Some workstations have a local file system /localhome. Any user can create a directory in this and read/write files there. These directories are not backed up; use at your own risk.
~ Most of the office workstations are running versions of RedHat Linux and are maintained using RedHat Network.
For outgoing mail using Mozilla on the local workstations, go to the mail and newsgroups account settings and select outgoing server. Put "bnl.gov" as the server name and port 25.
You can sign up for Labmail (a firstname.lastname@example.org e-mail address) here. This system is most useful if you know with absolute certainty that your employment at BNL will never cease. If you are not certain of this, then you should be aware that under current policy, Labmail is turned off the day after your employment is terminated, with no possibility of having your email forwarded to any other account.
lp [-d lptheory] filename [either ASCII or Postscript] lpr [-P lptheory] filename [either ASCII or Postscript] lp -o simplex filename [single sided output]There is another duplex printer in the library, but it only supports Postscript; it does not print ASCII files properly. To print to it use
lpr -Plibrary file.psThere is also a single-sided color laser printer in the Xerox room next to the library, accessible from quark with
lpr -Prikencolor filename [only for color, please]Do not use for transparencies without asking first. Using the wrong transparencies can ruin it.
Printcaps have not yet been set up on all the workstations for any or all of these queues. If you cannot print from your workstation, do so from quark. If all else fails, you might try this.
The above is not valid for OS X; see OS X tips.
http://security.bnl.gov/proxy/cfg.pacin the appropriate box. (Alternatively, you can use manual configuration: the proxy host is 192.168.1.130 for the wired internal network and 192.168.1.140 for wireless, and the port is 3128.)
setenv http_proxy http://192.168.1.130:3128If you use bash, put in your ~/.bashrc file the line
export http_proxy=http://192.168.1.130:3128For the wireless network use instead 192.168.1.140. You should remove these lines when you move your computer outside the BNL firewall.
If you really must use Telnet or FTP to access an outside machine from within BNL, you can do so through a proxy. For FTP, type
ftp ftpgw.sec.bnl.localAt theprompt enter
email@example.com give your password when prompted. (Of course you should substitute the appropriate values for "firstname.lastname@example.org".) For Telnet access type
telnet tngw.sec.bnl.local open your.remote.ip.addressand login as usual.
ssh -t email@example.com ssh firstname.lastname@example.org
DHCP is available on the local network. If you set your laptop to automatically get its ip address, it should work. HOWEVER, to keep from being cut off, you must once register its ethernet card. Opening a browser should give the registration page, or you can go here from your laptop to do this. If you move your laptop between on and off site, you will also need to go through the annoyance of doing/undoing the above proxy setting in your browser.
A growing number wireless access points are scattered around BNL, including most of the main seminar and conference rooms. This is a separate visitor network and doesn't need the proxy setup. However you will still need to register your wireless card; opening a browser window will give you the registration page.
Many BNL computers inside the firewall are accessible only through an SSH gateway. This can be done transparently as follows:
Create somewhere (here /home/yourname/bin/netcat-proxy-command) the following script and make it executable:
#!/bin/sh gateway=$1 internal=$2 ssh $gateway nc -w 1 $internal 22Create or edit ~/.ssh/config and add, e.g., the following to access quark.phy.bnl.gov and qcd.phy.bnl.gov via gateway ssh.bnl.gov:
ForwardAgent yes Host quark.phy.bnl.gov Hostname quark.phy.bnl.gov HostKeyAlias quark.phy.bnl.gov ProxyCommand /home/yourname/bin/netcat-proxy-command ssh.bnl.gov %h Host qcd.phy.bnl.gov Hostname qcd.phy.bnl.gov HostKeyAlias qcd.phy.bnl.gov ProxyCommand /home/yourname/bin/netcat-proxy-command ssh.bnl.gov %hYou can add as many internal nodes, each with its own gateway, as you need.
After you login, authenticate yourself to ssh-agent (see above). You will then be able to do ssh and scp to quark.phy.bnl.gov and qcd.phy.bnl.gov directly; the gateway will be transparent.
Create somewhere (here /home/yourname/bin/bnltunnel) the following script and make it executable:
#!/bin/bash ssh -L 3128:192.168.1.130:3128 email@example.comStart your browser (here Firefox), select Edit/Preferences, select "Connection Settings", and select "Manual configuration". For HTTP Proxy enter localhost and port 3128. Select "Use this proxy server for all protocols". For other browsers the path may be different, but the same options should be available.
Depending on where you are using your computer, you may need to select "Direct connection" (generic), the above "Manual configuration" (to use the BNL Web proxy), or "Automatic configuration" with
http://wpad.bnl.gov/wpad.dat(to use the Corus2 wireless network).
To access internal BNL Web pates, start bnltunnel in a shell and leave it running (you can minimize the window) and select the "Manual configuration" option described above. Then you should be able to access internal Web pages as if you were within the BNL firewall.
Note: the wpad.bnl.gov automatic configuration is harmless if you are outside the firewall.
Old version of this page.