VPN alternatives

Note

In most cases, having a VPN connection is the best way to connect to the ITB network. This document discusses alternatives, in case a VPN connection is not possible.

ssh tunnel

If all you need is a ssh connection to the ITB and are happy to live your life on the command line, you will usually need to hop through our gateway server on gate.biologie.hu-berlin.de, as has been described in How to work from home.

In order to have direct access to one of our severs or to your desktop computer, you can add the following to your ~/.ssh/config file.

Host *.itb.biologie.hu-berlin.de
  User <username>
  ProxyJump <username>@gate.biologie.hu-berlin.de

  ServerAliveInterval 300
  ServerAliveCountMax 2

Now all connections such as ssh compute1.itb.biologie.hu-berlin.de (the suffix .itb.biologie.hu-berlin.de is key) will automatically be tunnelled through our server at gate.biologie.hu-berlin.de even without a VPN.

ssh socks proxy

Gain access to journals

Note

While the following solution can be practical in some cases, we suggest you use the official HU Fortinet SSL-VPN for accessing journals: https://www.cms.hu-berlin.de/de/dl/netze/vpn

SSH can also act as a simple person’s VPN. The following command will establish a local proxy listening to port 8080 which tunnels all traffic through the SSH connection.

ssh -D 8080 <username>@gate.biologie.hu-berlin.de

or, if you’ve added the itb shortcut to your ssh_config, simply:

ssh -D 8080 itb

In your Firefox’ (or system wide) network settings define a new SOCKSv5 proxy via the address localhost:8080.