Remote Access
Connecting to PCE via the Campus VPN
For remote access to most CADE/PCE IT services or systems, you need to use the Campus VPN (Virtual Private Network) with a valid uNID.
NOTE: If you are not associated with the John and Marcia Price College of Engineering, this is NOT FOR YOU.
1. Verify you know your CIS credentials and have Two-Factor Authentication (Duo) setup and that your Duo device is available. You will also need the Duo App on your smartphone or mobile device as campus requires 2 Factor Authentication(2FA) for VPN service.
* * * STUDENTS * * *
Before reading further, go ahead and opt IN to ‘Duo Security’, the U’s two-factor authentication (2FA) service. Log in to CIS and select the Duo 2FA Management tile to turn it on, or try here:
2. Download the VPN client, GlobalProtect and connect to vpn.utah.edu. See full details and info here: it.utah.edu/vpn
3. Enter your uNID and CIS password in the ‘password’ field.
For the ‘second password’, enter ‘push’ and you’ll receive the Duo prompt for approval (similar to the ‘Send Me A Push’ used in web apps). Alternatively, open the Duo App on your device and generate the ‘second password’ by clicking on the UofU banner/down-arrow- enter the 6-digit #.
Further information and instructions for support can be found at https://uofu.service-now.com/UIT/VPN KnowledgeBase Article and the https://uofu.service-now.com/UIT/DUO 2FA KnowledgeBase Article
Which username/password should I use for [insert service name]?
We have {finally} evolved to where each user has ONE username and ONE password for all PCE/CADE machines and services. We may refer to your CADE or PCE username and password. This is separate from your CIS/uNID and it’s password, but we may ask you to use those for authentication, such as when creating your account or changing your password.
Accounts created prior to ~May of 2017, CADE/PCE username is some combination of letters from your names (First, Middle(s), & Last) and generated by an algorithm. For all newer accounts, the username is your uNID (formatted as a lower-case ‘u’ and 7 digits). Once created, we don’t change them except in rare circumstances.
Your CADE/PCE account is used for:
• logging in to any Linux, macOS, or Windows computer on our Domain (USERS\ or users.coe.utah.edu), including lab machines, Terminal Servers, VDI hosts, or other Virtual Machines.
• connecting/mounting a Network File Share with CIFS/SMB.
• WebPrint and any PaperCut printing services.
• mounting a Network File Share with NFS.
Note: Your CADE/PCE username and passwords are 100% separate and in addition to your CIS or other campus logins and accounts. Some departments may have labs or computers that require specific logins.
Computational Server
CADE no longer provides Computational Servers.
If you need to run long computational jobs or higher-powered computing resources, we suggest getting an account with CHPC.
Which machines can I access remotely?
You can access any of the machines within the CADE Lab (Linux) with ssh and NoMachine. For ssh, from a terminal window, use ‘ssh -Y username@machine.eng.utah.edu’, where username is your CADE login. The naming convention for machine is:
CADE
CADE Lab HTML5 Desktop
lab1-X (where X is any number from 1-40)
lab2-Y (where Y is any number from 1-35)
If you are using a Windows system to access these machines remotely, please use Window PowerShell, putty or see our FAQ’s on CADE Lab Remote Access.
Windows Machines:
You can not access the Engman Lab machines directly, but you may access our VMware VDI pools for a lab-machine setup.
Please see the Windows FAQ’s for more information on how to connect to the Windows system.
How can I get wireless access in the labs?
Wireless access is now controlled campus-wide by NetCom, a division of UIT. You can log onto their networks by following the instructions on their website, https://www.it.utah.edu/.
How do I log into a CADE machine if I get a warning message saying ‘Host Key Verification Failed’?
Likely, the message you recieved looks like this:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is(…).
Please contact your system administrator.
Add correct host key in /home/username/.ssh/known_hosts to get rid of this message.
Offending key in /home/username/.ssh/known_hosts:xx
RSA host key for lab-machine has changed and you have requested strict checking.
Host key verification failed.
You can completely delete the existing ‘known_hosts‘ file in your .ssh directory to avoid this message and log in, or as the message states, remove the offending line. The ‘known_hosts’ file will be repopulated, and a machine entry will be added each time you log in to a different machine.
rm ~/.ssh/known_hosts
You can add the correct host key containing entries of all the CADE lab machines from a file on our website, available here.
How do I run GUI/X applications remotely with ssh?
