Jul 11, 2013

Connect to Remote MathKernels

Suppose you have a powerful workstation in your office and a laptop at home. Suppose you prefer to working in your comfortable apartment. But now you have some work with Mathematica to do. Your laptop is convenient to visualize data but incapable of doing the heavy computing tasks. You may think of ssh X11 forwarding:
ssh -X username@hostname.domain
The problem is, with limited network bandwith, X11 forwarding is simply not stable to do a typical Mathematica task. The good news is Mathematica allows you to do use remote MathKernel(s) but local  FrontEnd.

1. Connect to Remote MathKernel(s);

Unfortunately, the default (Basic Options or Advanced Options) configuration does not always work for typical family networks (router, firewall, NAT etc). This error message may pop up:

The problem is that your laptop's IP address is not known. For example, you may hide behind a wireless router and a firewall. The way to solve the problem is to tell MathKernels your port and IP address (your machine may not have one!). If you do have an IP,  replace `ipadress` with it.

You can get your public IP simply by googling "my ip". Of course, your public IP may not be the IP of your machine.

If you are using a dynamic IP address, remember your IP usually changes within a few days.

In the presence of firewall and router, your IP address may not exist. Instead, your router has a public IP (again, could be dynamic or static), say, And your machine was assigned to a local IP address, say, The remote MathKernel(s) will have problem talking to your local machine. What you need is a secure link.


The first choice is a VPN. With a VPN, you can happily work with the abstract address such as foo.vpn.thirdparty.com , regardless of the actual change of your IP address.

The mathssh is a Mathematica implementation of ssh secure shell built on Java. One can also use ssh directly: `java` -jar `mathssh` -> ssh

SSH Reverse Tunneling 

SSH reverse tunneling (aka. SSH tunnel) is secure method. Interested users can check out reference [3] and the man page of ssh -R option. A Free Package was provided by Sascha Kratky. Both Unix-like (Mac & Linux) and Windows versions are provided (See Ref [5]).

Port Forwarding

Port forwarding is another unsafe approach. Namely you can forward your router's port 22 (the very port that ssh uses), to your local IP say

Warning: port forwarding is not recommended because it is not safe to expose your ssh port. Your computer will be under frequent attack (just like a public server). To improve security, you may want to disable the root login on the ssh server.

vim /etc/ssh/sshd_config
# Add or uncomment this line:
PermitRootLogin no

Your public IP can be checked out simply by googling "my ip". Your local IP can be obtained from (replace wlan0 by eth0 if you are using wired connection):

[0]: How to | Connect to a Remote Kernel
[1]: Remote kernel for Mathematica via home router
[2]: FAQ Remote Kernels
[3]: Reverse SSH tunnel or connecting to computer behind NAT router
[4]: Manually Creating a Remote Kernel Connection
[5]: Remote Kernel Strategies by Sascha Kratky

2. BTW: Connect to Remote Parallel Kernels

Setting up remote Parallel Kernels is much easier, if the master kernel is local. The master and slaves can simply communicate through ssh.

No comments:

Post a Comment