f e a t u r e s
march 1, 2010page 3
w w w . O R E D I G G E R . n e t
If you’ve read previous TechBreaks, you know about the Mines VPN; install a small piece of softwareon your computer and you can con-nect to the Mines campus from any-where, as if you were sitting in theCTLM. That’s great, but the VPN isn’tthe fastest technology in the world,and it’s a bother to have to down-load and run the client on any ma-chine you want to use to access theMines network. Fortunately, thanksto the presence of several non-re-walled Linux systems on-campus,there is another way: SSH tunneling. The cool thing about SSH tunnelingis that both ends of the connectiondon’t need anything special to makeit work. You’re just logging into a re-mote system and proxying whatevertrafc you want through it. On yourend, all you need is an SSH client(built-in on Mac OS X and Linux,PuTTY on Windows). On the serverend, all you need is something withSSH and a rewall exception (or norewall at all) so you can connect viaSSH from the outside world. Thismeans that many cheap web host-ing accounts can actually be usedto securely browse the web fromanywhere by just SSH tunneling in;all four of my web hosts allow this. There are a couple of different waysyou can use SSH tunneling. Onecreates a SOCKS proxy that youcan plug into most programs (in-cluding all major web browsers andFTP clients) and use that to surf orupload as if you were sitting at, forexample, imagine.mines.edu (nor-mally impossible since Imaginedoesn’t have a local monitor). Theother type of tunnel forwards spe-cic services available to the SSHserver to specic ports on your lo-cal machine. This is quite useful if,for example, you’re trying to log intoone of the (rewalled) Alamode labmachines from the outside world;set up a tunnel to forward port 22on pie.mines.edu to port 22222 onyour local system (localhost) andyou’re set. As long as the tunnel isactive, SSHing into localhost:22222will get you into the Alamode lab.With all that said, let’s start withinstructions on making tun-nels in OS X or Linux, spe-cically “all inclusive” ones.1. Open a terminal window.2. Type in
ssh -ND 8080 email@example.com
andhit Enter, then put in your MinesCCIT password, to create a SOCKSproxy on port 8080 of your machinethat feeds right to Imagine. Substi-tute
for your Mines login(Trailhead etc.) and 8080 for theport you want your tunnel to endon. Replace the
part with your SSHlogin to another server (a web hostfor example) to connect elsewhere.2a. The terminal window will just sitthere once connected to the tunnel;to end the tunnel exit the terminalwindow. If you want to make thetunnel run in the background with-out needing a window open add
to the end of the SSH command.Just realize that, until you manuallykill that particular SSH process orreboot, the proxy will stay in place.If you want to browse the webthrough this proxy, Firefox is rela-tively simple to set up for action.Just remember that you need tochange your proxy settings back to «No proxy» when your tun-nel is gone. These instructionsapply cross-platform for Firefox(Windows, Linux, OS X) howeverthe location of Preferences in themenu bar is going to be a little dif-ferent depending on the platform.1. In OS X, go to to the Firefox menu,then click Preferences. In Windows(and most Linux variants) you're look-ing for Options in the Tools menu.2. Switch to the Advancedtab, then go to the Network sub-tab and click Settings.3. Select Manual proxy congu-ration and enter
forthe SOCKS Host. The Port eldgets whatever port you decidedto use when creating the tun-nel; in my example that's 8080.4. Hit OK until you're out of the op-tions window, and browse away!If you want to grab one remotely-available service and make it avail-able to your system on some localport, the process is similar to creat-ing a “dynamic” proxy. You just needto change your SSH command abit. For example, to bring pie.mines.edu port 22 to localhost port 22222through imagine, you would typein
ssh -N firstname.lastname@example.org -L 22222:pie.mines.edu:22
. Again, you can add
toput this tunnel in the backgroundso your terminal doesn't need tobe open to keep the tunnel alive. Asfor the format of the second half of the command,
brings a remoteservice to a local port, and the fol-Wellness day, hosted by Stu-dent Development Services, iscoming up!Be sure and partake in the fes-tivities at CSM’s Annual WellnessDay!Each year, a variety of localhealth & wellness experts gatherin the Ballrooms of the StudentCenter to share their wares withthe CSM campus community. Thisevent is a wonderful opportunityto sample new products, get freemassages, participate in healthscreenings and safety demonstra-tions, and just have a great time!Now I have seen it all. I knewthat the Colorado School of Mineswas known for its unreal amount of clubs for students to get involved in,but it never dawned on me that theschool might actually have a HulaHoop Club. But, we have clubs andorganizations for all other types of activities, so why not a Hula HoopClub? This was the thinking behindLiz Major’s idea to start the club. A young club, Major’s Hoopingclub just began holding sessions atthe end of last fall to give people achance to give the circular piece of plastic a try. Major rst discoveredthe activity at a recent music festi-val. “There were people all over theplace just dancing with hoops” shequipped. But the idea grabbed herinterest, and she was hooked. How-ever, the idea of organized Hoop-ing is not an original idea by major. There is a strong and growing com-munity of people out there. Mostlylocated in California and Colorado,people from all demographics cometogether as it gives everyone achance to participate.Organized Hooping is composedmainly of two sections, a dancingportion and an aerobic portion. Theaerobics is a display of a combina-tion of both yoga-type exercise andcoordination with a hoop. Major ex-plained that this portion of hoopinghas provided some realistic results.In her words, “It keeps you toned.Hoopers don’t have mufn tops.” This activity is for anyone lookingto shed a little extra baggage or tobuild up their core. The dancing part, Major’s fa-vorite, provides a fun outlet fromschool. They don’t perform or com-pete, but just get together to danceand try ridiculous new tricks. Someof Major’s favorites include a VortexWhere else can you taste organicfoods, get some quick healthchecks, dabble in acupuncture,learn to manage stress and get abody comp test all in one place?Did I mention the