If you are having problems running X applications (or GUI driven, java, etc.) remotely then most likely you need to use the -Y option instead of the -X/-x (i.e. ssh -Yl lab2-4.eng.utah.edu)
This is caused by a new change in any Openssh version newer than 3.7.1
For more information, including other options for running graphical applications consult the SSH or Remote Access FAQ pages.
How do I use ssh for remote access?
If you use Mac OS X or some flavor of Linux, you already have the means to ssh in. Please see the SSH FAQ listings.
To ssh to the Linux machines with Windows (7, Vista or XP) we recommend installing an ssh client such as putty, a free download. This will only provide command line access. You can also try Cygwin which is available free online. CygwinX provides an xserver, allowing you to open X windows (GUIs, java, etc.), but see the next paragraph for the best option.
The recommended way to connect to our Linux machines is NoMachine. This provides a full GUI login, as though you were logging in to the machine in the lab.
See also which machines you can connect to here.
What is SSH?
Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface and protocol for securely getting access to a remote computer. It is widely used by network administrators to control desktop machines and other kinds of servers remotely.
SSH is actually a suite of three utilities – slogin, ssh, and scp – that are secure versions of the earlier UNIX utilities, rlogin, rsh, and rcp. SSH commands are encrypted and secure in several ways. Both ends of the client/server connection are authenticated using a digital certificate, and passwords are protected by being encrypted. SSH uses RSA public key cryptography for both connection and authentication. Encryption algorithms include Blowfish, DES, and RSA.
If you have Mac OS X or use Linux then you already have the tools you need to remotely log in. Please see the FAQ on “Which CADE machines can I log into” for information on the correct syntax.
For those of you who use Windows and want to be able to use SSH to remotely log in you will need to install and xserver client. We recommend using Windows PowerShell or PuTTY. There are clients available for Windows like Cygwin, SecureFX, XMing and SSH for Windows.
How do I get a GUI or desktop environment remotely for the Linux machines?
As of January 2020, the CADE Linux desktops are accessible via the web here: https://nx.eng.utah.edu, without the need to install any additional software.
If you prefer to connect using the traditional method, you’ll need to install the NoMachine client on your local machine. Clients are available for Windows, OS X/macOS, and Linux.
The configuration for remotely connecting to CADE using the NoMachine client can be found here.
What remote machine or what’s the full name to connect to? See this page.
CADE Lab Remote Access
All lab1 and lab2 machines are running NX Server. To connect, simply log in at nx.eng.utah.edu using your CADE credentials. You may also install the NoMachine client on your local machine. The downloads are available from the NoMachine website. Clients are available for Windows, OS X/macOS, Linux.
NoMachine Web Interface (Recommended)>: https://nx.eng.utah.edu
NoMachine Client
1. Configure the remote connection by clicking the New button at the top of the page.
2. Change the protocol to SSH and click Continue.
3. Enter the hostname of the machine and click Continue. Lab1 has 40 machine, Lab2 has 35. Make sure the port is set to 22.
4. Accept the default setting of Password, and click Continue.
5. Accept the default setting of Don’t use a proxy and click Continue.
6. Accept the default connection name and click Done.
7. When back on the main screen, click the new connection and then click Connect.
5. Enter your CADE credentials and click OK.
More, in-depth, instructions can be found in the NoMachine Support page.
What remote machine or what’s the full name to connect to? See this page.
How do I connect with sftp?
We recommend that you use any sftp client, for security reasons. For client options, see this FTP FAQ.
How can I mount a network shared drive to my computer?
If you are off campus, on uConnect wifi or any network outside of PCE you must first establish a connection to the Campus VPN.
On campus or from the VPN, you can mount a network share/network drive by following the instructions below for your Operating System (OS).
Note: In the descriptions below, replace ‘sharename’ with the share you wish to connect to. To connect to your home directory, you can replace ‘earth.coe.utah.edu’ with ‘chips.eng.utah.edu’ and ‘sharename’ with ‘home/username’ (or home\username, on Windows).
For Windows users- open a Windows Explorer window and choose the menu ‘Tools’ :: ‘Map Network Drive.’ In the window that opens, choose a drive letter not in use, and for folder, enter the server and share name as follows: \\earth.coe.utah.edu\sharename or \\chips.eng.utah.edu\sharename (remember, where ‘sharename’ = ‘share-you-want-to-mount’). Click the ‘Reconnect at logon’ if that’s your preference, but you must check the ‘Connect using different credentials’ box. Click ‘Finish’ and enter your PCE username and password.
