Linux mail reading program, you can simply use less on your mail file in the above directory, and then empty the file when you are done: cp /dev/null /var/mail/$USER

The simplest interactive EMail reader is the basic mail program:

  1. Run the mail command at the command line to start the interactive mail reading program.
    • The GNU mailutils program prompts with a ? and the BSD mailx program prompts with a &.
  2. To read a message, type the number of an EMail message (probably 1) followed by [Enter] to display that message.
  3. The message may be shown to you via a pagination program such as more or less. At the prompt, type h for a list of pagination commands (different from mail commands).
  4. If needed, type q to quit the pagination program and return to the ? or & mail program prompt.
  5. Type d to delete the current message.
  6. Repeat.
  7. Quit the mail program using q (not x, which won’t save your changes).
    • For BSD mailx, options in /etc/mail.rc determine whether messages get moved to mbox or kept in your mail spool folder. (The CLS currently keeps the email in your spool folder.)
    • For GNU mailutils, any undeleted read messages will be moved to the file mbox in your HOME directory. Unread messages will remain in the system spool mailbox location.

There is a huge manual for GNU mailutils and a smaller man page for BSD mailx. If you want to learn a text-mode Linux mail program, I recommend using mutt instead. (Ian! uses mutt as his regular mail client.)

8.2 Sending EMail from the CLSIndexup to index

Both the GNU and BSD mail commands can send off-machine EMail text messages using the basic syntax:

$ mail -s "This is the subject" user@example.com
$ who | mail -s "Here is the list of users" user@example.com

The mail program reads lines of message text from standard input (e.g. from your keyboard or from a pipe) until EOF, and then sends that text message to that user.

Do not send images or other binary data using standard input. Send only text. If you want to attach binary data, you need to encode the binary data as text first, or use a better EMail client that can do this for you (e.g. the mutt email program).

8.2.1 Failure to Send and mailqIndexup to index

Mail messages sent to users on other machines from the CLS can fail to be sent either because the SMTP port on the other mail server is down temporarily (perhaps because the mail server is down), or because the machine name used in the EMail address is not an SMTP mail server at all (user error), so the SMTP port will never be open.

To see the queued EMail messages on the CLS, run the command: mailq

The mailq command shows you the queue of all undelivered mail messages for all users on the machine. (RTFM for more details.)

An outgoing EMail to a server that does not run any EMail service will sit in the outgoing queue on the CLS for some period of time, usually five days, until it times out and gets bounced back to your CLS Linux mailbox under /var/mail/.

If you see EMail messages of yours queued to incorrect servers that you want deleted right away, you need to get super-user help. Only super-users (your instructors) can delete queued mail messages.

Provide the super-user with a list of your queue EMail IDs that you want deleted. The super-user will use the postsuper -d command and one or more queue IDs to delete specific queued outgoing EMail messages.

9 Automatic Backups on the CLSIndexup to index

I back up your HOME directory regularly on the CLS (currently every 30 minutes). If you delete or change a file, you can probably get back a previous copy. Read the file /idallen/backups/README.txt on the CLS.

10 Copies of the CST8207 Course NotesIndexup to index

When you are connected to a terminal session on the Course Linux Server, you can find a searchable copy of all the CST8207 Class Notes files for multiple terms under CLS Linux directory:

    ~idallen/public_html/teaching/

The Linux shells will expand a leading tilde character (“~”) in front of a user name ~idallen to be the home directory of the idallen account, which is currently /home/idallen, but could change, which is why ~idallen is better than /home/idallen, since ~idallen is always correct.

Under the above directory on the CLS, pick the sub-directory corresponding to the course, and under that course directory pick the current term. The class notes are stored in a notes sub-directory under the term.

You can search the text files under the notes directories using shell GLOB patterns with grep or fgrep to find things quickly. It helps to have short symbolic links to the notes directories created in your own account HOME directory, so that you don’t have to type the long absolute pathname every time. You can use the link command ln -s to make these symbolic links:

$ cd
$ rm -f oldnotes newnotes
$ ln  -s  ~idallen/public_html/teaching/cst8207/16f/notes  oldnotes
$ ln  -s  ~idallen/public_html/teaching/cst8207/17w/notes  newnotes

The symbolic links you create, above, in your own home directory make it easier (shorter) to search the various notes directories without having to type the long pathname every time. Make sure you use the correct year and term in the symbolic links pathnames.

Now you can use these symbolic links in your HOME directory as short pathnames into the respective notes directories. Use shell GLOB patterns to select the text files in the notes, via the symlink:

$ ls oldnotes/*.txt | wc -l
86                                 # number may differ for each school term

$ ls oldnotes/*.txt | head -n 2
oldnotes/000_README.txt            # files may differ for each school term
oldnotes/000_centos_install.txt

Use the same GLOB patterns to search the notes using fgrep with various useful options such as -i and -l (RTFM):

$ fgrep  -i -l  "recursive"  oldnotes/*.txt newnotes/*.txt
[... list of file names (no content) print here ...]

$ fgrep  -i     "recursive"  newnotes/*.txt
[... lines of file content print here ...]

The options used above (RTFM) change the way the text searches are done and what output you see. Use the correct options for the results you want.

Author: 
| Ian! D. Allen, BA, MMath  -  idallen@idallen.ca  -  Ottawa, Ontario, Canada
| Home Page: http://idallen.com/   Contact Improv: http://contactimprov.ca/
| College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/
| Defend digital freedom:  http://eff.org/  and have fun:  http://fools.ca/

Plain Text - plain text version of this page in Pandoc Markdown format

Campaign for non-browser-specific HTML   Valid XHTML 1.0 Transitional   Valid CSS!   Creative Commons by nc sa 3.0   Hacker Ideals Emblem   Author Ian! D. Allen