Secure Access

Quick Start

  • Access Global Desktop Environment (GDE) for access to Mail, Files, Shell, and Remote Desktop
  • External SSH Applet : Java Webstart SSH Login Shell : Launches an external window (requires Java Webstart) to provide SSH Shell Access.
  • External SSH-VNC Applet : Java Webstart SSH/VNC Applet : Launches an external window (requires Java Webstart) to provide an SSH-VNC Client.
  • NOTICE: Twig Mail has been replaced by RoundCube Mail in the link above. It is currently still available at this link : Twig Mail but will be retired at some point.

Accessing the Math Department in a Secure Manner :

Security is something we take very seriously in the Math Department. Breaches of security cause lost time for the Systems Staff and downtime and other inconveniences for users. This page details some ways to access the departments resources in a more secure manner.

There are many ways to connect remotely to the math department systems. Telnet, Rlogin and Ftp are most commonly used. Unfortunately, Telnet/Rlogin/Ftp are the most insecure ways of access from a remote site. More break-ins to computer systems result from password being obtained from users using telnet/rlogin and ftp than any other methods. These protocols will soon be discontinued from use in the math department. Instead we offer the following secure alternatives and users are encouraged to use them whenever they are away from our local network.

Specific documentation on setting up things like SSH Port Tunneling for IMAP/POP/FTP clients can be found on the documentation page.

Web Applications for Secure Remote Access :

  • GDE : The Global Desktop Environment (GDE) is the next step in ease of use for accessing your account via a web browser. It contains an advanced javascript enhanced filemanager, email client, ssh login shell, vacation mail setup, mail forwarding setup, and a virtual desktop feature (the login shell and desktop require Java 1.1 support).
  • Roundcube : IMAP mail reader. You will be prompted for your username and password. Rather well-featured remote mail reader.
  • Twig : Simple IMAP mail reader/organizer. Twig is very old and will be discontinued at some point, but is available in the meantime.

Remote Access Alternatives

The secure alternatives to telnet and ftp are ssh, scp, and secure web access. These encrypt data travelling between your machine and the servers making it more difficult for others to obtain useful info in the middle.

  • ssh : ssh is a telnet alternative. ssh also has the useful feature of automatically forwarding X display info upon connection so you do not have set the DISPLAY environment variable. It is installed on all Unix machines in the Math Department and is used like this :

    ssh[-l username] hostname

    If your username on your source system is the same as your username on the destination system, you can connect directly via :

    ssh hostname

    scp : scp is a secure copy program. It is more similar to cp or rcp than ftp, but accomplishes a similar result. It is used like this :

    scp [hostname1:]filename1 [hostname2:]filename2

    This will copy filename1 from hostname1 to filename2 on hostname2. If you omit the hostname from one of two arguments, it will default to your local machine. If you specify a directory instead of a filename for the destination file, it will use the same filename as the source file. Here is an example that will copy the file testfile from cauchy in the directory /home/staff/user to a file testfile on your local machine.:

    scp cauchy.math.duke.edu:/home/staff/user/testfile testfile

    scp can also copy directories and subdirectories with the -r option. For example, to copy the directory /home/staff/user/public_html to a directory oldhtml from cauchy.math.duke.edu to your local machine, you could type :

    scp cauchy.math.duke.edu:/home/staff/user/public_html old_html