Access DelftBlue¶
Do I have access?
Any employee with a NetID should be able to connect out-of-the-box. If you are a Master student, you have to request an account here. If you are a Bachelor student, you have to be a part of the course. For guest researchers, the procedure is described here.
Note for Windows users
Windows 10 supports the ssh and scp commands in the Command Prompt out-of-the-box. You do not necessarily need to install any third-party software.
SSH¶
Anyone with TU Delft <netid> should be able to SSH to DelftBlue:
Using X (GUI)
If you would like to tunnel X over SSH (allowing you to use GUI) please use the following line:
Note: when the -X option fails, you might try the less secure -Y option (at your own risk)!
Using SSH config file
If you want to make your life easier, you can place certain information about your SSH connection to the configuration file. The SSH configuration file can be found in ~/.ssh/config on Linux, or in C:\Users\<username>\.ssh on Windows.
For example, if we place the following lines in the configuration file:
We can then connect to DelftBlue by just typing the following command:
Using SSH keys
Instead of entering your password every time, you can also generate a unique SSH key and copy it to the remote server. This way, the server knows that it is you, and will not ask you for a password anymore. Only use this on a trusted, well-protected machine!
To generate the unique key, use the ssh-keygen command:
user@laptop:~ $ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
We can then copy the newly generated SSH key to the remote host:
Or, if we are using the SSH configuration file from the example above:
On Windows, the ssh-copy-id command might not be available. If this is the case, use the following command to copy the SSH key manually:
Please note: if you are using the SSH keys, a so-called kerberos ticket is not updated upon every new login. This means that you might lose access to the /tudelft.net network drives after about a month or so, when your original kerberos ticket is expired. This can be solved by issuing the kinit command on the login node.
This will log you in into one of the four login nodes (login01, login02, login03, or login04). Your home directory is directly accessible (via /home/<netid>/):
[<netid>@login01 ~]$ echo $HOME
/home/NetID
[<netid>@login01 ~]$ ls -la
total 20
drwx------ 9 <netid> domain users 16 Mar 17 14:35 .
drwxr-xr-x 15 root root 13 Mar 17 12:35 ..
-rw------- 1 <netid> domain users 521 Mar 17 14:31 .bash_history
-rw------- 1 <netid> domain users 18 Mar 17 10:57 .bash_logout
-rw------- 1 <netid> domain users 141 Mar 17 10:57 .bash_profile
-rw------- 1 <netid> domain users 656 Mar 17 14:08 .bashrc
drwxr-xr-x 3 <netid> domain users 1 Mar 17 13:51 calcs
drwxr-xr-x 3 <netid> domain users 1 Mar 17 13:27 codes
drwx------ 3 <netid> domain users 1 Mar 17 13:28 .config
-rw------- 1 <netid> domain users 334 Mar 17 10:57 .emacs
-rw------- 1 <netid> domain users 172 Mar 17 10:57 .kshrc
drwxr-xr-x 3 <netid> domain users 1 Mar 17 14:29 ondemand
lrwxrwxrwx 1 <netid> domain users 21 Mar 17 14:27 scratch -> /scratch/NetID
drwx------ 2 <netid> domain users 4 Mar 17 11:10 .ssh
drwxr-xr-x 3 <netid> domain users 1 Mar 17 13:27 tools
drwxr-xr-x 2 <netid> domain users 1 Mar 17 14:28 .vim
-rw------- 1 <netid> domain users 10430 Mar 17 14:35 .viminfo
-rw-r--r-- 1 <netid> domain users 165 Mar 17 13:27 .wget-hsts
Don't forget either EduVPN or linux-bastion¶
Important
A direct SSH to DelftBlue from outside of the university network is impossible! For the access from outside of the university network, you have two options:
- Use TU Delft's EduVPN. Once connected via VPN, you can SSH to DelftBlue directly.
- It is also possible to access DelftBlue without VPN, via the so-called
linux-bastionserver.
You can either do it in two steps, by first connecting to the linux-bastion:
user@laptop:~ $ ssh <netid>@linux-bastion.tudelft.nl
<netid>@linux-bastion.tudelft.nl's password:
____ ____ _____
___ _ ____ _|___ \|___ \___ |
/ __| '__\ \ / / __) | __) | / /
\__ \ | \ V / / __/ / __/ / /
|___/_| \_/ |_____|_____/_/
Last login: Wed Mar 23 13:52:40 2022 from XXX.XXX.XXX.XXX
<netid>@srv227 ~]$
And then connecting to DelftBlue from linux-bastion:
[<netid>@srv227 ~]$ ssh NetID@login.delftblue.tudelft.nl
<netid>@login.delftblue.tudelft.nl's password:
____ ________ ____ __
/ __ \___ / / __/ /_ / __ )/ /_ _____
/ / / / _ \/ / /_/ __/ / __ / / / / / _ \
/ /_/ / __/ / __/ /_ / /_/ / / /_/ / __/
/_____/\___/_/_/ \__/ /_____/_/\__,_/\___/
As Delft Blue is a new system and was newly installed and configured some things might not be fully working yet and are still in the process of being set up.
