Computing at UMBC An Introduction to the UMBC Computing Environment CMSC 121 Introduction to UNIX Much of the material in these slides was taken from Dan Hood’s CMSC 121 Lecture Notes. Your GL Account GL is short for “General Labs.” Through this account you have access to various computing resources across the campus. Your GL Account gives you access to: Many labs that are maintained by OIT. An listing of these labs can be found at http://www.umbc.edu/oit/classroomtechnology/labs/lablocation.html. These labs contain an assortment of dual-bootable Windows 2000 / Linux PCs, Macintosh's, and several IRIX machines. You also get remote server access to several UNIX machines... linux1.gl.umbc.edu, linux2.gl.umbc.edu, linux3.gl.umbc.edu irix1.gl.umbc.edu, irix2.gl.umbc.edu solaris.gl.umbc.edu The username and password on this account are also your username and password for http://my.umbc.edu/. Your username is also your e-mail name. You get an e-mail account automatically when you sign up for a GL account. It is username@umbc.edu, where username is your logon name. Your E-mail Account Can I change my e-mail address? Sending and Receiving E-mail. There are lots of ways to do this! Technically no, but you can create multiple aliases that send mail to username@gl.umbc.edu. In effect, this changes your e-mail address. To set up e-mail aliases, follow the instructions at http://www.umbc.edu/oit/sans/helpdesk/alias.html. You can also set up your e-mail to be forwarded to another account if you wish. See http://www.umbc.edu/oit/sans/helpdesk/acctforward.html for more details. Pine - a UNIX, text-based e-mail client. Netscape / Mozilla / Outlook - bulky clients, graphical. See http://www.umbc.edu/oit/sans/helpdesk/configuremail.html. Webmail - UMBC's web-based e-mail client. It’s fast, easy-to-use, and accessible from anywhere. http://webmail.umbc.edu. There is also a webmail tutorial: http://www.umbc.edu/oit/sans/helpdesk/email/webmail/. It is strongly suggested that all CS students lean the Pine e-mail program. It is very easy to check your mail remotely via ssh, rip in source code, and is very quick and easy to use (well, once you get used to it). We strongly feel that it is so important that a whole class will be dedicated to Pine and Pico. The Andrew File System (AFS) AFS is distributed network file system. A file system is simply a collection of files and directories assembled in such an order that the make sense to the operating system. AFS is a way of keeping track of your files over the network. Features You can access your files using any computer that has an AFS client installed on it. All of the lab computers: Windows, Linux, IRIX, and Mac, are capable of reading this file system. The files that you maintain in your account will be accessible to you over the network from any of these computers. No need to store your information on a flash drive and carry it between machines. Your Directory on AFS Every GL account is assigned a directory on AFS, which contains the home directory, web space, and email folders. On all of the UNIX systems here at UMBC it will be located at the following location: /afs/umbc.edu/users/u/s/username/ u is the first letter of your username, s is the second letter of your username, and username is your GL account logon name. Contents of Your AFS Directory These are the folders that are in your account at the time of creation Within the home directory: home - your UNIX home directory. Mail - this is where all of your e-mail files are kept. pub - this is where public data can be placed, including web space. backup - this is a backup copy of your /afs/umbc.edu/users/u/s/username/, updated nightly. All of the typical files found in any UNIX environment (.cshrc, .login, etc...) Windows NT and 2000 Profiles (.2kprofile and .ntprofile directories) Your files! Within the Mail directory: files for all of your mailboxes (inbox, sent-mail, etc...) certain configuration files (such as .forward, .procmailrc, etc...) that allow you to manipulate your mail. For example, forwarding you mail to another account, or filtering your incoming email. Contents of Your AFS Directory Within the pub directory: it is empty by default! This is where you can put files, so that others can readily copy them from here into their accounts. You can also have a www directory within your pub directory that allows you to post files onto the Internet, accessible via http://userpages.umbc.edu/~username/ The backup directory… …is a copy of your entire account, that is read-only and taken from the night before. This is typically done around midnight. If you were to accidentally delete a file (or screw up a source code file so it no longer compiles) that you had around yesterday you can go into this directory and you