Connecting to TU Delft Linux computers

Linux machines can be accessed remotely using an SSH client. You can login using your NetID account. The TU Delft campus is placed behind a firewall, so you have to connect via the TU Delft bastion server linux-bastion.tudelft.nl (student-linux.tudelft.nl for students).

1. SSH

Linux machines can be accessed remotely using an SSH client, which provides a text-based command-line interface to execute commands. See the SSH client page for more information about SSH clients and how to configure and use them. For example:

[netid@srv227 ~]$ ssh insy-login
Last login: Thu Jan 1 00:00:00 1970 from srv227.tudelft.net
[netid@insy-login ~]$

Note: When you start a session to an ssh server that you've never connected to before, you will be asked to confirm the server identity. This identity will be used in future sessions to detect (evil) server changes. If the SSH client detects a change, do not connect, unless you are aware of a legitimate change in the system.

2. Firewall

A firewall blocks access from the outside directly to computers on the TU Delft campus. To access computers on campus, or your files, you'll have to connect to the Linux bastion server linux-bastion.tudelft.nl (students: student-linux.tudelft.nl) using an SSH or SCP/SFTP client. From the Linux bastion server, you can connect to computers on the inside (again using SSH).

Another firewall blocks access from personal computers on campus to servers. To log in on servers, you'll also have to connect through the Linux bastion server.

3. Single Sign-On

By default you have to enter your password every time you connect to a computer. Especially when having to connect through the Linux bastion, it can be convenient to only have to type your password once. This is possible with a combination of SSH session multiplexing and Kerberos authentication. See the SSH clients page for information on how to enable these.
(Note: SSH public key logins won't work (reliably) because Kerberos authentication is required to access your home directory.)

4. Kerberos Authentication

Kerberos is an authentication protocol which uses tickets to authenticate users (and computers). You automatically get a ticket when you log in with your password on the Linux bastion server. You can use this ticket to authenticate yourself without password when connecting to other computers or accessing your files.

5. INSY cluster

The INSY department has a computer cluster with a lot of processing power and memory for running large or long jobs. You can login to the servers using your NetID account.

Below is an example session connecting to linux-bastion.tudelft.nl and from there to the INSY cluster, and starting an interactive session.

netid@linux-bastion.tudelft.nl's password:
Last login: Thu Jan 1 00:00:00 1970 from somemachine.somewhere
[netid@srv227 ~]$ ssh insy-login
Last login: Thu Jan 1 00:00:00 1970 from srv227.tudelft.net

#########################################################################
#                                                                       #
#                         Welcome to INSY-login,                        #
#          login server of the Intelligent Systems department.          #
#                                                                       #
#                   Unauthorized access is prohibited.                  #
#                                                                       #
#########################################################################

 For information about using the INSY cluster, see:
 http://insy.ewi.tudelft.nl/content/insy-cluster
 In short: start jobs using sbatch.

 The bulk and group shares are available under /tudelft.net/,
 your windows home share is available under /winhome/$USER/.

 00:00:00 up 12 days,  0:00,  1 users,  load average: 0.54, 0.21, 0.11
[netid@insy-login ~]$ sinteractive
 00:00:00 up 32 days,  0:00,  0 users,  load average: 12.28, 11.73, 11.20 
[netid@maxwell ~]$ hostname
maxwell
[netid@maxwell ~]$ logout
[netid@insy-login ~]$ logout
[netid@srv227 ~]$ logout