Access direct to the Rocket HPC platform is not available from an internet connected device such as a home PC in the interests of cyber security, but there are still options available for users who are not currently on Campus to connect to Rocket using the Unix time sharing service (unix.ncl.ac.uk) as an SSH gateway.

Off-Campus connections to Rocket from Windows

Not all SSH client applications support the option to connect via an SSH gateway, but both MobaXterm and PuTTY do. We cannot provide instructions for any other applications at this time, but the principles should be the same as described below.

Requirements:

• You must have set up SSH key-based authentication for Unix.ncl.ac.uk
• An SSH client supporting SSH key-based authentication and allows for SSH gateway configuration (instructions provided for MobaXterm and PuTTY)

Instructions:

1. First; read (Unix Time Sharing), register for the Unix time sharing service and then ensure you can access unix.ncl.ac.uk with your normal university username and password. 
2. Second; read (Connecting with Secure Shell), configure your SSH keys as instructed and test that you can access unix.ncl.ac.uk from off-Campus using your private key.
3. Third; configure your chosen Windows SSH client to connect to Rocket using the unix time sharing service as an SSH gateway:

Configuration for Mobaxterm

• Set Remote host: rocket.hpc.ncl.ac.uk
• Set Port: 22
• Set Network settings -> Connect through SSH gateway (ticked)
• Set Network settings -> Gateway SSH server: unix.ncl.ac.uk
• Set Network settings -> Gateway Port: 22
• Set Network settings -> Gateway User: (your real university username)
• Set Network settings -> Use private key (ticked)
• Set Network settings -> Use private key (browse to and select your real SSH private key)

For further information, please see the official Mobaxterm documentation:

• Main documentation link: https://mobaxterm.mobatek.net/documentation.html
• Configuring a SSH private key: https://mobaxterm.mobatek.net/documentation.html#4_1_9
• Configuring a SSH gateway/jump-host: https://mobaxterm.mobatek.net/documentation.html#4_10_1

Configuration for PuTTY

It is possible to use PuTTY in an SSH gateway scenario such as with unix.ncl.ac.uk and Rocket, but the stand-alone application only has basic support for SSH keys (a single key can be loaded). For more advanced use (such as supplying one or more private keys to an SSH gateway) it is necessary to use the PuTTY pageant.exe tool that is installed alongside the main application.

Configuration of pageant.exe is outside the scope of this documentation as it is relatively complex, however documentation on configuring the SSH Proxy (PuTTY's term for an SSH gateway or jump host) component of the application is available on the developers website. 

• Adding an SSH proxy: https://the.earth.li/~sgtatham/putty/0.78/htmldoc/Chapter4.html#config-proxy
• Using pageant to manage SSH keys: https://the.earth.li/~sgtatham/putty/0.78/htmldoc/Chapter9.html#pageant

For most Windows-based users, we therefore reccomend the use of MobaXterm over PuTTY for remote connections to Rocket whilst off-Campus.

‌

Off-Campus connections to Rocket Linux / Mac OS

The standard command-line OpenSSH application has built-in support for SSH gateway or 'jump' hosts and requires only one additional parameter in order to operate in that mode. 

Requirements:

• You must have set up SSH key-based authentication for Unix.ncl.ac.uk
• An SSH client supporting SSH key-based authentication and allows for SSH gateway configuration (instructions provided for OpenSSH)

Instructions:

1. First; read (Unix Time Sharing), register for the Unix time sharing service and then ensure you can access unix.ncl.ac.uk with your normal university username and password. 
2. Second; read (Connecting with Secure Shell), configure your SSH keys as instructed and test that you can access unix.ncl.ac.uk from off-Campus using your private key.
3. Third; configure OpenSSH to use your unix time sharing private keys as the SSH jump host for the Rocket HPC service.

OpenSSH Configuration

 ssh -i myprivatekey -oProxyJump=yourNewcastleusername@unix.ncl.ac.uk yourNewcastleusername@rocket.hpc.ncl.ac.uk

Note that you should replace myprivatekey with the full path and filename of the private key as available on your device as well as using your real username in place of yourNewcastleusername. Also note that the sftp and scp commands of OpenSSH also obey the same parameters, so you can use the same parameters for those commands to allow file transfer whilst off-Campus.

You may choose to add all of the SSH parameters to an SSH config file ($HOME/.ssh/config) to simplify typing the commands each time. For example: 

Host unix
 ForwardX11 yes
 Compression yes
 HostName unix.ncl.ac.uk
 Port 22
 User yourNewcastleusername
 IdentityFile myprivatekey

Host rocket
 ForwardX11 yes
 Compression yes
 HostName rocket.hpc.ncl.ac.uk
 Port 22
 User yourNewcastleusername
 ProxyJump unix

Will act as a shortcut for adding your private key, enabling X11 forwarding and compression and then tunneling through unix.ncl.ac.uk to access Rocket. It can be called as simply as:

ssh rocket