will be presented with the home, Mail & pub directories from the day before. You can then simply copy the file from here to wherever you want. Getting to Your Files You should usually save files to your home directory (/afs/umbc.edu/users/u/s/username/home/). How you access your home directory depends on the operating system… UNIX / Linux - your home directory is available to you under the /afs/umbc.edu/users/u/s/username/home/ directory. Almost all UNIX shells will start you out in this directory by default. Windows Your directory (/afs/umbc.edu/users/u/s/username/) is mapped as the network drive "T:" on the Windows PCs. Your home directory (/afs/umbc.edu/users/u/s/username/home/) is mapped as the network drive "S:". If you have a www directory in your pub directory (/afs/umbc.edu/users/u/s/username/pub/www/), it is mapped as the network drive "W:". Changing Your Password Via the Web Logon to http://my.umbc.edu, click on the Personal tab, then click on Change my Password. Follow the on-screen instructions for changing your password (there are several steps). Via the UNIX Command Prompt The standard way to change your password on most all UNIX systems is through a text-based shell. To change your password this way, you will need to have shell or terminal access to one of the GL UNIX machines. This can be in the form of a shell on one of the dual-boot lab machines, or by way of remote SSH access. Once you have your shell open, type passwd at the command prompt. Changing Your Password linux1-(11:23am): passwd passwd: Changing password for eeaton1@UMBC.EDU. Old password: New password: New password (again): Kerberos password changed. linux1-(11:24am): Note that when you type your password, it will not be echoed to the screen, not even asterisks (*). Windows? You may be inclined to change your password by pressing Ctrl-AltDelete and choosing the "Change Password" option. But this has been disabled here in the GL labs at UMBC. If Someone Knows Your Password Change it NOW!!! Your GL password is just that - yours and only yours. You should not share it with anyone. If you think someone knows your password. Here is what you should do... Change your password immediately. Report this incident to helpdesk@umbc.edu. OIT keeps a log of all activities in all UNIX accounts. Any unauthorized access can be tracked given ample research time. You are legally liable for any action caused under your account. Choosing a Good Password OIT has suggested the following guidelines for choosing a good password... Passwords should contain at least: Passwords should not contain: 7-14 characters 2 numbers or symbols in the first 8 characters 5 different characters (letters, numbers, symbols) The at sign ( @ ), the number sign ( # ), or the ampersand ( & ) Doubled numbers or symbols (e.g., 99 or %% ) Any words or names spelled forwards, backwards, or in a foreign language A Social Security number in the first nine characters of the password Words constructed with similar-looking number substitutions (e.g., 0 for O ; $ for S ; 1 for i ), for example: capta1nk1rk, mr5p0ck Note: Passwords are case sensitive. The lowercase ‘c’ is a different letter from the uppercase ‘C’ . Make sure that the Caps Lock key is not on, unless you intend to enter all uppercase letters. If you forget your password, the OIT helpdesk can reset it for you. Your Quota Every student on the GL network has a set disk quota. This is the amount of space given to most students is 25 MB. That is not a lot of storage space! So, some effort must be made on your part not to exceed this disk quota. Everything that you store in your directory (/afs/umbc.edu/users/u/s/username/) counts towards this 25 MB limit with the exception of your backup directory, which not figured into how much space you are using. Exceeding your disk quota can cause any number of problems: Lost email messages Inability to compile programs Abnormal account behavior To check your usage and overall quota, type quota -v in a UNIX shell. If you are exceeding your quota, change your browser settings so they cache little (or nothing at all) to disk. You may then have to manually delete the cached files. If you need help with this, see an OIT Help Desk consultant. For more information on how to check your quota, see http://www.umbc.edu/oit/sans/helpdesk/afs/afs_disk_quota.htm. Checking Your Quota Type in the quota -v UNIX command at the command line. Your output should look something like: Doin’ just fine. linux1-(12:20pm): quota –v Volume Name Quota Used user.dhood2 75000 59158 Nearing the limit. linux1-(12:20pm): quota –v Volume Name Quota Used user.dhood2 75000 70754 %Used Partition 79% 64% %Used Partition 94%<< 64% <<WARNING Over the limit. Danger zone. linux1-(12:20pm): quota –v Volume Name Quota Used user.dhood2 75000 75798 %Used Partition 101%<< 64% <<WARNING How to Get Back Under Quota OIT has made available a tool that goes through your account and tries to eliminate unnecessary files and very large files that may be putting you over the limit. You can issue the oitcleaner command... Note: that the latter part of this script tries to remove larger files that are in your account. You have to answer "y" or "n" whether or not you want to remove these files. You can also make sure that you have set up the web browser to cache as little as possible to disk. Restoring a Lost File Remember the backup directory only contains a copy of all of your files from the night before. If you need to restore a file that you deleted days ago, or just minutes ago (assuming minutes ago was still today), then you are not going to find the file here. If it is really important and it was in your account overnight for at least one of these backups, than you may be able to have OIT see if they can recover the file for you. Note that this is only done in the rarest and most dire circumstances. In-class demo of recovering a file, both graphically and from the console. The Outlaws: Telnet and FTP Telnet and FTP refer to basic network utilities (and related protocols) that allows a user to interact with a remote host using a text-based virtual terminal. Telnet and FTP are both widespread (they are integrated into many operating systems) and useful. You may have telnetted from your home Windows PC to a UMBC Unix server to check your email with Pine, or transferred files between 2 computers using FTP. What is wrong with them? Telnet and FTP are inherently insecure. When you initiate a telnet or FTP connection, your username, password and other bits of important information are broadcast in cleartext, meaning that they are visible to anyone located between your computer and the intended server destination. For example, any curious person with a 802.11b-equipped laptop, a packet sniffer program (designed to intercept and interpret data broadcast across a network), and a rudimentary grasp of networking could sit within range of UMBC's wireless networks and grab any usernames and passwords transmitted in cleartext. Regardless of where and how you're online, if you use telnet or FTP, you're putting your vital data at risk. Because of the vulnerabilities associated with telnet, UMBC's Office of Information Technology (OIT) prohibited telnet connections to UMBC servers beginning in January 2003. SSH (instead of Telnet) SSH stands for Secure SHell. It provides terminal or shell access to some remote computer. SSH can be viewed as nothing more than a secure version of telnet. There are several SSH clients to choose from. Some are installed in the OIT labs, some you can install, and others require administrator privileges that you may not have under Windows (at least in the labs). Tera Term Pro (available in the UMBC labs) Putty: http://www.chiark.greenend.org.uk/~sgtatham/putty/ SCP (instead of FTP) SCP stands for Secure CoPy. It provides the functionality of a File Transfer Protocol (FTP) client. SCP can be viewed as nothing more than a secure version of FTP. Again there are many SCP clients out there: WinSCP (available in the labs): http://winscp.vse.cz/eng/ The Linux command: scp localfile username@gl.umbc.edu:~/path/filename Open AFS AFS is a distributed file system, pioneered at Carnegie Mellon University and supported and developed as a product by Transarc Corporation (now IBM Pittsburgh Labs). It offers a client-server architecture for file sharing, providing location independence, scalability and transparent migration capabilities for data. IBM branched the source of the AFS product, and made a copy of the source available for community development and maintenance. They called the release OpenAFS. Mounting your UMBC AFS Directory at Home Download and install the windows Open AFS client. During installation you will be prompted for an AFS cell name, you should enter umbc.edu When the installation is complete, you will need to reboot. After you reboot, there will be an icon that looks like a lock in the system tray. Click on this to launch the OpenAFS dialog. Under the Tokens tab, click Obtain New Tokens... Be sure that the cell name is umbc.edu and go ahead and enter your username and password, then press enter. If everything went ok, you should see an entry under tokens with your GL username. Under the Drive Letters tab, click Add... Chose an unused drive letter, and enter the path to your root directory on GL (/afs/umbc.edu/users/u/s/username/), and click enter. If everything went ok, then you should see the drive letter added under the OpenAFS dialog. You should now be able to browse the drive in Windows Explorer.