Galaxy Frequently Asked Questions
How to log on to Galaxy? (Key login instruction)
0. GENERATING YOUR SSH KEY PAIR
To generate your SSH key pair for use on galaxy, execute the following command on your desktop or whatever machine you want to use to connect
to galaxy (do not run this on galaxy itself!):
NOTE: This assumes that your home directory is not on a networked file system. If this is the case, you must modify the path (~/.ssh/galaxy)
to point to a local one. Storing your private keys on a networked file system compromises the security of your user account and data.
ssh-keygen -q -b 2048 -t rsa -f ~/.ssh/galaxy
This will quietly create a 2048-bit RSA key pair. This consists of 2 keys you'll find in the current, one public (named 'galaxy.pub') and
one private (named 'galaxy').
1. KEY PAIR SECURITY
You will be asked for a password or given the option to not pick a password for this key pair. You MUST choose a password! If you do not,
and your private key falls into someone else's hands, they will be able to log in as you with no trouble at all.
Your private key, named 'galaxy', should NEVER be shared or transmitted over an insecure channel (e.g.: email.) This file should
reside on the single workstation from which you will connect to galaxy and should not exist on any shared user machine or file system (e.g.:
NFS.)
Your public key, named 'galaxy.pub', should be emailed to the galaxy admin mailing list so that we can setup key-based access for you.
2. LOGGING IN USING YOUR KEY
Log in to galaxy using the following command:
ssh -i ~/.ssh/galaxy username@galaxy.ams.sunysb.edu
After the '-i' option you should provide the path to your private key file. When you connect to galaxy you will be prompted, not for your
galaxy password, but for the password you chose for your RSA key pair.
3. CHANGING YOUR PRIVATE KEY PASSPHRASE
To change the passphrase for your private key , use the following command:
ssh-keygen -p -f ~/.ssh/galaxy
Where '-i' is again followed by the path to your private key file.
4. PRIVATE KEY PERMISSIONS
Please set the permissions on your private key file to 600 like so:
chown `whoami`:`whoami` ~/.ssh/galaxy && chmod 600 ~/.ssh/galaxy
5. USING AGENT FORWARDING
ssh-agent allows your credentials to be used anywhere on the network and MUST be used if you have to go through another machine before accessing galaxy, since your private key should only be stored on a single machine.
eval `ssh-agent -c` will start an ssh-agent properly on a C-style shell (csh, tcsh) eval `ssh-agent -b` will start an ssh-agent properly on a Bourne-style
shell (sh, bash)
Once the agent is started, add your private key.
ssh-add ~/.ssh/galaxy
You will be prompted once for your passphrase. After this prompt you will not need to retype your passphrase for this key until the ssh-agent process dies.
Now you can log in to galaxy through multiple machines without having your private key anywhere but on your workstation.
[forwarding your credentials from your workstation to somewhere]
ssh -A -i ~/.ssh/galaxy username@somewhere.sunysb.edu
[ssh'ing from somewhere to elsewhere, forwarding your credentials]
ssh -A username@elsewhere.sunysb.edu
[finally, ssh'ing from elsewhere to seawulf]
ssh username@galaxy.ams.sunysb.edu
If you don't want to ssh out from galaxy using the same credentials as you use to log in, you can omit '-A' as shown in the example.
What should I read for new changes?
Read the login message of the day (motd). This is one forum where important changes are announced. We also send out announcement to all users by e-mail about important modifications (such as software upgrade) of the system. We also announced planned system downtimes beforehand so that users can get prepared. For new users, we also recommend everybody to browse the web page, including this FAQ, to familiarize themselves with the system.
How do I get in touch with anyone?
| Galaxy admin: | galaxy_admin@lists.sunysb.edu |
Where is Galaxy located?
The Galaxy Lab and the staff can be found in room 1-125 in Stony Brook's Mathematics Building. All of the nodes are located in this room.
How do I get a Galaxy account?
Send an email to galaxy_staff@lists.sunysb.edu stating your reason for requesting an account, and your desired username. You will receive a response within 2 business days.
Are data stored on Galaxy secure?
Relatively. All data is stored on raids with built-in redundancy and error checking. The raids are also backed up everyday.
Are data stored on Galaxy automatically backed up?
System wide backups are performed on a daily cycle onto IDE drives. Nevertheless, we should emphasize the different levels of importance of computer data. Most of the data on Galaxy are generated by programs, and could be regenerated, in case of necessity. The source code, on the other hand, are very precious to the developers, and could not easily be regenerated. The users are highly recommended to do everything possible for ensuring those critical material (programs etc.) never be lost. For example, the users should keep multiple copies of these important files on different computer systems, including users' local system. Use scp or sftp to move your data off Galaxy.
Where can I run X-windows applications from?
Normally, only from starzero, the Galaxy front-end. This includes: emacs, vim, etc. Please realize that these applications soak up considerable bandwidth. Having to share bandwidth is one of the reasons such applications do not always run smoothly. Starzero is also a relatively slow machine. Too many users running many jobs on it at the same time can make the load impossible to be handled by starzero.
It is now possible to run X programs directly off a compute node using ssh. If you are running an X server on your workstation and you use it to connect to galaxy via ssh, ssh will create a virtual display on starzero which all your X-programs will connect to, and ssh will then forward the X connections to your real X server. You may use the following procedure to use a node for many interactive work (assuming you are already on starzero at the beginning):
Although almost all X-window applications work on the nodes after setting up the display, we did notice that the debugger "ddd" does not function well on the nodes. So, "ddd" can only be run on starzero. Or, users can debug their code on their local machines using "ddd".
What can I do to reduce my use of storage?
Remove what you don't need, habitually zip (bzip2, gzip, or zip), learn about CVS. Suggestion: follow any fclose in your programs with a system call to a zip program. Another suggestion: many people use the same binaries... check to see if your program is already installed before putting loads of source code in your home directory.
Installing Software on Galaxy?
Please minimize the installation of downloaded software for personal use. If it is reasonable software to have, it should be installed in /usr/ or /usr/local. Please send e-mail to galaxy_admin@lists.sunysb.edu to request software that you need to use.
I hate the shell I got, how to change it?
Use the command: % chsh
How to find something on Galaxy?
Linux has a utility called locate, which creates periodically a database of all the system files (/usr/, /etc/,..) and their path on the system. locate searches that database, which is updated nightly.
scp
SSH has been installed on Galaxy, as well as most other AMS computers. "scp" is the secure and recommended way to move data between the Galaxy system and other computers.
How is Galaxy Sponsored?
Galaxy is sponsored through funds from the Department of Energy (including Los Alamos National Laboratory), the National Science Foundation, The National Institutes of Health and the University of Stony Brook. In addition a number of companies (Foundry Inc., and Storage Computers Inc.) have been very helpful in our obtaining some of their equipment.