Setting Up The VPN on Linux

From UCSC Genomics Institute Computing Infrastructure Information

Revision as of 16:17, 9 February 2025 by Weiler (talk | contribs)

Before following these instructions, please ensure that you have filled out an account request form and completed all the training and requirements as detailed here:

Requirement_for_users_to_get_GI_VPN_access

After completing those requirements, you should have received a welcome email from us explaining that your account is ready. Once you have received that email, continue following these instructions.

Most Linux flavors support OpenVPN client software. While the installation process may vary from flavor to flavor, we will be describing the process to get you going for Ubuntu, which should work on most Ubuntu versions and other Ubuntu/Debian derivatives. Do not install this software on public or shared computers!

Before installing our VPN profile, you must have enrolled your cell phone for Duo MFA using your CruzID account with UCSC. Most folks already have this from when they first started at UCSC. If you don't yet have a CruzID, please contact your sponsor/PI and ask them to help you acquire a CruzID. If you have a CruzID but haven't yet enrolled your cell phone, please follow the instructions here to enroll your phone: 

https://its.ucsc.edu/mfa/enroll.html

After confirming your cell phone MFA enrollment, or if you have already done this a while ago, continue to install our VPN profile. You will need to download our OpenVPN client configuration file from this link: 

https://giwiki.gi.ucsc.edu/downloads/prism.ovpn

The username and password to access that web link will be sent to you in your account creation welcome email.

We will be installing the Prism VPN profile via the Network Manager GUI interface.

Open Network Manager from Gnome settings option and select Network tab and click on the VPN + symbol:


Once you authenticate to the VPN (username/password/MFA), then login via SSH to 'mustard.prism' for example, and you will be asked to change your password.

If you are not familiar with SSH, then you will need to open the "Terminal" application which can be found in your Applications Folder under "Utilities". After launching "Terminal" you will connect to mustard by typing: 

ssh username@mustard.prism

Where "username" is the username we sent you in the welcome email (incidentally it is also your CruzID username). It will ask you for a password, just type in the password we sent you in your account creation welcome email. When you type the password, the characters will not echo to the screen, so it will not show you what you are typing. Once logging in successfully to mustard, it will as you to change your password. It will ask for you current password one more time, then it will ask you to choose a new password, which you will need to enter two times. Again, whatever password you choose will not echo to the screen. You new password must be: 

1: At least 10 characters long
2: At least 3 character classes (lowercase, uppercase, number and/or special character)

Once you change your password, it will log you out of mustard. Then, log out of the VPN (click the Tunnelblick icon on the top right of your screen and select "disconnect"). Then, log back into the VPN using your new password. It will send another Duo MFA push to your phone, then you should be logged in!

Then feel free to ssh to any of our firewalled servers (using your new password).

As always, if you have any questions, please email cluster-admin@soe.ucsc.edu for help.

Retrieved from "http://giwiki.gi.ucsc.edu/index.php?title=Setting_Up_The_VPN_on_Linux&oldid=579"