?We continue to promote the 5Dimensions of Wellness: Physical,Emotional, Social, Intellectual andSpiritual through this event. Wehave invited vendors who repre-sent all of these dimensions withthe goal of broadening our viewsof Wellness. Everything from tra-ditional and alternative medicine,safety and prevention, outdoor rec-reation and travel, to healthy eatingand nutrition will be represented.Each year we introduce newlowing string has the format
. If you wanted to passthrough web trafc from csci261.mines.edu to port 1337 on your ownmachine, thus making the site avail-able at http://localhost:1337, thispart of the command would changeto
. As a side note, OS X users canget a GUI-based SSH tunnel clientby the name of Meerkat, but thatcosts money ($19.99 to be exact).If you're using Windows the pro-cess involves lling out settings inPuTTY rather than punching com-mands into a terminal. If you re-ally want to execute the previousinstructions, install Cygwin (http:// www.cygwin.com), a package that'sinstalled on every Mines Windowssystem I've come across. Other-wise, grab PuTTY (it's at http:// oredig.us/h if you don't have it...campus computers have PuTTY preinstalled) and follow these in-structions:1. Open PuTTY and enter SSHserver into the Host Name/IP ad-dress box. If you want to log in tothe Mines network, you'd wantto input imagine.mines.edu here.2. On the left hand side of theconnection dialog there's a listof various options. Under Con-nection, click the plus sign be-side SSH, then click Tunnels.3a. For “dynamic” forwarding(what you use to browse the webthrough Imagine) set the Dynamicradio button, ll in the Source port(8080 if you're going along withthe above examples) and hit Add.3b. To reach one specic service,choose the Local radio button, ll inthe Source port as before (22222 bythe previous example) and ll in yourdestination host:port under Destina-tion. If you're trying to get to SSH onpie.mines.edu, the value to ll in herewould be pie.mines.edu:22. Onceyou're done with all that, click Add.4. Go back to Session options (it'swhere you were when you started)and save your tunnel settings. Thatway you don't have to spend afew minutes setting everything upthe next time you want to connect.5. Click Open, type your usernameand password in the terminal win-dow that pops up, and you're suc-cessfully tunneled in. Note that sinceWindows doesn't have SSH as abuilt-in service you'll have to keepyour PuTTY terminal window opento keep your tunnel alive, thoughyou can minimize the window with-out issue. There you have it: a cross-plat-form guide to SSH tunneling. Armedwith this knowledge, you can surf securely in the hottest of hotspots orlog into the Mines network at blaz-ing speeds with no Juniper Network Connect software required. One ca-veat is that with SSH tunneling youdon't get your own IP address, butin most cases you don't need an IPof your own, so everything is still co-pacetic. As always, questions, commentsand clarications to this article areencouraged. Comment on theonline version of this article; I'll bewatching and, to the best of my abil-ity, answering.
Tech Break Columnist
SSH Tunneling: Like a VPN, only cooler
and a Halo. But there are hundredsof tricks out there. They range fromstalls, to throwing the hoop off yourbody, to insane spins that wouldmake me pass out.But don’t be fooled, this is a farcry from those innocent little plastichoop you played with in 2
gradegym class. The Hoopers’ hulahoops are much bigger and heavier,for better performance. Averagehoops come between 30-40” andweigh around two pounds. “Peopleat Mines will understand the physicsof it,” Major assured,”bigger hoopsare easier to keep rotating aroundyour body”. And she convincedme that this club isn’t for the faintof heart. Many hoopers get bruisesfrom repeated hits from the hoop orfrom violently orbiting it around theirknees. And you know how footballplayers wear certain gloves to helpcatch a football? The same prin-ciple is true when it comes to thetape wrapping around a hoop. Ma- jor spends time deciding a balancebetween aesthetic appearance andfriction when deciding which tape toutilize. This club takes hula hoops tothe next level.Right now, Major’s group is asmall one. Still in its “infancy”, asshe described it, the club is eager toaccept new faces. They meet in theMcNeil room of the Student Rec-reation Center every Tuesday nightand Thursday afternoon and themeetings are open to anyone. Majorexplained that many of the peopleshe knows are very interested in theidea of hula hooping, and is trying tospread the word. But you don’t haveto be an expert like Major, perform-ing Vortexes in the middle of the stu-dent center, to be involved. “We’vehad a few noobs come in, that’s forsure”, she noted. But that’s the bestpart. It’s a group of students justgetting together to take their mindoff school and have fun.
Tornados in Rec Center Student Development promoteswellness to campus community
vendors and keep our loyal favor-ites. These service providers do-nate their time and resources toeducate our campus communityand converse with students. In re-cent years, vendors have sharedhow impressed they are with thequality and thoughtfulness of stu-dent questions and interest lev-els during this event. In additionto the great giveaways, we hopeparticipants walk away with newawareness and openness to tryingsomething new to promote theirwell-being.Wellness Day occurs Fri-day, March 5th from 10:30am to1:30pm in the Student Center Ball-rooms.
Courtesy Student Develop-ment ServicesTrevor Crane