Last login: Tue Mar 22 15:28:26 2022 from XXX.XXX.XXX.XXX
Quota information for storage pool home (ID: 2):
user/group || size || chunk files
name | id || used | hard || used | hard
--------------|------||------------|------------||---------|---------
<NetID>| <uid>|| 3.64 GiB| 8.00 GiB|| 57505| 2000000
[<netid>@login01 ~]$
Or, you can make a "jump" via an intermediate server with the following command:
Jumping via intermediate server with SSH config file
You can also configure the jumpserver with the SSH configuration file. (~/.ssh/config on Linux, or in C:\Users\<username>\.ssh on Windows):
Host bastion
User <netid>
HostName linux-bastion.tudelft.nl
Port 22
Host delftblue
User <netid>
HostName login.delftblue.tudelft.nl
Port 22
ProxyJump bastion
We can then connect to DelftBlue by just typing the following command:
The configuration file will take care of both the correct server addresses and the jumping via the intermediate server.
Note for students
Please use student-linux.tudelft.nl instead of linux-bastion.tudelft.nl as an intermediate server!
Access from different platforms (Windows, Linux, etc.)¶
Windows¶
Windows users can SSH directly from the Command Prompt (Windows 10 or above), or use a dedicated SSH client (e.g. PuTTY). For easy file transfer, a graphical SFTP client might be a good idea (e.g. WinSCP or FileZilla).
A convenient all-in-one solution is a free SSH/SFTP Bitvise SSH Client. It combines a terminal and a SFTP file manager:
How to use graphics over SSH (X11 forwarding) with Bitvise SSH Client
In order for Bitvise SSH client to be able to display graphics, you need the following:
- Have an X-server program installed and running on your Windows laptop. For example, Xming:
- Configure Bitvise SSH client to allow X11 Forwarding (open the tab called "Terminal", and check the "Enable" box under the section "X11 Forwarding"):
Then you can just start graphical software on the remote host, and the new program window will appear in your Windows environment, as normal:
How to tunnel through intermediate server with Bitvise SSH Client
In order to tunnel through an intermediate server with Bitvise SSH Client, you have to open two instances of the program:
1. Instance 1: Connection to linux-bastion
The first instance of Bitvise SSH Client will connect to the linux-bastion, and open a port tunnel to DelftBlue.
First, setup the connection to linux-bastion, as normal:
Second, setup the tunnel over any available port (here, for example, port 4444 on the default 127.0.0.1 local address) in the tab called "C2S" ("client-to-server"):
What this does, is opening the 127.0.0.1:4444 as a new pseudo-address for DelftBlue. While the "tunnel" is open, you can just connect to 127.0.0.1:4444 as normal, and the SSH connection will be referred to DeftBlue via the linux-bastion.
Third, connect to linux-bastion, which will also open the new tunnel automatically:
2. Instance 2: Connect to 127.0.0.1:4444 (which now points to DelftBlue via linux-bastion) as normal
MobaXterm is another (often used) all-in-one solution:
Linux¶
Linux users can SSH directly from the terminal. Most default Linux file managers support SFTP out of the box. Just put sftp://<netid>@login.delftblue.tudelft.nl in the address bar:
If you would like to tunnel X over SSH (allowing you to use GUI), this should also work out-of-the-box. Please use the following command:
Android¶
Android users need to use an SSH client. For example, ConnectBot is a convenient free app:
Open OnDemand¶
Alternatively, a Web interface called "Open OnDemand" is available via internet browser:
https://login.delftblue.tudelft.nl/
Note: Microsoft Edge might give "Unauthorized" error:
Mozilla Firefox and Google Chrome seem to be working fine:
Home directory as seen via Open OnDemand:
Important
Please be aware: OpenOnDemand does not trigger creation of the /home and /scratch folders for new users automatically! If your first ever login to DelftBlue is via OpenOnDemand, you should get the following warning:
What you should do then is to click "OpenShell" to trigger the "normal" SSH connection, logout of this shell by typing logout, and finally click "Reload Webportal". Now you should be able to access your /home and /scratch directories via OpenOnDemand.