[Trilug-ontopic] driving windows from linux, off the network

Tom Roche Tom_Roche at pobox.com
Wed Sep 28 23:25:41 EDT 2011


How to hide a linux box (off the network) behind an XP box (on the network) so that I can do a maximum of my work on the former, while keeping it off the network?


I recently started a contract doing scientific computing, which makes me happy, but I can't telework (being not merely a contractor, but a student contractor--peón muy bajo) and the network administration seems wacky. (And it's a Notes shop.) There's an inner firewall protecting the linux clusters on which the Real Work gets done (this is Science), and an outer firewall protecting the enterprise from the Real World. Pretty much everyone interacts directly with vanilla XP desktops between the firewalls (except the admins, at least some of whom run Solaris inside the inner). So I asked, "can I use my linux laptop instead? I'd even buy a Notes client out of my own pocket, just to avoid going back to windows." The admins (another set of contractors) not only replied "no," but said that, if I put my laptop (or any other device not provided by them) on the network, they will hunt me down and beat me. They did not, however, say I cannot have my laptop onsite, and in fact even provided me with a connection through the outer firewall (go figure). But if I want to print an article, or cut'n'paste text from a terminal session (et al) into my logfiles, it's thumbdrive sneakernet, which gets tedious. (As does tweaking cygwin. Which fortunately can be installed without admin, which of course I don't have on the XP box, though I have complete physical access.)

So what I'd like to know is, how might I configure things so that I interact more directly with my laptop's applications and filesystem but

* still do what needs to be done on XP (basically run shells to cluster nodes, and run Notes)
* keep the laptop off the network

The candidate solution that immediately comes to my (oh-so-not-an-admin) mind is connecting the linux laptop to the XP desktop and driving the latter from the former with some RDP/VNC client (e.g., Remmina). But how to keep the laptop safe from the prying whatever with which the admins presumably patrol the network?

Alternatively, using a KVM to drive both the laptop and the desktop would at least reduce keyboard-shuffling hassle, but I don't see how that would reduce sneakernet.

your suggestions are appreciated, Tom Roche <Tom_Roche at pobox.com>

More information about the Trilug-ontopic mailing list