Student Computing Labs (courselab and Friend Center)

Overview

The department maintains general-purpose machines called "courselab" (currently, two machines that each have 2 Intel Xeon E5 2670v3 processors and 128GB of DDR4 2133MHz memory) and "armlab" (currently, two machines that each have 2 ThunderX CP 48-core processors and 128GB of DDR4 2400MHz memory).  These machines are accessible via SSH at courselab.cs.princeton.edu or at armlab.cs.princeton.edu using one's NetID and OIT password.  The USB Boot only machines in FC 011 and FC 012 are dedicated for courses where students develop custom boot loaders (e.g., COS 318).

The remainder of this document describes the authorization and authentication process for the courselab and armlab machines.

Step 1: OIT Access to nobel.princeton.edu

In order to get access to courselab you must first get access to the OIT Nobel System.  This page will guide through getting access to Nobel.  You will need to set your Unix shell which you can do by reading "see Unix: How do I enable/change the default Unix shell on my account?".  Here is the direct link to update your Unix shell.  After your shell has been set you will need to ssh to Nobel by using the following SSH command:

$ ssh <YourNetID>@nobel.princeton.edu

If you are unable to ssh to Nobel you will need to reach out to OIT at helpdesk@princeton.edu or via Service Portal. If you attempt to login and get an error message that mentions "nologin" it's because you haven't enabled Unix access and set a shell with OIT.

Once you can ssh to Nobel please continue with the instructions below.

Authorization

The list of COS courses that have requested use of these machines can be updated by a course instructor using the ADM site.  We get periodic updates of the enrollment rosters from the Registrar for these COS courses, and these students are authorized to use these machines.  Notes:

  • There is a delay from when the student registers for the course and when we get the information and are able to act on it. This delay may range from a few hours up to a full day. If a student is adding the course and needs immediate access, the instructor should send a message to csstaff@cs.princeton.edu.
  • Instructors/TAs are not automatically added to the access list. Course managers can use the adm.cs site to enable individual instructors.

Accounts on the courselab machines are removed at the end of the semester. If you would like to keep your files please make sure you copy your files off the lab machines before the end of the semester.

Authentication

Users must use their OIT LDAP NetID and password to login to the machines.

Configuration

NOTE: This should have been completed in Step 1.

The Unix shell on these machines is the same one that is used when a user logs in to an OIT Unix machine (e.g., hats). As a consequence, if you have not enabled your OIT account to be able to access the Unix machines (and set a shell), you will also not be able to login to the courselab machines. To enable Unix access and specify a particular shell (/bin/bash is a good choice if you don't otherwise have a preference), see this OIT KnowledgeBase article: Unix: How do I enable/change the default Unix shell on my account?

Important: Once you "Enable your Unix Account" with OIT, it may take up to 24 hours before your account is ready for use. If you have several unsuccessful login attempts in quick succession, your IP address may get banned for an hour or more as such failed attempts may be interpreted as a brute-force attack by our intrusion-prevention mechanisms.

If you attempt to login and get an error message that mentions "nologin" it's because you haven't enabled Unix access and set a shell with OIT.

 

On February 1, 2016, CS Department login hosts switched to using RSA type SSH host keys. Since that time, the SSH Host RSA Key Fingerprint for the above hosts is: e0:0e:98:45:c9:4f:11:8f:19:bc:47:d2:07:0e:7c:ff.

Some older SSH clients may display the new fingerprint as: xepon-kibyl-bogur-palik-zyvar-lesuc-rikof-zusab-hypib-volyh-muxux.

Newer SSH clients (OpenSSH 6.8 or later) will use the SHA256 fingerprint: SHA256:9yBBea9Z0ER6asvvtNf6fRXVra6LOQ3OVZLtYKVpNc8.

Tags: