Setting Up The VPN on Linux: Difference between revisions
(Created page with "'''Before''' following these instructions, please ensure that you have filled out an account request form and completed all the training and requirements as detailed here: Requirement_for_users_to_get_GI_VPN_access After completing those requirements, you should have received a welcome email from us explaining that your account is ready. Once you have received that email, continue following these instructions. Most Linux flavors support OpenVPN client software....") |
mNo edit summary |
||
| (13 intermediate revisions by the same user not shown) | |||
| Line 13: | Line 13: | ||
After confirming your cell phone MFA enrollment, or if you have already done this a while ago, continue to install our VPN profile. You will need to download our OpenVPN client configuration file from this link: | After confirming your cell phone MFA enrollment, or if you have already done this a while ago, continue to install our VPN profile. You will need to download our OpenVPN client configuration file from this link: | ||
https://giwiki.gi.ucsc.edu/downloads/prism.ovpn | https://giwiki.gi.ucsc.edu/downloads/prism-duo.ovpn | ||
The username and password to access that web link will be sent to you in your account creation welcome email. | The username and password to access that web link will be sent to you in your account creation welcome email. Download that file by right-clicking on the link above and selecting "Save Link As...", and save it to your Desktop or some other area you will remember. | ||
We will be installing the Prism VPN profile via the Network Manager GUI interface. | |||
Open '''Network Manager''' from '''Gnome Settings''' option and select the '''Network''' tab and click on the '''VPN +''' symbol: | |||
[[File:Configuring_1.png|600px]] | |||
From the '''Add VPN''' window, click on the '''Import from file...''' option: | |||
[[File:Configuring_2.png|600px]] | |||
You must navigate to your .ovpn file (/path/to/your/prism-duo.ovpn) and click on '''Open''' button: | |||
[[File:Configuring_3.png|600px]] | |||
Click on the '''Add''' button: | |||
[[File:Configuring_4.png|600px]] | |||
Finally, click the '''On/Off''' button to start on the VPN: | |||
[[File:Configuring_5.png|600px]] | |||
Once you authenticate to the VPN (username/password/MFA), then login via SSH to 'mustard.prism' for example, and you will be asked to change your password. | Once you authenticate to the VPN (username/password/MFA), then login via SSH to 'mustard.prism' for example, and you will be asked to change your password. | ||
ssh username@mustard.prism | ssh username@mustard.prism | ||
| Line 29: | Line 48: | ||
2: At least 3 character classes (lowercase, uppercase, number and/or special character) | 2: At least 3 character classes (lowercase, uppercase, number and/or special character) | ||
Once you change your password, it will log you out of mustard. Then, log out of the VPN ( | Once you change your password, it will log you out of mustard. '''Then, log out of the VPN''' (toggle the '''On/Off''' button from the Network Manager GUI VPN interface). This step is very important! Then, log back into the VPN using your '''new''' password. It will send another Duo MFA push to your phone, then you should be logged in! | ||
Then feel free to ssh to any of our firewalled servers (using your new password). Note the following page for available resources: | |||
https://giwiki.gi.ucsc.edu/index.php?title=Firewalled_Computing_Resources_Overview | |||
As always, if you have any questions, please email '''cluster-admin@soe.ucsc.edu''' for help. | As always, if you have any questions, please email '''cluster-admin@soe.ucsc.edu''' for help. | ||
Latest revision as of 19:06, 13 February 2025
Before following these instructions, please ensure that you have filled out an account request form and completed all the training and requirements as detailed here:
Requirement_for_users_to_get_GI_VPN_access
After completing those requirements, you should have received a welcome email from us explaining that your account is ready. Once you have received that email, continue following these instructions.
Most Linux flavors support OpenVPN client software. While the installation process may vary from flavor to flavor, we will be describing the process to get you going for Ubuntu, which should work on most Ubuntu versions and other Ubuntu/Debian derivatives. Do not install this software on public or shared computers!
Before installing our VPN profile, you must have enrolled your cell phone for Duo MFA using your CruzID account with UCSC. Most folks already have this from when they first started at UCSC. If you don't yet have a CruzID, please contact your sponsor/PI and ask them to help you acquire a CruzID. If you have a CruzID but haven't yet enrolled your cell phone, please follow the instructions here to enroll your phone:
https://its.ucsc.edu/mfa/enroll.html
After confirming your cell phone MFA enrollment, or if you have already done this a while ago, continue to install our VPN profile. You will need to download our OpenVPN client configuration file from this link:
https://giwiki.gi.ucsc.edu/downloads/prism-duo.ovpn
The username and password to access that web link will be sent to you in your account creation welcome email. Download that file by right-clicking on the link above and selecting "Save Link As...", and save it to your Desktop or some other area you will remember.
We will be installing the Prism VPN profile via the Network Manager GUI interface.
Open Network Manager from Gnome Settings option and select the Network tab and click on the VPN + symbol:
From the Add VPN window, click on the Import from file... option:
You must navigate to your .ovpn file (/path/to/your/prism-duo.ovpn) and click on Open button:
Click on the Add button:
Finally, click the On/Off button to start on the VPN:
Once you authenticate to the VPN (username/password/MFA), then login via SSH to 'mustard.prism' for example, and you will be asked to change your password.
ssh username@mustard.prism
Where "username" is the username we sent you in the welcome email (incidentally it is also your CruzID username). It will ask you for a password, just type in the password we sent you in your account creation welcome email. When you type the password, the characters will not echo to the screen, so it will not show you what you are typing. Once logging in successfully to mustard, it will as you to change your password. It will ask for you current password one more time, then it will ask you to choose a new password, which you will need to enter two times. Again, whatever password you choose will not echo to the screen. You new password must be:
1: At least 10 characters long 2: At least 3 character classes (lowercase, uppercase, number and/or special character)
Once you change your password, it will log you out of mustard. Then, log out of the VPN (toggle the On/Off button from the Network Manager GUI VPN interface). This step is very important! Then, log back into the VPN using your new password. It will send another Duo MFA push to your phone, then you should be logged in!
Then feel free to ssh to any of our firewalled servers (using your new password). Note the following page for available resources:
https://giwiki.gi.ucsc.edu/index.php?title=Firewalled_Computing_Resources_Overview
As always, if you have any questions, please email cluster-admin@soe.ucsc.edu for help.
