skip navigation

This page looks better in modern browsers. Please upgrade.

Brown Home Brown Home Brown Home Brown CS

Remote Access

Internet access to the Brown Computer Science Department network is restricted by firewall software. The firewall protects our computers from outside attackers, but it also limits the ways legitimate users can access the department.

This page describes how to get at department computing resources from outside the department.

Internet Access Only

There is only one way into the department, via the Internet. To work from home or while travelling, you must first get onto the Internet. If you are on campus, you can use the Brown network. Outside of Brown, you must get yourself an Internet Service Provider (ISP). The List is a comprehensive list of ISPs.

What You Can Do Remotely:

  • Work in a shell
  • Read your mail
  • Display X client applications
  • Copy files to or from your CS account
What You Cannot Do Remotely:
  • Mount department filesystems

Piercing the Firewall

There are three ways through the firewall: s/key (one-time password), ssh (secure shell) and vpn (virtual private network). The choice is yours. Here is a quick comparison:

All three alternatives

  • Authenticate the user
  • Allow access to dept resources
  • Require some setup ahead of time
s/key
  • Allows access from anywhere
  • Provides a command shell
ssh
  • Provides a secure encrypted connection
  • Provides a command shell
  • Provides port forwarding (e.g. X)
  • Requires some setup for each remote machine
  • Provides an easy way to copy files to and from your CS account
vpn
  • Provides a secure encrypted connection
  • Requires some setup for each remote machine
  • Gives remote machines host-level access to the CS dept network
The technical staff prefers ssh or vpn for reasons of security and convenience. However s/key is useful when you must connect from someone else's machine.

Setting Up For Remote Access

S/key, ssh and vpn require some setup. Here are step by step guides to setting up and logging in using each method:
s/key ssh vpn

Passwords

S/key, ssh and vpn authenticate you when you connect, so you never have to type your unix account password. In general, never type any important password remotely unless you trust the machine you are on AND you are using a secure connection to the CS Department.

Where to Connect to

The department has dedicated portals for each service.
For s/key, connect to in.cs.brown.edu.
For ssh, connect to ssh.cs.brown.edu.
For vpn, connect to pptp.cs.brown.edu.

Running X Applications Remotely

If you have a reasonably fast connection, it is convenient to run X clients on department machines, and display them on your remote machine. To do this, you will need an X server on your remote machine.

Ssh handles X port forwarding automagically. Just run X clients in your ssh session, and they appear on your remote X display.

If you are using s/key, you must set things up.

Reading Your Mail Securely

You can read your department email from a remote location either by logging into a department machine, as described above, or by using secure IMAP.

S/key is not secure. If you log in using s/key and read email, your email is transmitted across the internet in the clear.

Copying Files

Once you've got ssh set up, you can use scp to copy files to and from the department. This the most convenient way to move files through the firewall. See the man page for details.

CVS over SSH

Anyone who has ssh set up and a CVS client (available for all major platforms) can use CVS over SSH to access and update files in a collaborative fashion.

Using Anonymous FTP

If all you want to do is transfer files, you can use our anonymous FTP server. Anyone can ftp files from the outside in, but you will need to contact the tstaff to have a directory set up for outgoing transfers. See the FTP page.
Page Owner: tstaff Last Modified: Mon Jun 30 07:22:14 2008