Skip to Main Content

Department of Computer Science

Technical Services and Support

Working At Home

Because of the current COVID-19 situation, many LCSR staff are working at home. In order to make it easier for computer science faculty and staff to work with them, personal contact information is available. Note that this page is only available to computer science faculty and staff. Other people may send email to help@cs.rutgers.edu 

To help Faculty & Students with remote instruction and other information related to learning, Internet access and more,  Rutgers has prepared Technology Resources for Students and  Technology Tools for Faculty sites. For more complete info see Remote Technology Resources which has a wealth of info about working remotely.

Table of Contents:


This page will show you how to work at home as if you are sitting in front of CS Linux computers at Rutgers, Access Files from CS Systems, Set up Online Meetings using Rutgers WebEx and Connect to  Rutgers only resources from home.

Using a Graphical or Command line Linux on a CS System

There are three basic approaches if you want a GUI interface (technically, an X11 window environment). The first two require you to install a client (except on Windows, where the Microsoft Remote Desktop is already there.) The third option uses your browser.

  • X2Go. This is a tool that lets you open a window on one of our systems. It uses a specially optimized version of the X11 protocol, giving reasonable performance on most home connections. In addition to giving you a window on our system, it lets you access files on your home computer and print to your home printers from the job on our system.X2Go is documented in the X2Go instruction page.
  • Microsoft Remote Desktop. While X2Go generally has better features, if you want to use Gnome or any program that requires OpenGL, you’ll have to use Remote Desktop. It is available for Windows, Mac and Linux. See Remote Desktop instructions.
  • Macgateway. The University maintains an Apache Guacamole gateway that allows you to get a graphical desktop on CS Linux system or Windows machine with Remote Desktop service enabled. Unlike the other two options above, this doesn’t require you to install any client. It works in your browser.  Go to https://macgateway.rutgers.edu and on Apache Guacamole screen, login using your Netid/Password.  Once  you’ve logged in, you will see a small area to enter connection info. Under “All Connections” section, Enter in the URI field like this:
    • To login to machine named ilab.cs.rutgers.edu, you would enter:
      >_  rdp://Your_NetID@ilab.cs.rutgers.edu/?security=rdp
    • To login to machine named cray1.cs.rutgers.edu, you would enter:
      >_  rdp://Your_NetID@cray1.cs.rutgers.edu/?security=rdp

Use your own netid in place of Your_NetID.  Click in the button when you are ready to connect. See Current Status of iLab machines for info on the best machines to use. If you have issues, please consult the FAQ page or contact help@cs.rutgers.edu.

  • Command Line.  If you prefer a command line environment, you can use ssh.
    • Linux and Mac come with ssh, so from a command line window do ssh HOSTNAME If your username is different at home and at Rutgers, do ssh user@HOSTNAME with your Rutgers username
    • For Windows, many people use putty. It has both a GUI and a command line version. From the command line use putty user@HOSTNAME. The GUI should open to a screen that asks you for the hostname. It will prompt you for the username, though you can type user@host in the hostname field.

The HOSTNAME should be the name of the computer you want to use. It will normally end in cs.rutgers.edu. Any of our lab computers can be used from home. However if you don’t have a system you prefer, anyone can use ilab.cs.rutgers.edu.

 

Accessing Files from CS Systems

If you want to work on your home machine but access files stored on our servers, there are two reasonable approaches

  • sshfs, which mounts your Rutgers home directory so you can access as if it was a disk drive on your home system
  • an sftp client; this lets you transfer files back and forth using a graphical interface or command line

For more information, see Accessing Files Remotely

 

Online Meeting/Training Sessions

Rutgers has a few online conferencing solutions available for everyone to use. F
For a successful online session, please note  the following before starting online session,
  1. Please do a test session to get familiar with features you want to use.
  2. If you plan to do hand writing, invest on a tablet like Huion H610 Pro V2 Graphic Drawing Tablet to make it easier to write.
  3. For better sound quality,  all participants should use a headset to improve sound quality and avoid feedback.
  4. Everyone should start with muted mic and only unmute it when participating in a conversation.
  5. Participants have to learn to speak one at a time.
  6. Consider recording your session so it can be viewed again later.
  7. Important: If your video conference link information is public,  you are subject to interruptions known as ZoomBombing from uninvited guests.

Below are details on how to use online conferencing on each system.

Setting up Online Meetings with Rutgers Zoom

As of early July, University has just signed a site license for Zoom. School of Arts and Sciences are recommending people to use Zoom. Zoom is video conference tool designed for personal and corporate collaboration. It allows communication with audio, video, text chat, file sharing, whiteboard, and other features.  Zoom support for up to 300 participants for students and 500 participants for faculty and staff.

service activation button

Activation is required

Before scheduling your Zoom Session, you must activate the Zoom service by going to netid.rutgers.edu, login, and look for the [Service Activation] link as shown. Click on [Zoom] and click on button at the bottom.[more details]

To learn more, click on OIT Zoom page.

Hints#1: For best experience, you should download a Zoom client for your computer or mobile device. You can start a zoom meeting using your browser by going to https://rutgers.zoom.us/.

Hints#2: When logging in using Zoom client, make sure you enter: your official Rutger Email address and click on button. Do not enter your password in the main Login page.

 

Setting up Online Meetings with Rutgers WebEx

University currently has a site license for Cisco Webex. Webex is a set of tools designed for personal and corporate collaboration. It is used to connect to others, typically through the internet, and allows communication with audio, video, text chat, file sharing, whiteboard, and other features. Please consult Eligibility page to see  limits on different roles of users.

service activation button

Activation is required

Before scheduling a Webex session, you must activate the Webex service for yourself. Go to netid.rutgers.edu, login, and look for the [Service Activation] link as shown. Click on [Rutgers Webex] and click on  button at the bottom.

Personal Meeting (up to 1000 participants, including 200 videos)

personal meeting icon

The default session gives you a personal meeting room. This is appropriate for a small group of people. To start a meeting, click on button.

For others to attend your meeting, share your personal meeting link which looks like https://rutgers.webex.com/join/yourNetidFor class meetings and other large gatherings, you should only use scheduled meetings or Training Sessions. You should NOT use your personal room because this link is public. This means it is subject to interruptions by uninvited guests.

More info is at Scheduling a meeting with your personal account.

Training Sessions or Remote Instruction (up to 1000 participants)

For a session with a lot of attendees, for example, a class or training session,  you may prefer to use a “Webex Training session.”

This is optimized for more people, and gives the host ability to share presentations, and encourage participation using whiteboard and chat.

To create a training session, find the “Webex Training” link at the bottom left corner.  Click on it and it will open a new Webex Training page.

Host a Session Menu picture

Once you get the new page you’ll see “Host a Session” in the left bar with several options.  You can [Schedule a Training] or start an [Instant Sessionand other options.  More info is at Getting Started with Cisco Webex Training.

Note:  Do not make  the password and link public, your session could be subject to interruptions by uninvited guests. If you are using Canvas integration, this is not an issue. Otherwise, Webex recommends you to use lock and unlock features to avoid this interruption.

For more info, click on below

Online Conferencing with Microsoft Teams

Rutgers Connect, known as Office 365 also allow for video conferencing via the Microsoft Teams application. Just like WebEx, Microsoft Teams works on web browser, desktop application, and mobile application. OIT has created  detail documentation on how to use Microsoft Team video conferencing if you so choose.

Note: To avoid ZoomBombing with Teams, you should utilize Attendee and Presenter roles.

Setting up Online Meetings with Google Meet

Google meet iconRutgers ScarletApps is essentially G-Suite for Education product. Although it is not publicized in the ScartletApps site, ScarletApp also includes Meeting/Conferencing feature knows as Google Meet.  Google Meet can be used as an alternative tool to WebEx. This license by default gives every  user ability to start a meeting for up to 100 participants.

During Covid-19 crisis, Google has opened up Google Meet to G-Suite customer until July 1, 2020. This means ScarletApps users will also be able to use Google Meet  to conduct meetings or training for up to 250 participants.

Instant Meeting

To setup instant meeting, first connect to https://mail.scarletmail.rutgers.edu. Once logged in, go to  https://meet.google.com.   Click on  button to start or join a meeting. A windows will open and  ask for permission to access your camera and/or your microphone.  Depending on what you want to do, click on  or   to start your conference.

Planned Meeting

To setup a future meeting, you need to schedule your meeting in your Google Calendar. Please follow Plan and Hold Meetings from anywhere guide for details.

 

Connecting to Rutgers Only Resources via a VPN

VPN connectivity overview

VPN connectivity overview

You do not need a VPN service for our major public systems like Blackboard, CanvasSakai, Box, Microsoft Teams, OneDrive, Rutgers Connect, (Office365), ScarletApps, WebExLinkedIn Learning, myRutgers portal etc.
 
If you are planning to connect to internal machines using Remote Desktop Service, University recommends that you use University Remote Desktops Gateway Service and not utilize the VPN for better performance.
 
You only need VPN  for systems that are only accessible from Rutgers network (RUNet) only, for example,  license server, private file/print server, research or private machines, etc. To access these private services, you must go through the Rutgers VPN.
 
VPN software extends your computer network connection as if you are connected to a remote network.  For example, when you are connected to Rutgers VPN server, your computer will appear as if it is on RUNet enabling you to access all Rutgers services that are not available to the public. This VPN service is available to current Rutgers faculty/staff, guest and students.

For instructions on using the new University VPN, see https://soc.rutgers.edu/vpn/.  (There is an older VPN system you may have used. It will be decommissioned fairly soon.) Some notes on the VPN:

  • This system requires you to activate the VPN service for yourself before you can use it. Go to netid.rutgers.edu, login, and look for the [service activation] link as show in figure above. Click on [Remote access VPN…] and click on button at the bottom.
  • If you aren’t currently using two-factor authentication (DUO), you’ll need to enable that. This is done at https://it.rutgers.edu/two-step-login/.
  • Once that is done, follow the instructions at https://soc.rutgers.edu/vpn/ to install the VPN software on your system. It’s may not be obvious how to find the instructions to install the software on the web page. Pull down the menu in the black menu bar: “Virtual Private Network [VPN]” That will point to information for the various operating systems.
  • Note that when the VPN is in operation, all network traffic except to your local network is routed through Rutgers. That means all of your web browsing, mail, etc, will go to Rutgers and then out to the Internet. It will go out through the Rutgers security scanning and NAT.

 

Advanced Users Only – Optional

This section will probably not be of interest to most people. It gives you instructions on setting up kerberos support for your home machine. The reason you might want to use Kerberos at home is to let you ssh to our systems without typing a password. It’s for people who use our services a lot, and are willing to do some work configuring their home systems.

 

A. Setting up Kerberos on Mac or Linux

While the Mac comes with Kerberos you will want to install the Kerberos implementation from Macports. You’ll also need their version of ssh. (The problem with Apple’s version of Kerberos is that it doesn’t understand the https: proxy, which is needed for use at home. You need to use the Macports versions of both the Kerberos utilities and ssh.)

  • Make sure your time is synchronized. Generally this is done with a program called chrony, though older installations will use ntpd. The system administation tool for most systems will let you set this up. If you time is off more than a minute or so, Kerberos won’t work.
  • Make sure Kerberos is installed
    •  Mac:
      • Install Apple’s Xcode through the App store
        sudo xcodebuild -license
        xcode-select --install
      • Download and install macports. See https://www.macports.org/install.php
        sudo port install kerberos5
      • make sure /opt/local/bin is before /usr/sbin in your path. The macports installation should edit your startup files to do this, but you’ll need to start a new terminal window for that to take effect
    • Centos: yum install krb5-workstation krb5-pkinit
    • Fedora: dnf install krb5-workstation krb5-pkinit
    • SLES 12: zypper install krb5-client [not tested; may need krb5-plugin-preauth-otp krb5-plugin-preauth-pkinit]
    • Ubuntu: apt-get install krb5-user krb5-k5tls krb5-pkinit
  • Set up /etc/krb5.conf [Mac: /opt/local/etc/krb5.conf] See below for what goes in the file
  • Set up /etc/ca.crt
    curl -O services.cs.rutgers.edu/ca.crt
    sudo mv ca.crt /etc/ca.crt
    curl -O http://services.cs.rutgers.edu/krb5.kdc.pem
    sudo mv krb5.kdc.pem /etc/krb5.kdc.pem
    

    Note that krb5.kdc.pem is only needed if you are using two-factor authentication. It changes every fall, around Oct 10.

