Oceans and Coastal Research Information Pages


Here is information of interest to OCR staff.


To access the intranet off-site:

  1. You need an account on portal. Ask the MIMS system administrator to set one up for you. Provide the public part of a SSH-key pair in your request.
    1. Windows
      1. Use puttygen, part of the putty package. Download putty from the link here .
    2. Mac, Linux, and other Unix
      1. Use ssh-keygen from the terminal command line.
  2. The system administrator will provide you with a <username>, usually something based on your <first initial><surname>, like zbeeblebrox.
  3. Choose a port number that makes sense for you: usually choose something related to 80, the HTTP port, like 8080 or 8008 or 8888 or something that is not already being used by another app.
  4. Make the connection to the firewall.
    1. Windows
      1. Set up a session on putty.
        1. Start putty and enter <username>@ocean.gov.za in the hostname field of the Session panel.
        2. Expand the SSH tab under the Connection tab.
        3. Open the Auth panel and enter the location of the private key associated with the public key you sent to the system administrator.
        4. Open the Tunnels panel. Enter the port number you chose in the port field, “ocean.gov.za” in the Destination field and choose the Dynamic radio button. Click Add. D<portnumber> should appear in the panel.
        5. Open the Session panel again, and save the configuration under an appropriate name. (If you forget this step you will have to re-enter everything above again next time you want to connect!)
      2. Use the putty session to start a SSH connection with portal.
        1. Start putty (or open the Session panel) and Load the tunnel session you created.
        2. Click Open. A shell window to portal will open. Leave it open until you are done with browsing the intranet sites. There are ways to make the connection without explicitly opening this window, but that is left to you to figure out if the open terminal window annoys you.
    2. Unixes
      1. Use ssh -D <port-number> <username>@ocean.gov.za to make a connection to the firewall.
      2. For extra credit:
        1. See the script at http://gitlab.ocean.local/duncombe/browseintranet/blob/master/browseintranet for hints on how to create the SSH tunnel in a script. You would have to change this script to get it to work on your system.
        2. See this question on the StackExchange/superuser, about creating PAC (Proxy AutoConfiguration) files.
  5. Open your browser.
    1. There are a couple of requirements for the browser you use.
      1. The browser needs to be able to use Remote DNS; Chrome does not allow you to set this in the browser options. You need to start Chrome in a different way.
      2. The browser needs to use a proxy through SOCKS5; Opera insists on using the system proxy settings, which is fine if you only ever want to connect to the intranet to use your browser. Not so fine if you want to use a direct internet connection unless you are specifically going to the intranet resources. I have been informed that unlike on Linux, Firefox on a Mac does not allow different sessions with different profiles to be started concurrently.
    2. Set your browser to use socks5.
      1. In Firefox,
        1. open advanced settings,
        2. choose network,
        3. choose connection settings, and
        4. change the proxy settings.
        5. Choose Manual settings, ensure all the options are unchecked other that SOCKS5.
        6. Enter localhost and the <portnumber> you chose in the SOCKS host and check the SOCKS5 field.
        7. Choose “Proxy DNS when using SOCKS”
        8. Save your settings.
      2. For Chrome:
        1. Start chrome specifying a new user folder and setting the proxy on the command line, like this:
        2. google-chrome --user-data-dir=~/.config/google-chrome/Intranet --proxy-server="socks5://localhost:8888"
  6. Browse the intranet. Click on http://twiki.ocean.gov.za/.