SSH tunnel for remote access to GSI Windows devices

How to log in to GSI from outside (e.g. in home office) on a Windows computer without a Terminal Server?

Requirements:

  1. the user must be a member of the local group of remote users
  2. the user must have a valid Linux account for the central Linux environment ("lx-pool.gsi.de")
  3. the Windows device in the GSI network must be switched on and the energy saving mode must not be active (see PDF docu, point 7)

Make sure that you minimize the printing of sensitive or business-relevant data on a non-GSI device and in any case protect it from foreign eyes (do not dispose it in household waste)!

/fileadmin/IT/Icons/Achtung-rot.png

SSH connection via Putty (PuTTY is available in the Software Center, on private devices you install PuTTY from the web)

After installation, start PuTTY and configure it as follows:
(for your information:
 Port 3000 is enabled for the connection on the machine outside GSI
 port 3389 is the port for remote access to the machine within the GSI network)

/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_3.png
/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_1.png

From the 2nd call, the saved configuration (here GSI) can be loaded and opened (OPEN) via LOAD.

Login on a Linux machine with your Linux account and the corresponding password:

/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_4.png
/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_5.png

Build a remote connection to the above mentioned computer via

localhost:3000

/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_6.png

Additional resources can also be used for the connection, e.g. several screens, locale printers / drives or camera / speakers / microphone.

/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_20.png
/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_21.png
/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_22.png

You need the Smartcards option if certificates stored on the card are to be used in home office, e.g. for signing code. The card reader must be plugged in before the remote connection is established. If you use a GSI device in home office, please test it first in the GSI network, so that drivers etc. are available later.

If you want to use the device's camera, loudspeaker and microphone for video conferences, for example, you must also activate these options before.

/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_26.png
/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_28.png

However, the option is only available from Windows 10 version 1809. To check the currently installed version of the computer, use the command winver.

/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_27.png

Please accept the following security warning about a certificate as an exception.

Then log on to the device with your Windows access campus\your Windows_account  and the the corresponding password.

/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_8.png

and there you are on the machine!

When you have finished your work, close the entire session:

  1. Disconnect the session to the GSI device as shown in the screenshot
  2. Terminate the connection to the Linux machine with the command exit
/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_24.png
/fileadmin/IT/Screenshots/SSH/SSH-Tunnel_25.png

If you have any further questions or remarks, please contact windows-service.


Loading...