Archive for March, 2001

GEM

Thursday, March 22nd, 2001

To run GEM on a modern PC, you first need to download this file and unzip it into the C:\GEM folder (which you must create). You must ensure, when unzipping, that you get the unzip program to re-create the directory structure stored in the archive. To do this with PKUNZIP for DOS, use the command line:
C:\GEM> pkunzip -d gem.zip
Other unzip utilities may different ways of doing things.

If you don't have a hard disk called C:, or you don't have permission to create a folder in the root directory there, you will have to do some serious fiddling about to get it to work. Don't blame me - this wasn't designed to be used with hard disks at all.

To run GEM, just run the C:\GEM\DESK.BAT file. You can also run "DESK 200" to set the screen mode to 640x200 and then start the Desktop, or "DESK 350" to set the screen mode to 640x350 and then start the Desktop (depending on how you like it). 640x200 (the default) is better for a more authentic Amstrad PC1512 experience, whilst some Amstrad PC1640s used the 640x350 mode.

Once you've reached the desktop you may want to use the "Install disk drives" item on the options menu so you have access to all your drives. You have to highlight a disk drive before the option becomes available.

You might need a DOS mouse driver in order to use the mouse under GEM. If the mouse doesn't work, have a look on your hard disk, or the disk which came with your mouse, for a file called something like MOUSE.COM, MOUSE.EXE, LMOUSE.COM or MMOUSE.COM and insert the command line to run it after the "@echo off" line in DESK.BAT (e.g. "C:\DRIVERS\MOUSE\MOUSE" if you found MOUSE.COM or MOUSE.EXE in the folder C:\DRIVERS\MOUSE). If you don't have a DOS mouse driver, contact the irresponsible people who sold you your computer, or download the one from the library repository (it might work). If you use DOS programs which require a mouse a lot, you might want to put the command in your C:\AUTOEXEC.BAT file so that it's always available.

If you're running under Windows, you can run GEM in a window by pressing Alt-Enter once it's started. This is handy for taking screenshots of your GEM PAINT pictures which you can then convert to other formats.


GEM Desktop


Locomotive BASIC2


GEM Paint

VNC over SSH via a firewall

Wednesday, March 7th, 2001

I live in a student house with three other guys. All of us have computers and two are computer scientists. We have a cable modem for our internet access which provides high-speed access 24/7 for a flat fee. We have installed network cables under the floorboards so that we can all use our computers in our rooms.

The physics department is on the other side of town, a 20 minute bike ride away. It is extremely useful to be able to access my computer (which runs Windows) from the department. Since it runs Windows, the best way of doing this is by VNC.

Normally to connect to a remote computer using VNC is it is a simple matter of running the server software on the computer you want to connect to, the client software on the computer you are sitting at, and just opening up a TCP/IP socket connection between the two.

However, because of the way our house network is set up, connecting to my computer from outside the house is much more complicated. There is only 1 IP address for the whole house, so my computer does not have a globally accessible IP address (it is known as 10.0.0.36 to the rest of the house). The cable modem is plugged into a firewall which does the appropriate packet forwarding and rejects all incoming connections except for SSH (which is a very sensible thing to do).

I could have opened up another port on the firewall and forwarded it to the VNC port on my computer, but this would be somewhat insecure. VNC uses challenge/response authentication so it is unlikely that a malicious hacker could sniff the password, log in and take control of my computer. However, all VNC's data is sent as plaintext, so would be susceptible.

The solution to both problems is to route the VNC data over SSH. This is somewhat non-trivial to do, and the purpose of this document is to explain how it's done.

You need an SSH client which can do port forwarding at each end, and an SSH server running on the firewall. In this case, I am using a Windows NT machine running at the physics department to connect to my machine, which runs Windows 98. Both Windows machines can run Teraterm Pro with the TTSSH SSH extension. The firewall runs a Unix derivative, for which SSH software is ubiquitous.

On my computer I perform the following steps:

  • Set up the VNC server (which listens on port 5900)
  • Start Teraterm with the command "TTSSH /ssh-R40000:localhost:5900"
  • Log in to the firewall over the local network using it's local IP address and the normal SSH port (22)

Next, I cycle to the physics department, log in and perform the following steps:

  • Start Teraterm with the command "TTSSH /ssh-L5900:localhost:40000"
  • Log in (securely) to the firewall using the normal SSH port (22) and the global IP address of the house.
  • Start the VNC client, connect to localhost, log in and it works!

There are a couple of complications. Firstly, our cable modem provider reserves the right to change our IP address at any time (we are not strictly speaking allowed to run servers). So I need a method to find our IP address. Fortunately, I already run ICQ so this provides a simple solution. A small ICQ client (if you don't have much space) can be found here. If you don't trust ICQ, you could write a small program to run on your machine to connect to a machine whose IP address you know, and another small program to run on that machine which you can connect to from elsewhere to find your IP address.

[Update] The latest versions of ICQ don't show you the IP addresses of people on your contact list who are online. A better solution is to use a dynamic DNS client (see, for example, http://www.dyndns.org). Then you don't need to install anything on the client machine, and just need to remember your hostname.

The other complication is that the Windows VNC server does not normally support loopback connections. To enable them, run REGEDIT and add to the key HKEY_LOCAL_MACHINE/Software/ORL/WinVNC3 a DWORD value with the name "AllowLoopback" and the value 1.

Happy VNCing!