Remote access to AO servers @ LBTO

Simple access

To access wfsdx server remotely (from outside LBTO):

  • Connect to ssh bridge:
    ssh -X -C -c blowfish -X
    You must have an userid/password on

  • Connect to AO server:
    ssh -X -C -c blowfish

Note: the switches -C -c blowfish enable compression and a faster encrypt algorithm on the data stream, -X enables X11 forwarding,but through the network NX or VNC are quite more usable (see below).

Double Tunnelling through ssh

In some cases you need to have an ssh direct access to adsedx/wfsdx (e.g.: to do scp in a single step or to support NX remote console). Because is a secure machine which exports only the ssh port (22), to do that you must use a double tunnel. Here follows an example to connect to obs3:
ssh -C -c blowfish -L 20022:localhost:20022  ssh -L 20022:localhost:22 lfini@obs3

(this connection must remain open)

Then you may issue direct ssh or scp commands; e.g.:
ssh -p 200022 AOeng@localhost
scp -P 20022 ugo AOeng@localhost:

Tunnelling NX

All the obs machines have NX server installed. So you can open a remote X session using an NX client (e.g.: qtnx)

After setting the double tunnel, you may connect with the following parameters:

Username your username on
Password your password on
Hostname localhost
Port 20022
ssh tunnelling disabled (provided by the command above)

Tunnelling VNC

VNC tunnelling through the LBTO ssh access uses the same double tunnel technique (but for yet unknown reasons, the two tunnels cannot be created from a single command). So the procedure is as follows:

  • Create the first tunnel (on your PC):
    ssh -C -c blowfish -L 5901:localhost:20022

  • Then create the second tunnel (on
    ssh -L 20022:localhost:5901

  • Then start vncserver(on wfsdx):
    vncserver :1

  • Finally, from your PC you can start the viewer:
    vncviewer localhost:1

Do not forget to shutdown the vncserver (on wfsdx) when you're finished:

ssh -L 20022:localhost:5901 AOeng@wfsdx
vncserver -kill :1

NX from Windows with PUTTY

Setup a double tunnel using putty as in the following screenshots. Replace "4720" everywhere it appears with a different number between 1025 and 65535, it should be unique for each person trying to connect.


Save the Putty session with all the settings, and start it. Login with your LBTO username and leave the putty window open somewhere. The putty window is providing the tunnel and must remain open during the NX session.

Open NX and configure a session like in the following screenshot. Instead of port 4720, use the port you chose in the putty setup.


In addition, when prompted use the following settings:
  • login (SSH/NX): use NX login
  • authentication: use the authentication for obs3: username "LBTO", password the one for the control room.
  • no proxy
  • no special DSA or SSH keys
I Attachment Action Size Date Who Comment
nx.pngpng nx.png manage 31 K 11 Nov 2015 - 13:38 AlfioPuglisi  
putty1.pngpng putty1.png manage 22 K 11 Nov 2015 - 13:36 AlfioPuglisi  
putty2.pngpng putty2.png manage 19 K 11 Nov 2015 - 13:36 AlfioPuglisi  
putty3.pngpng putty3.png manage 18 K 11 Nov 2015 - 13:36 AlfioPuglisi  
Topic revision: r10 - 11 Nov 2015, AlfioPuglisi
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback