VPN and SSH via central
Contents
VPN
The VPN (Virtual Private Network) will securely connect your computer to the university network when off-campus. To access bert and most IBERS virtual machines you will need to connect to the VPN first.
The university uses a VPN program called Global Protect, instructions on how to install it can be found at on the Information Services FAQ pages.
More detailed notes
Alun Jones in Computer Science support has written some detailed instructions on using you can find these on his webpage.
Using the VPN on Linux
There is an official GlobalProtect client for Linux which is linked to on the Information Services page, however some users have reported difficulty getting it to work.
OpenConnect on the command line
As an alternative the open source openconnect client can be used, but it needs to be version 8.0 or newer. If you are running Ubuntu version 16.04 or 18.04 this is not available using your normal package sources, but can be installed via this PPA. Linux Mint 19 seems to work without any extra packages. The openconnect client can also be installed from source, you can download it from github.
Use the command (replace <userid> with your aber user id, WITHOUT @aber.ac.uk:
sudo openconnect --user=<userid> --protocol=gp pa-vpn.aber.ac.uk
You will need to have setup a Multifactor Authentication token using a phone app such as Google Authenticator or otpclient (for Linux desktop) and by visiting the webpage [mfa.aber.ac.uk] while on campus. If you can't get to campus see the section below on Socks proxies as a workaround for this.
OpenConnect via Network Manager
If you want to connect using a GUI then you can create a
This does NOT work in Ubuntu versions 16.04 or 18.04.
More detailed Linux notes
Alun Jones in Computer Science support has written some detailed instructions on using you can find these on his webpage.
SSH via Central
Central is a Linux server run by Information Services which is accessible off campus. You can login to it using SSH and then login to other machines (e.g. bert or your office PC) that are on the university network. Access to central is disabled by default unless you are part of the Computer Science department.
Enable access to central
1. Go to the IS My Account page 2. Choose "Login to check and edit your account settings" 3. Enter your university username and password when prompted 4. Click "Add or remove permissions" in the Account section. 5. Under the "Service Features on my own account" section ensure that "SSH access on central.aber.ac.uk" says "Remove". If it says "Add" then click on the "Add" button. It will take about 15 minutes to activate.
Connecting to Central
Connect via SSH to central.aber.ac.uk.
In Windows 10, Linux or MacOS open a terminal and type (replacing <userid> with your university user ID):
ssh <userid>@central.aber.ac.uk
The first time you connect you'll see a message about the host key.
The authenticity of host 'central.aber.ac.uk (144.124.16.20)' can't be established. ECDSA key fingerprint is SHA256:MAyKXGiivwSsc9ICg1PQdh1Xo92qjTAyDhuub8xMkqA. Are you sure you want to continue connecting (yes/no)?
Type "yes" (just pressing y won't work) and then press enter. Then enter your password when prompted. Once logged in the prompt will change to saying:
central:~ $
From here you could connect to Bert by typing:
ssh bert.ibers.aber.ac.uk
Other Windows SSH clients
If you don't have a recent version of Windows 10 you'll need to install an SSH client. Try either Putty or MobaXTerm. Putty is a small download and very simple, MobaXterm is bigger and has many other features.
Socks proxy
SSH has a nice extra feature where data you want to reach the internet can be sent through the SSH connection and the computer at the other end will forward it onto the internet. This will give other computers k This effectively forms a very basic VPN
