Introduction

Access to all KASK laboratory resources (servers, workstations, cluster, services etc.) requires a single account. Each user has his or her profile available from all computers (although separate for Windows and Linux). The accounts are issued ONLY to Department's specialty students and co-workers! All questions, remarks, requirements, found errors etc. in the lab should be sent to kasklab@eti.pg.gda.pl e-mail address. Please add “[KASKLAB]” (no quotes) prefix to the email subject.

Login and password

Accounts created after March 2018:

The login is composed of letter "s" (lower case) and student's index number. Example: Jan Kowalski, index number 123456:

  • login: s123456

Accounts created before March 2018:

The login is composed of letter student's index number and first letter (lower case) of the students family name and first name. Example: Jan Kowalski, index number 123456:

  • login: 123456kj

The password for the account needs to be generated using ADMan system. The system allows also password recovery. In both cases you have to provide user login and e-mail associated with it (usually s@student.pg.edu.pl). The password can be changed both from Windows (alt+ctrl+del -> zmiana hasła) or Linux (using passwd command).

There are some requirements regarding the password complexity:

  • the length have to be at least 7 characters
  • cannot be similar to the login
  • have to contain at least 3 elements of of the following:
    • capital letters
    • lower case letters
    • digits
    • special characters (#, !, @, etc.)

The account usually is locked at the end of each study stage (firs bachelor and than master). The home directory is stored for some time. If the student will not reply to the e-mails regarding account blockage, the account will be permanently locked and the profile deleted.

User profile directories

User profile are stored on remote storage array (for Linux) or on remote Domain Controller (for Windows). Despite the fact, that they are separate you can access one profile from the other system. In Windows the easiest approach is to use tools like WinSCP and copy required files to/from kask.eti.pg.gda.pl. From Linux one can use samba as a share client. The profiles can be reached from the smb://apl01/homes share. You need to provide login and password. From the console you can use: smbclient //apl01/homes. We will see all profiles but we will have access only to the one that we provided login and password for. Home directories are not backed up!

The servers/workstations

The laboratory consists of:

  • 18 workstations (des01.kask – des18.kask) in room 527 - students can use them at any time, 3 research workstations (des19.kask, des20.kask, des21.kask) in server room - EMPLOYEES ONLY,
  • Storage array,
  • Servers:
    • kask.eti.pg.gda.pl – firewall, access node - DO NOT RUN ANY APPLICATIONS HERE!,
    • db.eti.pg.gda.pl – database server, runs MySQL, MSSQL, PostgreSQL, provides access to the storage array,
    • apl01.eti.pg.gda.pl – ActiveDirectory domain controller,
    • apl02.eti.pg.gda.pl – ActiveDirectory domain controller,
    • apl04.eti.pg.gda.pl – server for dr Dziubich,
    • apl11.maas - CUDA, Ubuntu 22.04, EMPLOYEES ONLY, no password authentication, ssh key pair authentication only (first key should be generated and set up on kask.eti.pg.gda.pl),
    • apl12.eti.pg.gda.pl - CUDA, Ubuntu 22.04, no password authentication, ssh key pair authentication only (first key should be generated and set up on kask.eti.pg.gda.pl),
    • apl13.maas - CUDA, Ubuntu 22.04, EMPLOYEES ONLY, no password authentication, ssh key pair authentication only (first key should be generated and set up on kask.eti.pg.gda.pl),
    • apl14.eti.pg.gda.pl - storage array,
    • apl15.maas - CUDA, Ubuntu 22.04, EMPLOYEES ONLY, no password authentication, ssh key pair authentication only (first key should be generated and set up on kask.eti.pg.gda.pl),
    • apl16.maas - CUDA, Ubuntu 22.04, EMPLOYEES ONLY, no password authentication, ssh key pair authentication only (first key should be generated and set up on kask.eti.pg.gda.pl),
    • apl17.eti.pg.gda.pl - storage array,
    • sanna.kask, vinnana.kask, vedana.kask - CUDA, Ubuntu 22.04, EMPLOYEES ONLY,
    • docker swarm nodes,
    • various Ubuntu 22.04 nodes under MAAS givernance.

Students can access directly the following systems:

  • kask.eti.pg.gda.pl – remote access node, available via SSH - do NOT run any applications here!,
  • des01.kask – des18.kask – for classes, can be accessed directly in room 527 or remotely via the kask.eti.pg.gda.pl node,
  • apl12 – remote access only using SSH via kask.eti.pg.gda.pl node. You have to generate public/private key pair using ssh-keygen and than add the public key (.ssh/id_rsa.pub) to the .ssh/authorized_keys file (both actions can be done on any KASKLab machine, kask.eti.pg.gda.pl server is the best for that).

Installed software

General list of the installed software is given below. If not specified the apps are installed using 64-bit version.

Linux (Ubuntu 22.04 LTS):

  • Java OpenJDK 11 (default, /usr/lib/jvm/java-11-openjdk-amd64)
  • Java OpenJDK 8 (/usr/lib/jvm/java-8-openjdk-amd64)
  • IntelliJ Ultimate (register using http://db.eti.pg.gda.pl:8080 server if needed)
  • Netbeans 11 (in /opt/netbeans/)
  • Apache Maven
  • NVIDIA CUDA 11.8 with CUDA DNN 8
  • MPI – mpich-4.0-3 and openmpi-4.1.2, openmpi is default
  • LibreOffice
  • GIMP
  • Firefox, Chromium
  • Oracle VirtualBox 6.1.38
  • Docker-ce 24.0.6 + nvidia-docker2 2.13.0

Windows 10 Edu (deprecated, OS updated, but the software is not - DO NOT USE UNLESS NECESSARY):

  • Oracle Java JDK 8 (in c:\Program Files\Java\)
  • Oracle Java JDK 9 (in c:\Program Files\Java\)
  • JetBrains WebStorm
  • Netbeans 8.2 with Glassfish 4 and Tomcat (servers have default settings)
  • NVIDIA CUDA 9.1
  • LibreOffice
  • Microsoft SQL 2017 Express
  • Microsoft Visual Studio 2017 Community Edition v. 15.4
  • Inkscape
  • IE, Microsoft Edge, Firefox, Google Chrome
  • Gimp
  • TortoiseSVN
  • TortoiseGit
  • Notepad++
  • MariaDB

Remote access to the laboratory

You can access the laboratory remotely using kask.eti.pg.gda.pl node. Access can be done using SSH only. From there you can login (also using SSH) to other machines running Linux in the laboratory.

SSH can also be used to access any service (that is not publicly visible) running in the laboratory (via kask.eti.pg.gda.pl host). It is done using SSH port forwarding. More information on the subject can be found here. Simple examples are presented below.

The commands below are examples only! There are no services there so do not issue those commands directly!

Example: lets say we have a web server running on port 8443 of the apl01.eti.pg.gda.pl server. The web server is not available remotely as it is behind a firewall. It can be however accessed from kask.eti.pg.gda.pl server (the firewall itself). To access it from Linux we can run a command:

ssh -L 3389:apl01.eti.pg.gda.pl:8443 kask.eti.pg.gda.pl

After connecting all requests sent to localhost:8443 will be transferred to the proper port of the apl01 server. In Windows you can also use openSSH implementation or use e.g. Putty. In this case the setup is as shown below. All data should be entered Connection->SSH->Tunnels section and we need to press Add button. Once again the values are fake and serve as an example! Use your own proper values!

putty ssh tunnel configuration

Now it should look like this:

putty ssh tunnel configuration continued

Now we have to connect normally:

putty ssh tunnel session start

 As always we provide login and password for the laboratory.

ATTENTION! In all cases the connection needs to be active all the time we access the service!

ATTENTION! Use not occupied port as local port! Some ports are occupied even if the service is turned off (e.g. 3389 port for Remote Desktop in Windows).

The workstations in the room 527 can be turned on remotely from the firewall. From the kask.eti.pg.gda.pl you can issue the

wlacz.py

command. Follow the instructions.

The above command does not work after power outage. Currently the computers in lab527 have to be turned on manually at least once after power failure as one of racks containers between firewall and room 527 does not power on correctly.

ATTENTION! From the Faculty network you can use the services directly. From other networks you need either SSH Tunnel or connect to the Faculty using VPN (see http://starter.eti.pg.gda.pl/ web page for more info).