  • edit /etc/ssh/ssh_config. Make sure the following limes are present. If there are already non-comment lines defining GSSAPIAuthentication and   GSSAPIDelegateCredentials, and they say no, change the no to yes. If the lines don’t exist, add them. (On the Mac, if you’re using the Macports version of ssh, this will be /opt/local/etc/ssh/ssh_config.)
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
  • Once this is set up you can use kerberos commands:
    • kinit netid
      • Sets up your Kerberos credentials. If your username at home is the same as your Rutgers netid, you can omit the netid
    • klist
      • Shows you your credentials. They will last for 24 hours. After that you need to do kinit again. Or you can do “kinit -R” before they expire to renew them for another day.
    • ssh hostname
      • should work without asking you for a password as long as the host is in the computer science department.
 
  • Here’s what goes in /etc/krb5.conf.  On the Mac this goes in /opt/local/etc/krb5.conf
[libdefaults]

default_realm = CS.RUTGERS.EDU
noaddresses = true
forwardable = true
renew_lifetime = 365d
default_ccache_name = /tmp/krb5cc_%{uid}

[realms]

CS.RUTGERS.EDU = {
kdc = https://services.cs.rutgers.edu/KdcProxy
pkinit_anchors = FILE:/etc/krb5.kdc.pem
http_anchors = FILE:/etc/ca.crt
}

The pkinit_anchors entry is only needed if you are using two-factor authentication.

Note to Mac Users

The instructions above are specifically for home use, where your IP address probably isn’t real, because you’re behind an address translator run by your ISP or your home router. In this case you have to use the https: proxy to access Kerberos. That means you have to use the Macports version of both the Kerberos utilities and ssh.

However if you’re at Rutgers, and your Mac has a permanent address within computer science, you don’t need the https: proxy. First, you’ll need to send email to help@cs.rutgers.edu to get your system registered. When you do that, tell us if you want to do NFS mounts of home directories and /common/users. Once staff have set you up, your /etc/krb5.conf and /opt/local/etc/krb5.conf (we recommend setting up both) will be set up with the following definition for CS.RUTGERS.EDU: Other than this, it should follow the example above. Note that the actual hostnames krb1.cs.rutgers.edu, etc, may change every few years.

  CS.RUTGERS.EDU = {
    kdc = krb1.cs.rutgers.edu:88
    kdc = krb2.cs.rutgers.edu:88
    kdc = krb4.cs.rutgers.edu:88
    pkinit_anchors = FILE:/etc/krb5.kdc.pem
    http_anchors = FILE:/etc/ca.crt
}

Once you have a kerberos ticket using kinit, you can ssh to other systems. If you asked staff to authorize you to mount directories, do the following command to tell Apple about our Kerberos domain:

sudo dscl . -create Config/NFSv4Domain RealName cs.rutgers.edu
 
This only needs to be done once. You can then mount the file systems you’re authorized for, e.g.
 
sudo mount jason.cs.rutgers.edu:/exports/common/users /mnt
 
It appears to be possible to fully kerberize the system, doing login through Kerberos, and automaticlaly mounting file systems. However we haven’t tried that yet. Note that access to mounted files requires your kerberos ticket to be valid. Our tickets normally expire after a day. If that becomes an issue we can port “renewd” to the Mac.

 

 

B. Kerberos on Windows 10.s

On Windows 10 I recommend installing the Ubuntu application and setting it up Kerberos within it as for Linux. There is Kerberos for Windows, but it doesn’t support the proxy, so you can’t use it at home. (If your PC is on a computer science department network with a permanent hostname and IP address, you might considering using MIT’s Kerberos for Windows.)  To set up Ubuntu

  • Find powershell (e.g. type powershell into the Contana box), right click on it, and select “run as administrator“.
  • In the powershell windows, type Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
  • Reboot
  • Go to the Windows store and install Ubuntu. (Other distributions will probably work, but I’ve tried Ubuntu.)
  • Now follow Linux instructions above for Ubuntu.
  • You can open multiple Ubuntu windows. If you do kinit to get a ticket in one windows, it will apply to different windows as well.