ii. PuTTY
iii. WinSCP
iv. OpenAFS client
From the Samba FAQ:
Samba is a suite of programs which work
together to allow clients to access to a server's filespace and printers via
the SMB (Server Message Block) protocol. Initially written for Unix, Samba now
also runs on Netware, OS/2 and VMS.
In practice, this means that you can redirect disks and printers to
Unix disks and printers from Lan Manager clients, Windows for Workgroups 3.11
clients, Windows NT clients, Linux clients and OS/2 clients. There is also a
generic Unix client program supplied as part of the suite which allows Unix
users to use an ftp-like interface to access filespace and printers on any
other SMB servers. This gives the capability for these operating systems to
behave much like a LAN Server or Windows NT Server machine, only with added
functionality and flexibility designed to make life easier for administrators
Practically, for us here at ISK, Samba is the means by which Windows client computers are able to access our central fileservers running Unix. Read all about Samba at http://www.samba.org/
AFS has a long and complicated history, which you can read
all about on the web. In brief terms, AFS stands for Andrew File System, a
distributed file system originally developed at
From the Pittsburgh Supercomputing Center’s AFS page:
The Andrew File System (AFS) is a distributed network file system that
enables files from any AFS machine across the country to be accessed as easily
as files stored locally. AFS is composed of cells, with each
cell representing an independently administered portion of file space. Cells
connect to form one enormous UNIX file system under the root /afs directory.
All centrally stored files at ISK are located on various UNIX file servers. Knowing what is stored on which machine is not necessary, because all files, no matter their physical location are accessed through the logical AFS directory hierarchy. Our AFS cell, isk.kth.se is located at /afs/isk.kth.se/. For a fictional student, with a login-id of johndoe, his home directory would be located at /afs/isk.kth.se/j/johndoe.
To confuse matters slightly, the same, fictional student can also access his home folder another way, using the samba file server. Going through the Samba server, he would access his home folder using the network path \\samba\home. Both paths point to the same location and use the same login and password. The difference is that samba is only accessible from within the school.
Depending on where you are and what you want to do, there are several ways of accessing your ISK account. The distinctions that need to be made clear are twofold. First, file access versus terminal access.
§ File access means that you authenticate against the UNIX-system, after which you are able to read/write to your files and folders from the client computer you are sitting at at the moment.
§ Terminal access means that you open a terminal window on your client computer and in this terminal window log on to a UNIX-computer. Once logged in, you have access to not only your files and folders, but also the full range of UNIX commands and programs. The drawback of terminal access is that everything you do is done remotely, which means you cannot for example print to a local printer.
Next, let’s look at the distinction between local and remote access
§ Local access can only be done from computers located in the school. Using local access is what enables you to use MapAFS or the build-in windows function “map network drive” to access your folders through a drive letter, such as H:\
§ Remote access can be done by any computer with internet access, which of course includes the computers in the school. All terminal access is by definition remote access and so is all file access that does not depend on local network paths.
MapAFS is a program, written for us at ISK by our sysadmin, Tryggve Knutsson. What MapAFS does, is that is automates the task of manually mapping samba network paths to local drives. By using MapAFS and entering your login details into the window “2IT User Login” you automatically get your personal afs home folder mapped as H:\, the /afs/isk.kth.se cell mapped as W:\ and the global /afs structure mapped as X:\.
MapAFS is for almost all purposes the best and easiest way of accessing your files. The main drawback being that it only works from inside the school network. From other locations, such as at home, other methods are necessary.
In this section, three ways of remote access to your UNIX-account and files will be described
Kerberos telnet is a KTH software project developed by Thomas Nystöm at KTH’s Stacken. It’s telnet and FTP client for windows, containing Kerberos authentication support. Kerberos is a network authentication protocol that enables you to connect to the school system from remote computers.
How to install and use ktelnet:
§ Download and install ktelnet, version V2.02B.950 from the Kerberos telnet page.
§ When prompted during the installations for default realm, enter ISK.KTH.SE
§ To upload and download files from your account, use the Kerberos FTP program.
§ To remotely log on to the UNIX-system, use the Kerberos telnet program
§ For both Kerberos FTP and Kerberos telnet, under Connection -> Properties:
§ Make sure the auto-authenticate setting is checked
§ If you are behind a firewall or NAT, you may need to change the nat_in_use value located under the krb.extra to “yes”
§ To start a session, select Connection – Open and in the host box, enter: shell.isk.kth.se
If you need more help, download and read the documentation from the Kerberos telnet page
PuTTY is a telnet client for Windows that supports the SSH network authentication and communications protocol. Like Kerberos telnet above, it enables you to log on to the school UNIX-system through a terminal window. The main difference is in the use of SSH instead of Kerberos for authentication.
How to install and use PuTTY:
§ From the PuTTY download page, download the latest PuTTY for Windows binary
§ This is a simple exe file, that you can save somewhere on your computer.
§ To run PuTTY, just double-click on the downloaded file.
§ In the configuration window make the following changes:
§ Under session -> host name, enter: shell.isk.kth.se
§ Under sessions -> protocol, select SSH
§ Under Connections -> SSH, set preferred protocol version to 2
§ Note that you can save your settings as a session for future use
WinSCP is an open source SFTP (SSH File Transfer Protocol) and SCP (Secure CoPy) client for Windows using SSH (Secure SHell). WinSCP is an alternative to Kerberos FTP for remotely uploading and downloading files from your school UNIX-account.
How to install and use WinSCP:
§ From the WinSCP download page, download and install the latest version of WinSCP
§ Choose the full installation when prompted
§ Once you launch the program after installation, use the following settings:
§ Under Session -> host name, enter: shell.isk.kth.se
§ Under SSH, set preferred SSH protocol version to 2
§ Note that you can save your settings as a session for future use
OpenAFS is a free, open source implementation of the AFS file system. Using the client part of the OpenAFS software, you can map drive letters to paths in the AFS directory structure. The client will also handle authentication, enabling you to obtain Kerberos tokens for access to the isk.kth.se file system. NOTE you need to be running Windows NT, 2000, XP or 2003 to use OpenAFS. No Windows 95/98 or Me!
How to install and use the OpenAFS client:
§ From the OpenAFS site, download and install the latest release version of OpenAFS.
§ At the time of writing, the Windows version is OpenAFSforWindows-1-3-6400.exe
§ During installation, choose to install the AFS client
§ Select download CellServ.db file from http://dos.isk.kth.se/CellServDB
§ For cell name, enter ISK.KTH.SE
§ Make sure “Enable AFS crypt security” and “Enable Freelance Client” is checked
§ Mare sure the Integrated logon options are unchecked. (If you want to use integrated logon, read the OpenAFS documentation)
§ When installation is done, reboot your computer
§ After the reboot, you should have a new icon in your system tray, looking like a yellow padlock
§ Click on the icon and the AFS client window will appear
§ Select the “drive letters” tab and choose “add”
§ Select drive letter H
§ For “AFS path”, enter \afs\isk.kth.se\home\first letter of your username\your username
§ For “Description”, I’d suggest entering home
§ Make sure restore mapping whenever I logon is checked
§ You can add other drive letters and paths, to anywhere in the AFS file structure that you want
§ Finally, to authenticate and get access to the file system at isk.kth.se, on the “Tokens” tab, click on “Obtain new tokens”
§ Enter your isk.kth.se username and password and click ok.
§ You should now be able to access your home folder the same way as you do from school by accessing your local H:\ drive
This document was written by