For macOS users- in the Finder, select the menu ‘Go’ :: ‘Connect to Server…’ (or cmd-K). For the Server Address, enter smb://earth.coe.utah.edu/sharename or smb://chips.eng.utah.edu/sharename and click the ‘Connect’ button. In the user window that appears, ensure ‘Registered User’ is selected and in the Name field enter your PCE username and password and click ‘Connect’.
How do I log in to the Mac’s from home?
We currently don’t allow remote access to the MGK Mac Lab (WEB L124, lab8) machines.
This has been temporarily disallowed due to security concerns.
See the FAQ on that, if ssh works for you.
If you would like to remotely access a Mac using Screen Sharing or VNC, we are now allowing that on a per-request basis. Simply e-mail support@coe.utah.edu and supply the following details:
-Your Name
-uNID
-Software you’re interested in using on the lab machine
-Course number or Prof/PI/Lab contact for research, etc.
-Time period you intend to use or need access
How do I add the list of CADE Lab machines to my list of ‘known_hosts’?
Download the known_hosts file from the ssh directory and place it in the appropriate directory or add the necessary lines to your existing file. Some software may require the list to be in a specific format or that the file be renamed.
www.cade.utah.edu/downloads
Can I run MATLAB Mobile on my iOS or Android device?
Indeed – simply download and install the appropriate mobile device application and then execute the commands in the Matlab application (R2012a+), from a lab machine, or any machine with a licensed copy of Matlab.
You will need MATLAB Connector (available from MathWorks, http://www.mathworks.com/mobile/) on your machine/device. Upon running the install_connector command, you’ll be prompted to accept the license agreement, and then receive an error message you can safely ignore:
Error using install_connector>doinstall (line 100)
Error: You do not have write permission to the MATLAB Installation folder
(/usr/local/apps/matlab/matlab14b).
The MATLAB Connector Installer cannot proceed.
Error in install_connector (line 54)
doinstall
Run the ‘connector on’ command and continue as normal.
See Matlab’s site for full instructions and more information, including a link to download the mobile app.
What if I am locked out of my account?
Perhaps you have entered your password incorrectly too many times logging in to one of our Windows machines or Active Directory controlled services (Lab, mounting network shares, etc.) or are getting the following error:
“The referenced account is currently locked out and may not be logged on to.”
We can unlock your account but it’s only secure if you come ask us in person. It’s difficult to verify identity through e-mail, phone, etc. You may, however, remove the lock by resetting your password via the PCE User Tools page available in the right column of our home page.
If this does not work for your situation, stop in to see the Help Desk in WEB 210 or 224 or e-mail support@coe.utah.edu.
May I access my campus desktop machine remotely?
The short answer: yes.
The longer version: If the machine has a static IP address, try connecting to that remotely. The machine must be set up to allow remote access (via ssh, Screen Sharing/VNC, Remote Desktop Protocol, etc.) and wake-on-network-access/NOT go to ‘sleep’, but if you don’t have administrator privileges on this machine, we may need to enable remote access for you (see below). We may also need to allow such a connection on the proper ports through the CoE firewall. You will need to be on the Campus VPN to reach your machine.
Connecting to a Windows machine:
– Try using MS’s Remote Desktop Assistant to configure your machine for remote access.
– On the computer you would like to connect TO, in Windows Explorer, right click on ‘Computer’, select ‘Properties’, then select ‘Remote Settings’ from the menu on the right.
– Select your user and ensure it has permission to RDC to the computer, and verify a password is set (RDC will not enable unless the user has a password, it cannot be blank).
– Get the machines IP address- open a command prompt (type “cmd” in Search and it will open) and type “ipconfig” (no ” “‘s) and it will list your IP (use the one in the form of 155.98.X.X, the wired ethernet address)
– On the computer you wish to connect FROM, open your RDC client, put in the IP address, login as the user with remote privileges and you should be connected to the current running session.
Connecting to a Mac:
– On the computer you would like to connect TO, open ‘System Preferences’ and the ‘Sharing’ pane.
– Check the ‘Screen Sharing’ or ‘Remote Management’ for general VNC access, ‘Remote Login’ for ssh access, other available as needed. Ensure you have added your user for the access level on the right.
– Get the machines IP address- click ‘Show All’/reopen System Preferences and click on ‘Network’, and find the Ethernet device in the left column, IP address will show on the right in the form 155.98.X.X.
– On the computer you wish to connect FROM, open Screen Sharing in the Finder via the ‘Go’ :: ‘Connect to Server…’. Enter the address as vnc://155.98.X.X
If you can’t get through or need help getting the machine set for remote access, send the IP and your request, plus any errors or issues you have to support@coe.utah.edu and we’ll help get you connected.