CommunityData:Northwestern VPN: Difference between revisions
(Created page with "Northwestern IT has instructions for how to set up VPN on multiple operating systems. For most people, [https://www.it.northwestern.edu/oncampus/vpn/ their instructions] shoul...") |
Groceryheist (talk | contribs) (Add instructions for ssh through the proxy.) |
||
| Line 1: | Line 1: | ||
Northwestern IT has instructions for how to set up VPN on multiple operating systems. For most people, [https://www.it.northwestern.edu/oncampus/vpn/ their instructions] should work fine. | Northwestern IT has instructions for how to set up VPN on multiple operating systems. For most people, [https://www.it.northwestern.edu/oncampus/vpn/ their instructions] should work fine. | ||
The Linux instructions are a bit lacking. Here are step-by-step instructions for Ubuntu 18.04. It should be similar for other Debian-based systems and very similar if you are using Gnome 3. | The Linux instructions are a bit lacking. Here are step-by-step instructions for Ubuntu 18.04. It should be similar for other Debian-based systems and very similar if you are using Gnome 3. Alternatively, you can connect to Kibo using the [[configuration | Northwestern VPN#ssh conifg]] that mako developed. | ||
<code> | <code> | ||
| Line 25: | Line 25: | ||
[[File:Vpn-connect.png|500px]] | [[File:Vpn-connect.png|500px]] | ||
== SSH Config == | |||
To connect to kibo using ssh. | |||
1. Install netcat-bsd and ocproxy | |||
sudo apt install ocproxy netcat-openbsd | |||
2. Add the following to your ~/.ssh/config. Replace <YOUR NU USERNAME>. | |||
Host kibo kibo.soc.northwestern.edu | |||
Hostname kibo.soc.northwestern.edu | |||
User <YOUR NU USERNAME> | |||
ProxyCommand ~/bin/nu-vpn-proxy %h %p | |||
3. Create the file ~/bin/nu-vpn-proxy with the following. Replace <YOUR NU NETID> and <YOUR NU PASSWORD>. | |||
#!/bin/bash | |||
# connects to SSH through openconnect and VPN | |||
# for use iwth ProxyCommand in SSH | |||
# first run openconnect | |||
/sbin/start-stop-daemon --pidfile /tmp/nu-vpn-openconnect.pid --make-pidfile -b -S --startas /bin/bash -- -c '/usr/sbin/openconnect --reconnect-timeout 60 --script-tun --script "ocproxy -D 9052" --user <YOUR NU NETID> vpn-nu.vpn.northwestern.edu < <(echo <YOUR NU PASSWORD>)' & | |||
sleep 3 | |||
# kill connection on exit | |||
function cleanup { | |||
/sbin/start-stop-daemon --stop --pidfile /tmp/nu-vpn-openconnect.pid | |||
} | |||
trap cleanup EXIT | |||
# redirect traffic (standard input and output) through VPN | |||
/bin/nc.openbsd -X 5 -x 127.0.0.1:9052 $1 $2 | |||
Make the file executable using <code> chmod +x ~/bin/nu-vpn-proxy </code> | |||
Now you should be able to login to kibo. <code> ssh kibo </code>. | |||
Revision as of 22:37, 3 August 2018
Northwestern IT has instructions for how to set up VPN on multiple operating systems. For most people, their instructions should work fine.
The Linux instructions are a bit lacking. Here are step-by-step instructions for Ubuntu 18.04. It should be similar for other Debian-based systems and very similar if you are using Gnome 3. Alternatively, you can connect to Kibo using the Northwestern VPN#ssh conifg that mako developed.
sudo apt install network-manager-openconnect-gnome
Open Settings > Networks > Add VPN
Choose the openconnect option
Edit the settings:
Gateway: `vpn-nu.vpn.northwestern.edu` Token mode: `TOTP -- manually entered`
Click connect and log in using your NU netid and password
SSH Config
To connect to kibo using ssh.
1. Install netcat-bsd and ocproxy
sudo apt install ocproxy netcat-openbsd
2. Add the following to your ~/.ssh/config. Replace <YOUR NU USERNAME>.
Host kibo kibo.soc.northwestern.edu
Hostname kibo.soc.northwestern.edu
User <YOUR NU USERNAME>
ProxyCommand ~/bin/nu-vpn-proxy %h %p
3. Create the file ~/bin/nu-vpn-proxy with the following. Replace <YOUR NU NETID> and <YOUR NU PASSWORD>.
#!/bin/bash
# connects to SSH through openconnect and VPN
# for use iwth ProxyCommand in SSH
# first run openconnect
/sbin/start-stop-daemon --pidfile /tmp/nu-vpn-openconnect.pid --make-pidfile -b -S --startas /bin/bash -- -c '/usr/sbin/openconnect --reconnect-timeout 60 --script-tun --script "ocproxy -D 9052" --user <YOUR NU NETID> vpn-nu.vpn.northwestern.edu < <(echo <YOUR NU PASSWORD>)' &
sleep 3
# kill connection on exit
function cleanup {
/sbin/start-stop-daemon --stop --pidfile /tmp/nu-vpn-openconnect.pid
}
trap cleanup EXIT
# redirect traffic (standard input and output) through VPN
/bin/nc.openbsd -X 5 -x 127.0.0.1:9052 $1 $2
Make the file executable using chmod +x ~/bin/nu-vpn-proxy
Now you should be able to login to kibo. ssh kibo .
