Rdesktop Internal Licensing Error

If you get the following error message when running rdesktop to connect to a Remote Desktop to a Windows server

Autoselected keyboard map en-us
disconnect: Internal licensing error.

Then try running

rm ~/.rdesktop/licence* && rdesktop <windows server name>

There is a license file that gets created when using rdesktop. At some point Microsoft changed their remote desktop authentication, so you need to remove the license file each time before starting rdesktop.

PuTTY and GSSAPI

The new version of PuTTY has a new authentication GSSAPI feature. This allows users to log in with out a password but will not mount a users home directory. We have had several users using the new version of PuTTY who could not log in to kerbNFSv4 system.

To overcome this problem you must disable GSSAPI authentication.

To do this in PuTTY go to
Connection –> SSH –> Auth –> uncheck “Attempt Kerberos 5 GSSAPI/SSPI auth (SSH-2)”
or
Connection –> SSH –> Auth –> GSSAPI –> uncheck “Allow GSSAPI Authentication (SSH-2 only)”

See the following images.

Putty_sshAuthentication

Putty-gssapi

ECpE Red Hat Linux Setup Options

Option A. IASTATE Domain System (Standard Lab Build)

The system would be in the IASTATE domain and would be configured similar to a lab system. We would grant you sudo privileges to install software and also give you full read-write access to certain directories you need.

* IASTATE Domain Authentication
* You cannot get root access
* You can get limited sudo privileges
* Full read and write access to /local, /usr/local, and /tmp
* Full support

Sudo commands that can be granted

Networking: /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool Installation and management of software: /bin/rpm, /usr/bin/up2date, /usr/bin/yum Services: /sbin/service, /sbin/chkconfig Updating the locate database: /usr/sbin/updatedb Storage: /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount Processes: /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall Drivers: /sbin/modprobe

Others on a individual bases

Option B. Stand Alone System (Outside of IASTATE Domain)

This would be a standalone box. We give you the root password. With this option you are more responsible for maintaining and setting up things. If you break anything you will be responsible for fixing it unless it requires a rebuild. We will help to a certain extent with setting up some software, email, and auto mounting; but will not be able to help as in option A.

* You get root access
* Limited access to commercial software
* We cannot guaranty the integrity of the system

Ansys License Error

If you receive a license error when starting Ansys, you will likely need to change your license setting from commercial to academic.

To check out the proper ANSYS license:

  1. Click and run “User License Preferences” (Start -> All Programs -> ANSYS 12.1 -> ANSYS Client Licensing -> User License Preferences.).
  2. Click the “Use Academic Licenses” radio button in the “Global Settings” section, then click “OK” to exit.

MyFiles Permissions for Linux Users

File Permissions on MyFiles

If you’re a Linux user, the file permissions on MyFiles may be seem really strange.  It may seem that anyone can read your files, or you may find it different to change these permissions.  In reality, the underlying file permissions on files are usually just fine.  But the permissions you view with a long file listing using the ‘ls -l’ command do not give you the complete picture of what’s really going on.  This article should help Linux user understand more about MyFiles file permissions.

MyFiles Permissions are based on Windows, not UNIX

On the server files.engineering.iastate.edu, all files permissions were given UNIX style permissions. A file could have “read”, “write”, and “execute” permission bits that were assigned to the owner, group, and “other” users. The problem with this model is that it is very limited. You cannot use this permission scheme to give special permissions to a list of users or groups, and there is no way to set inheritance so that all files in a folder get the same permissions automatically. This permission scheme also meant that Windows users had file permissions set in a way that wasn’t “natural” for Windows.

With MyFiles, all permissions are set according to Windows style permissions. This is a much more powerful and flexible permission model than the standard UNIX style permissions. Using Windows style permissions, a file or directory can have different permissions for different users. Instead of just one “group” permission as in UNIX, a file can have several different groups with different permissions for each group. Windows style permissions also support inheritance, which means that you can force all files created in a folder to inherit the permissions set on the folder.

The most important thing for Linux users to understand is that permissions are set according to the Windows model and that the ‘ls -l’ command is not suitable for viewing these permissions from Linux. But whether you use Windows or Linux, the underlying security permissions on a file are exactly the same.

ls -l is incomplete

If you use the ‘ls -l’ command to view permissions on a file, you will only see is the UNIX style permissions. But this doesn’t work correctly when the underlying permissions are based on Windows permissions. You’re seeing an incomplete interpretation of the permissions. To see the full permissions on files, you should either use the Windows file explorer to see security properties, or use the ‘nfs4_getfacl’ command from Linux.

How to view permissions on MyFiles

Perhaps the easiest way to see the actual file permissions on files is to use the Windows file explorer. Use the Windows file explorer to highlight a file you’re interested in and select the Properties tab and then the Security tab. This will show the complete list of users and groups and the permissions assigned to them.

On Linux, there is a tool called ‘nfs4_getfacl’ that can also be used to view the permissions, though it takes a bit more interpretation to understand.

WinSCP

WinSCP is an open source free SFTP client, SCP client, FTPS client and FTP client for Windows. Its main function is file transfer between a local and a remote computer. Beyond this, WinSCP offers scripting and basic file manager functionality.

Currently, the best way to connect to your ENGR home directory from off campus is to utilize some form of SCP client. Windows users can obtain a free client called WinSCP to connect to their files.

To download WinSCP, go to: http://winscp.net/

After starting WinSCP you should see a window similar to this one:

Image:Win1.png

Type “linux-1.ece.iastate.edu” into the Host name box and enter your username and password when prompted and select “Login”. Since this is the likely the first time you have connected to this file server a warning message may pop up warning you that the security keys provided by the server are unknown. It is ok to proceed past this warning.

After login you will see a window similar to this one:

Image:Win2.png

In this image the left pane represents your local desktop system and the right pane represents the files in your home directory. You can navigate to the desired files/location in either pane and drag and drop to begin your file transfer.

 

To watch a how to video please refer to: http://www.youtube.com/watch?v=8j6VdlVlYiw

PuTTY

There are several good SSH client programs for Windows. A very simple and easy to install SSH client program for Windows is called PuTTY. PuTTY is a free and open source terminal emulator application which can act as a client for the SSH, Telnet, rlogin, and raw TCP computing protocols and as a serial console client. You can download a version here:

Download

Tip

If you are having a problem using ssh to a machine and it will not allow you to enter a password try this below:

Connection –> SSH –> Auth –> uncheck “Attempt Kerberos 5 GSSAPI/SSPI auth (SSH-2)”
or
Connection –> SSH –> Auth –> GSSAPI –> uncheck “Allow GSSAPI Authentication (SSH-2 only)”

[HTML3]

To watch a how to video please refer to: http://www.youtube.com/watch?v=jYUp0nJMZMM