linerva.mit.edu (linux.mit.edu) is a Linux dialup server run by SIPB for the MIT community. Linerva is fast, boasts a wide variety of Linux software, and permits arbitrarily long login sessions. The MIT-specific software on Linerva is available for general use as Debathena.
You can log into Linerva by SSH with a password or by forwarding Kerberos tickets (ssh -K). To save typing the -K each time, see below.
Feel free to contact the Linerva maintainers at linerva@mit.edu.
The rest of this brief webpage documents features of Linerva, along with some of the differences between Linerva and Athena.
SIPB provides shell access over SSL at https://linerva.mit.edu. All you need is a web browser with Javascript enabled.
We have a large amount of Debian development software installed for our own convenience, but which is generally useful for making Debian packages.
Users' dotfiles on Linerva are executed in the same manner as all Debathena machines. IS&T has extensive documentation on how dotfiles are executed on Debathena.
Some users may find it useful to have different dotfiles on linerva than on a standard Athena workstation. You can implement this by testing for the output of the program /etc/athena/dialuptype (which only exists on dialup machines). Some working example code for tcsh and bash are provided below. Note that your dotfiles should never print any text to standard output if you want programs like scp to work.
For tcsh (~/.cshrc.mine):
if (-e /etc/athena/dialuptype) then
if (("`/etc/athena/dialuptype`" == "linerva" )) then
# Put your linerva-specific customizations here
endif
endif
For bash (~/.bashrc.mine):
if test -e /etc/athena/dialuptype; then
if test "`/etc/athena/dialuptype`" = "linerva"; then
# Put your linerva-specific customizations here
fi
fi
Announcements of outages and service changes will be sent to the linerva-announce Moira/Mailman list. Outages not related to security problems will be announced at least 3 days in advance, and will be accompanied with changes to the motd and messages sent via wall. Outages that result from security problems may occur on arbitrarily short notice, depending on the nature of the vulnerability.
In order to prevent users from causing a denial of service to the system, we have some resource limits in place on linerva. You will probably not see them unless you attempt to run a computationally intensive job, fork-bomb the machine, or do other stuff you shouldn’t do on a dialup. If you believe our resource limits are too restrictive, please let us know (you can check the current settings using limit in tcsh or ulimit -a in bash).
Linerva uses Ksplice for increased Linux security. Applying all Linux updates rapidly is critical for keeping Linerva secure, and Ksplice makes it possible to do so without disrupting the users of Linerva by rebooting.
This is generally an issue with the configuration of your ssh client. You can fix this either for a single session or for all ssh sessions.
SecureCRT does not try keyboard-interactive authentication by default. linerva does not support the older password authentication mechanism (which SecureCRT does try by default), so you need to configure SecureCRT to use the keyboard-interactive authentication method in order to log in to linerva with a password using SecureCRT, as follows.
In the Connection options, or in the Quick Connect window, look at the “Authentication” section. Choose “GSSAPI” as the Primary authentication method and “Keyboard Interactive” as the Secondary authentication method. The default authentication method of “Password” does not work with linerva.
Linerva’s sshd is also listening on ports 8080 and 443.
If you're using OpenSSH, you can connect with ssh -K -p 443 linerva.mit.edu.