Note: These instructions are for Engineering accounts only; not CS accounts.

On the ECI Web page select account maintenance and log in.

Click on vacation to set up a special message that will automatically go to anyone who sends an email message to you while you are gone.

When you return from vacation be sure to turn it off through the above web site.

You can forward your email as long as you have an account with the College of Engineering or Computer Science.

Email forwarding is a feature for which you have direct control. You forward your email by creating a plain text file in your login directory at the top level named .forward (no suffix). The dot prefix makes it a hidden file under the Unix operating system. As seen by the Unix operating system, a .forward file must not be world writable. The mode should be between 755 and 700. Under Windows and Macintosh operating systems, a file created on a mounted Unix file system will by default have a usable permissions mode.

Your .forward file should contain the address to where you want your mail forwarded. You can start or stop forwarding at any time by temporarily renaming the file to something else when you want to stop forwarding.

Your .forward file contains one line which is usually just the email address to where you want to have your mail forwarded. Following is an example of a simple .forward file:

user_name@netscapemail.net

Here is an example for delivering a copy of your messages to two or more email addresses. Additional email addresses may be entered on the same line by delineating them with a comma

user_name@netscapemail.net, user_name@gmail.com

Here is an example for delivering a copy of your messages to your local mail account and forwarding a copy of your messages to the specified destination:

user_name, user_name@yahoo.com

The College of Engineering outgoing mail server (smtp.engr.ucsb.edu) will only transfer mail which either:

(a) originates in the College of Engineering; or

(b) is to be delivered to College of Engineering addresses.

Sending mail from outside of the College of Engineering to destination addresses also outside of the College of Engineering is called relaying. Only College of Engineering users may relay through our mail server. A very good general description of the relaying issues can be found here.

If you are connecting from outside the College of Engineering, you may still use smtp.engr.ucsb.edu as your outgoing mail server to relay if you meet the following conditions:

1. Your computer must have a legitimate forward and reverse registration in the Domain Name System (DNS). This is assigned by the network administrator of your network provider.

2. Prior to sending your mail you must authenticate yourself (i.e., prove your identity). Our mail server supports the standard AUTH control described in RFC 2554); most email programs also support this. Usually there is a configuration option in your email program to use a username and password with the SMTP server. Only after successfully authenticating will smtp.engr.ucsb.edu grant you permission to send mail. You must have an account on the College of Engineering computers to do this.

More information about how to set up AUTH (authentication) on common email programs can be found here.
Your mail session must also be encrypted as described here.

4. Some ISPs (such as Cox High Speed Internet) may block outgoing mail traffic on port 25. If your ISP blocks port 25, then you may still be able to relay through our mail server on port 587 using STARTTLS/SSL, or on port 465 with SSL only. Most mail programs will allow you to specify the port under their "Outgoing mail server" configuration area.

If you have any questions about how our mailer in the College of Engineering is configured, we will be happy to answer them. If you need technical assistance configuring your system to use your ISP's mail relay, please contact the technical support people at your ISP.

For College of Engineering email services (including services we provide for groups such as CNSI and ICB):

INCOMING SERVER
---------------
Server name: imap.engr.ucsb.edu
Protocol: imap
Port: 143

You must also enable TLS security for your connection to the incoming mail server. Do not enable "use secure authentication" as TLS ensures the connection is secure.


OUTGOING SERVER
---------------
Server name: smtp.engr.ucsb.edu
Port: 587

You must also enable both TLS security and "use name and password" for your connection to the outgoing mail server.

We primarily provide support for the Thunderbird email program, which can be found here: www.mozilla.com.
You must use version 1.5.0.7 or higher. The above settings may not be all available during the default account "wizard" setup; you may need to set them afterwards under "Tools -> Account Settings"
If you are using some email program other than thunderbird, please consult your program's documentation for making the above settings.

If you are in the Computer Science department and using the Computer Science email server, please see this information rather than the above: http://www.cs.ucsb.edu/facilities/faq.

You can access "WebMail" from College of Engineering homepage. Click on the WebMail button at the bottom of the page. It will take you to a secure login page.

To setup WebMail you will need three pieces of information:

1. Your email server

Members of the Computer Science Department should choose "UCSB College of Engineering CS Department."
All others should choose "Main UCSB College of Engineering Email server."

1. Your College of Engineering username
2. Your College of Engineering password

Mounting (mapping) of your home (login) directory is limited to computers within the College of Engineering (COE) network. Computers outside of that domain are not allowed to mount your home directory. Computers in ECI administered Labs mount (map) your home directory automatically at login:

Other Windows computers that are allowed, you can map your home directory as follows:

1. Right click on the Start menu and select Explore.
2. In the Explore window, left click on the Tools drop down menu and select Map Network Drive.
3. In the Map Network Drive window, choose the drive you want to map (usually X:)
4. In the Folder box, type: samba.engr.ucsb.edu
5. If desired, check the box to make this a permanent mapping.

If you accidentally delete files, it may be possible for us to restore them from backup tapes. System backups are made nightly, and files that have been modified within the last 24 hours are stored onto the backup tapes each night. Additionally, full backups of each file system are made each quarter, and weekly dumps are made covering changes during the past week. For information on having a file restored, you will need to provide us with specific information about the file. We need to know the full path of the file (or the path relative to your home directory), the time the file was last modified, the time it was deleted, and possibly the time it was created. Providing all of this information will enhance the chance of getting your file restored.

If you need to restore a file from backup tape, first collect the information described above. For Engineering, contact This e-mail address is being protected from spambots, you need JavaScript enabled to view it or for Computer Science, contact This e-mail address is being protected from spambots, you need JavaScript enabled to view it . File restorations from backup tapes are time consuming and may take at least 24 hours. If you create a file and then remove it before it has a chance to be stored on the nightly backup tapes, there is no way to recover that file. Also, backup tapes are not kept indefinitely. Currently, quarterly archival backup tapes are kept for one year. After one year, the tapes are recycled. You cannot restore a file from more than one year prior to today's date.

You are responsible for ensuring that your script does not breach system security. If your script is found to be insecure, we will need to disable it. We will not debug security problems in scripts.

To run your own cgi scripts, you must follow these steps:

1. You must agree to the terms of the CGI Security Policy. If the terms are ok, email your request for authorization, including your statement that you have read and understand the CGI Security Policy to: This e-mail address is being protected from spambots, you need JavaScript enabled to view it
   We will then grant your account authorization to run scripts on the cgi server.
2. If it does not already exist, create in your home directory a directory named "public_html" with the mode 755. If the directory does already exist, make sure it is mode 755.
3. If it does not already exist, create in public_html a directory named "cgi-bin" with the mode 755. If the directory does already exist, make sure it is mode 755.
4. Place your cgi scripts in ~user_name/public_html/cgi-bin. They must be named "file_name.cgi". They should be mode 711
5. Your scripts must conform to the security model described at http://httpd.apache.org/docs/suexec.html. Please read this document carefully; if your scripts do not conform to its requirements, your scripts will not execute.
6. If all of the above conditions have been met, you should be able to execute your script using the address:
   
   http://cgi.engr.ucsb.edu/~yourlogin/cgi-bin/filename.cgi

There is a web counter program (Counter Release 2.4) available on the engineering web server for only engineering accounts. To use the counter program, just place an image link with the following minimum command syntax on your home page:

src="http://www.engineering.ucsb.edu/cgi-bin/Count.cgi?df=your_counter_file"

Please note that "your_counter_file" in the above is your choice of naming the counter file and it must be unique. A good file name would be your login concatenated with the name of the web page or file. If the counter file name has already been used by another user, your count will start where their count left off rather than the count of 1. If this happens, please choose another counter file name.

The counter program also supports date, time and more. For more information on options that can be passed into the program, please see:

http://www.muquit.com/muquit/software/Count/Count.html#opti page
and for other information on the program, please see:
http://www.muquit.com/muquit/software/Count/Count.html page.

You can password protect your web pages via the htaccess facility and the htpasswd program, which are currently available on our Linux systems (linux.engr.ucsb.edu). You will need to dedicate a subdirectory for your password-protected files.

Information on htaccess can be found here:

http://www.he.net/info/htaccess/demo.html

Information on how to use htpasswd can be found here:

http://httpd.apache.org/docs/programs/htpasswd.html

Our Apache web server is configured to look for a file named .htaccess.

A SAMPLE setup could be done like this:

Make the directory containing the password protected files your current directory. Create a file named “.htaccess” there.

.htaccess file SAMPLE contents:

AuthUserFile /fs/home1/student/public_html/.htpasswd

AuthName "Name of your Web Pages"

AuthType Basic

require valid-user

(Note that .htaccess will not work if there are extra spaces after AuthUserFile.)

Then for the first user, from a command prompt on a linux system, type:

# /usr/bin/htpasswd -c .htpasswd joe_user

You will then be prompted twice for the user's password. The -c option causes the .htpasswd file to be created.

Set files in this directory for world read (chmod 644).

For each additional user type:

htpasswd .htpasswd some_user

When users supply user name and the password that you provided to the htpasswd program, they get access to the directory and its contents.

Your "public_html" folder is located in your home directory. When you first logon to one of the Solaris or Linux computers, you will be placed in your home directory by default. This is true whether you are physically sitting in front of the computer or connecting remotely (via ssh, scp or sftp). Therefore all you need to do is copy your files into the "public_html" in the default directory. For more information on connecting remotely see the: How can I login to College of Engineering workstations remotely? section.

If you are copying files to or from another user's account, use a secure FTP program and use the following command syntax from within one account to access the other account, i.e.:

open @engineering.ucsb.edu OR @cs.ucsb.edu

Of course you will need to know the password for both accounts to do the above.

Windows computers differ in two ways:

1. Your home directory shows up as your X: drive
2. You cannot connect to Windows machines remotely

All students, researchers, faculty and staff in the College of Engineering can have accounts and web pages on the College of Engineering computers. Some departments also have separate machines where you may be entitled to access and maintain web pages. To create a web page in the College of Engineering:

1. If you don't have an account already, open an Engineering account
2. Get familiar with your account and how it works. The ECI machines have web browsers installed for your use.
3. Create web page(s), keeping in mind your total disk quota.
4. Make sure you are in your home directory.
5. Create a directory called "public_html"
6. In that directory, create a text file called "index.html". This file will contain the information that is displayed on your home page.
7. Make sure that your directory and .html files are world-readable, by running the following commands:
   
   chmod 755 public_html
   chmod 644 public_html/index.html
   
   Also, make sure that your home directory is world executable; if not, use the following command:
   
   chmod o+x $HOME

You can now access your web home page via the URL "http://www.engineering.ucsb.edu/~login/" where "login" is your login name.

NOTE: Our server requires that your home page be named "index.html" if you want it to be accessed by using http://www.engineering.ucsb.edu/~login. If you've already created files named "index.htm" (or other name) which you want to be retrieved as the homepage in a directory, and don't want to rename them and their corresponding links, you can use a soft link as follows: cd $HOME/public_html ln -s ./index.htm index.html

You may, of course, name your files whatever you wish, but will need to reference your page as http://www.engineering.ucsb.edu/~login/pagename.

• An account is set up with a login name corresponding to the name of the group (or class). This account is set up in the normal manner: by the Engineering department sponsoring the group or someone from the group completing the College of Engineering Computer Account Request Form. After the request is submitted, the Engineering department sponsoring the group will be automatically sent an email with the request for verification and confirmation. If the department approves the account, they must complete all the information on the form. The password to the account will be set to "*"; logins to the account will not be permitted.
• A Unix group by the same name as the account will be set up.
• The home directory of the account will be set to 775 so users in the corresponding Unix group can write files. The home directory should be group-owned by the Unix group corresponding to the account.
• Shell for the account will be set to /bin/false so if someone creates a .rhosts file in the account it will be useless.
• Users who are to have access to the files in the account will be added to the Unix group. The sponsor of the group must provide via email to This e-mail address is being protected from spambots, you need JavaScript enabled to view it a list of login names that should be members of the group.
• Users should read the man pages on newgrp, chmod, and umask so they know how to set and manipulate the permissions on the files in the account. They then "cd ~account" run "newgrp group" and change files as necessary. The group ownership of the files will be the Unix group corresponding to the account because the user has run the "newgrp" command.
• A .forward file in the home directory of the account can be maintained by the users of the group and can relay mail to any people they choose.

A password must consist of a combination of letters and numbers, and possibly also special characters such as punctuation marks. A password must contain between six and eight characters. Another password possibility is to think of a phrase which is well-known to you and combine the first letter from each word to form the password. You can randomly use upper case letters. This usually results in a combination of letters which is hard for someone else to guess, yet easy for you to remember. You can also create a pseudonym using alphabetic characters, numbers and special characters such as T0ys4Us. (Do not use this one!) With some creativity, you can create such a password that is easy for you to remember.

The inclusion of numbers or special characters decreases the likelihood that your password could be guessed by someone running a "dictionary program". (One method used to break into systems is to write a program which will read words from a dictionary and then try them as passwords for known computer login names.)

The password changing option through the Account Maintenance runs a very sophisticated screening program across all new passwords. It uses a dictionary of 16 million words and patterns taken from an actual password cracking program. The words and patterns in this dictionary come from many languages, technical dictionaries, dictionaries of fictional names/places, and many permutations of patterns of the above. Such words and patterns will be rejected. It is very strict!

BACKGROUND

The people that write computer operating systems have long realized that data security is a desirable part of any multi-user computing system. That is why most systems will not allow you access unless you give some type of password known to both you and the computer operating system. Operating systems employ varied schemes for keeping these passwords a secret, in some cases only storing an encrypted version of the password online. A great deal of the responsibility for security is also placed upon the shoulders of you, the computer user.

Each time you try to access any system, you must identify yourself (i.e., say who you are). You must also authenticate this identification (i.e., prove you are who you say you are). On the College of Engineering computers and IT services, you identify yourself with a login name and authenticate your identity with a password.

When you first create your College of Engineering account, you will either be asked to select a password or assigned an "initial" password which you are advised to change after a few months for security reasons.

KEEPING YOUR PASSWORD SECURE

Once you select and use a secure password, your login name will be totally secure only as long as that password is known only to you and the computing system. If you write down your password in a place where others might see it, you are jeopardizing the integrity of whatever information you have stored on your computer account.

In keeping your password secure, you should also follow these additional guidelines.

1. Do not give out your login name and password over the phone or via an online interactive or mail message.
2. Be suspicious if callers or other online users identify themselves as Computing Services personnel and demand your password over the phone or online.
3. Report any attempts to obtain passwords to: This e-mail address is being protected from spambots, you need JavaScript enabled to view it Reporting such an attempt to the system administrator will allow countermeasures to be taken against that attempt to compromise system security.
4. You may be asked to change your password periodically. The College of Engineering runs periodic attempts to crack the password database to find weak passwords before hackers do. If your password is cracked by one of our periodic runs, you will be sent email asking you to change your password. You should change this only at http://www.engr.ucsb.edu/eci. If you receive any notices asking you to enter your password at some other location, please notify us at This e-mail address is being protected from spambots, you need JavaScript enabled to view it -- these may be nefarious attempts to gather user passwords.

THE BOTTOM LINE ON PASSWORD SECURITY

In summary:

1. Choose passwords which will not be found in any dictionary. You actually will not have a choice in this as the password screening program will not allow it.
2. Make the password especially secure by including non-alphanumeric characters.
3. Try using a mnemonic to remember your password so that you do not have to write it down. Useful mnemonic devices are substituting digits for words like to (2) and for (4) and especially useful are punctuation marks like ( or & for "and". Thus a mnemonic like "Four score and seven years ago our Fathers" might be used to generate the password 4s&7yaoF (but do not use this one!)
4. Do not use a meaningful system command for a password; i.e. logoff is NOT a good choice for a password. The password screening process will disallow it in any case.

You can change your password interactively through a secure web page. Use any web browser to connect to http://www.engineering.ucsb.edu/eci/ to change your password. Then click on the link, 'Account Maintenance' under the Main Menu. If you forgot your password you can stop by Engineering I room 3110 with a picture ID and have it reset.

After running the interactive program to change your password, it will take about an hour before your new password is in effect on all computers.

A common problem when a file won't download is that it exceeds the user?s UNIX file size limit. Check for this problem using the UNIX limit command.

1. Log in as the user with the problem and execute the limit command.
2. The return display includes the file size limit for that user (if any).
3. If the file size limit is lower than the file being downloaded, this is the likely problem.
4. You can change the file size limit for the duration of your login by typing the unlimit command.

It must be the user's responsibility to monitor and manage disk usage and keep it under quota. On Windows machines, a status window pops up at the time you log in, which displays disk usage statistics for your information.

For Linux or Unix machines, in your login directory, you can use the command:

quota -v

to view your current disk usage and quota.

When near or over quota, look for your cache (or temporary files) in your web browser. These unneeded and space gobbling cache (or temporary files) are often the worst offenders. They can best be deleted from within your browser program. Look for Internet -> Options -> Temporary Files

Delete any core-dump files when you are finished analyzing them.

Your user interface can also produce extraneous cache files. They are located in the hidden subdirectories, .kde/share, .gnome/share. You can examine all of your hidden files, when in your login directory, with the command:

ls -la | more

When in your login in directory, use the command:

du -sk * .??* | sort -rn | head

to see a list with the largest files displayed first, so that you can judge which are good candidates to delete.

Then the following command will give you a quick summary of current disk usage.

du . -s

Please note that when you take a class for which your quota is increased, it must be your responsibility to purge your account of these files at the conclusion of your class. You may do this by archiving off the files that you want to keep or simply deleting them from your account. At the end of that quarter, your quota will be returned to the previous level. If you have not reduced your disk space and number of files usage to the previous level, your account will be over quota and you will not be able to log in from the Engineering Labs.

All accounts in the instructional laboratories are assigned a pre-set limit to the amount of disk space the account can use. When this limit is reached, the system will allow no further files to be written. To check your current disk quota, you can use the "quota -v" command on all unix systems. Microsoft Windows users will see a pop up window at logon that displays their disk space usage.

Currently, College of Engineering accounts have at least a 100MB quota (CS undergrads start with a quota of 100MB and 4000 files). If you feel you need more space than initially allocated, you can request additional space for legitimate instructional needs only. To request additional disk space, please ask your professor or department to email authorization to This e-mail address is being protected from spambots, you need JavaScript enabled to view it or This e-mail address is being protected from spambots, you need JavaScript enabled to view it (if you are a CS major) for the additional disk space and number of files.

Your account will expire on the date set on your account application form at the time your account was opened. All accounts are sent weekly email notices warning of impending account expiration starting about 30 days before the account expires. If you do not regularly read mail from your engineering account, be sure to place a .forward file in your home directory to forward your email to the email address that your regularly use. See Can I forward my email? for instructions about how to create a .forward file in your home directory.

To renew your account, please visit your department office and request an extension to your new expected graduation date. Your department should send this authorization and the new expiration date to: This e-mail address is being protected from spambots, you need JavaScript enabled to view it . Upon receipt of this authorization, your account will be extended immediately and a confirmation email sent to you.

Each account is assigned an expiration date at the time the account is created. When this expiration date is reached, the account will automatically be closed. The account will not be deleted for a few weeks, in the event that you need to reuse it again. The expiration date for each account is determined by the department that owns the account. For students, the expiration date is generally set to their expected date of graduation. Student accounts are intended to last for the life of the student's involvement with the College of Engineering. Account access can be revoked at any time per conditions set forth in the Computer Use Policy.

To extend your account, ask the college department to which you are associated to email authorization to extend your account and specify a new expiration date. Your department should send the authorization to: This e-mail address is being protected from spambots, you need JavaScript enabled to view it

If you suspect that your PC has been infected with a virus or are experiencing other related problems your departmental technical support is the most appropriate help you will find to resolve the problem. Before that happens, here are a few preventive guidelines to make sure that your personal computer remains in the safe zone:

- Remember to maintain your software with the latest security updates. For example, if you use Windows you can setup automatic updates.

-It's vital to have an anti-virus program installed and that you keep its virus definitions up to date.

-Add anti-spyware software. If you use Windows XP, Microsoft.com provides free downloadable anti-spyware software.

-Ultimately you will choose which browser and email program you want to use but we recommend Firefox for web browsing and Thunderbird for email, both downloadable from http://www.mozilla.com/

-Always use a firewall

-Be careful with what you download from your email or from the Internet in general.

*** STANDARD FTP SERVICES ON

FTP.ENGR.UCSB.EDU

DISCONTINUED***

Standard ftp service is being permanently discontinued as of May 1, 2003 because of its inherent security flaws. Beginning May 1, 2003, the insecure ftp service will no longer function.

Please migrate to using the secure ftp protocol, which is running on: ftp.engr.ucsb.edu

You may now connect to ftp.engr.ucsb.edu at any time using a secure ftp client.

You may find information about secure ftp clients appropriate for your computer at the following web sites:

http://www.openssh.org.

http://www.ssh.com

http://winscp.vse.cz/eng/

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

The following is generic information that applies for access from here on campus as well as remote access  like from home or another work place. Clearly this is not the only way to use X-Windows remotely, but it works, and has the following benefits:

1. The session is encrypted, so there are no clear text passwords or data.
2. The data stream is compressed before transmission, which generally results on better overall performance.
3. If you have a software firewall like Zone Alarm installed on your PC, or you use a hardware firewall such as would be found in a cable/DSL router, this method works without having to establish extra firewall rule sets.

The reason for this is that since the X-session is tunneled within the ssh session, the X-requests going to the X-server on your PC appear to be coming from another application on your PC (the ssh client, which manages the tunneled session), NOT from the remote computer. Because of this, no other special accesses or permissions need to be identified to either the firewall or to the X-server. Often this is done within an xhost authentication facility and with this approach it is not needed since most firewalls and X-servers grant access by default to the local system on your PC).

There are basically two pieces to making this work successfully in our environment. The first piece comprises using a secure shell (SSH) client, which manages authentication over an encrypted session link and provides a compressed data tunnel for the X-windows traffic. Examples of secure shell clients include no-cost tools like Mindterm or Putty, or commercial tools like SecureCRT.

The second piece is the X-windows server such as X-Win32, which is used to display on your local system the information from the remote client.

The two-piece approach maintains security for your system but also allows you to work with remote applications that use a graphical interface. If you are working from a PC and have ZoneAlarm installed or are behind a hardware firewall, tunneling the X data stream within SSH is far easier than trying to configure for it.

One program is X-Win32. You can get a demo version from Starnet's web server at: http://www.starnet.com/
You may first contact This e-mail address is being protected from spambots, you need JavaScript enabled to view it to inquire about the availablility of a license key for use in downloading the non-demo version for use only within the College of Engineering at UCSB.

Some choices for an SSH program can be found at: http://www.openssh.org/

If you use an SSH program to establish the connection, make sure that your SSH client has "Forward X-11 packets" enabled within its configuration. Most, if not all, have that disabled by default. Log in on your ECI or CS system and issue the following commands:

csh
printenv | grep DISPLAY

you should see a reference to display 10.0 or higher on the local system (but NOT zero). That's OK. On the UCSB or CS system side, that display number corresponds to the X redirect that the SSH server has set up. If you don't have DISPLAY showing properly, then the X-11 packet forwarding is not enabled within your SSH program and you need to configure it to be enabled on your end before proceeding any further.

To test the X-connection, make sure X-Win32 is started (blue X appears in the System Tray), then issue a command like xclock in the ssh terminal window. If a graphical clock appears on your PC display, then all is working OK and you can close the clock and then start an xterm or go straight into your application program in the ssh window. If you get an error, either in the ssh window or a popup message on your PC screen, send an email to help@engineering detailing the command(s) you provided and the exact error(s) that you received. Also verify in you email that you have performed the test described above.

The best answer is because it is secure. Unlike telnet or ftp, your password (and all other data) cannot be "sniffed" or intercepted on its way to the ECI network. Also, telnet and ftp are now disabled on all ECI computers.

For additional details about SSH, see the previous FAQ.

The Secure Shell (SSH) is a protocol for logging into another computer over a network, to execute commands on a remote machine, or to move files from one machine to another. SSH provides strong authentication and secure communications over insecure channels. SSH includes replacement programs for telnet, rlogin, rsh, and rcp. The SSH2 protocol, which is used at the College of Engineering (COE), also includes Secure FTP (sftp) which replaces traditional FTP.

Additionally, Secure Shell provides secure X-connections and secure forwarding of arbitrary TCP connections. With SSH, you can also use other UNIX tools such as, rsync and secure network backups.

The traditional BSD r-commands (rsh, rlogin, rcp, and ftp) are vulnerable to a variety of attacks. Somebody who has root access to machines on the network, or physical access to the wire, can gain unauthorized access to systems numerous ways. It is also possible for such a person to log all the traffic to and from your system, including passwords. SSH uses only encrypted passwords.

The X-Window System intrinsically has a number of severe security vulnerabilities. With SSH, you can create secure remote X-sessions transparently. As a side benefit, using remote X-clients with SSH is more convenient for users.

If you would like to know more about the SSH protocol, visit OpenSSH's wed site: www.openssh.org

Users can remotely login to any of the Linux workstations located in the E1 lab using a Secure Shell (SSH) terminal program. Some suggestions for open source (free) SSH programs are given in the related FAQ below.

To make remote access convenient, you can log into the following alias: linux.engr.ucsb.edu

All locally-installed software on the ECI computers is located under the tree rooted at /eci. Beneath /eci you will find directories for each package, and subdirectories beneath that contain the executables, man sections, libraries, etc.

For example, the latest-installed version of the perl distribution is installed in /eci/perl. Under there, you will find /eci/perl/bin, /eci/perl/lib, etc. The binaries for the perl executables are located in /eci/perl/bin, and that directory must be in your search path before you can execute perl.

For programs which have a single binary and a single man page, the binary is located in /eci/bin and the man page in /eci/man. You should have /eci/bin in your search path.

Each computer also has vendor-supplied software (for example, the vendor c compiler) installed in a vendor-specific place. You should consult the online /usr/man man sections on each system for information about these software packages.

Matlab is installed for the use of all students on all the workstations in the E1 and CSCL labs. You can also run Matlab from a remote X-connection to a Linux system. See the related FAQs at:
http://www.engr.ucsb.edu/eci/faqs Section 8 for information about running an X-connection remotely.

The College of Engineering (COE) also provides and pays for a network license for Matlab. This license is available for faculty, graduate students and researchers. You should contact your department computer support staff. They can help you install the software and set up the license on your workstation.

It could be because: (a) there are jobs (maybe yours) stuck/clogging up the print queue, (b) your print job is too large, or (c) there is some problem with the printer: ie, paper jam, out of paper.

1. How to check the status of the print queues and remove your stuck jobs.

Check to see if there are jobs stuck in the print queue. You can view the queue by using the lpq command on a UNIX machine. To specify the printer you must use the -P option to the lpq command. For example to look at the queue for the cadps1 printer you would type lpq -Pcadps1. This command shows the filename, owner, and a job number. You can remove your job by referring to the job number using the lprm command. Note: You cannot remove jobs other than those owned by you. For example you might type lpq to get the job number of the job in question and then once you have that, use lprm job# where job# is some numeric value. Once again you need to specify the printer with the -P option, so to remove a job from the cadps1 queue, use lprm -Pcadps1 job#. You may want to read the UNIX manual page for these commands. To do so type man lprm, etc. If you see that there are jobs that are stuck in the queue that you are not able to remove because they belong to someone else, then either let the monitor on duty know so that he or she can remove it, or if it is during normal working hours, you can send mail to This e-mail address is being protected from spambots, you need JavaScript enabled to view it .

2. Your print job may be too large.

You may need to split your print job up into smaller units.

3. There is a problem with the printer.

Occasionally a problem happens with the printer such as a paper jam, low toner, or out of paper. When this is case then again, either let the monitor on duty know so that he or she can remove it, or if it is during normal working hours, you can send mail to This e-mail address is being protected from spambots, you need JavaScript enabled to view it .

The printer spooling software used on the UNIX ECI laboratory machines is the public domain package called "plp", and there are online man sections for all of its associated programs located in /eci/plp/man.

Windows machines use the integrated Windows print spooler.

Not all computers in every laboratory are available for general use (for example, computers in the Computer Science department's CSIL lab are accessible only to students enrolled in CS classes). The CSIL lab is not otherwise available to anyone except Computer Science majors.

If you are a major in another department and enrolled in a CS class you may obtain access to the CSIL Lab for that quarter. Request access from the CS Administration Office. This must be done for each quarter that you take a CS class.

E1 Lab - Harold Frank Hall, room 1140
E2 Lab - Engineering II, room 3236
CAD Lab - Engineering II, room 2223
CSIL Lab - Harold Frank Hall, room 1138

Click here to see a map showing the labs' locations.

Note: Check public notices for Holiday closings, between quarter closings and special summer hours or closings.

E1
Mon - Thu, 8:30am - 2:00am
Fri, 8:30am - Midnight
Sat, 10:00am - Midnight
Sun, 10:00am - 2:00am

CSIL Lab:
Mon - Thu, 8:30am - 2:00am
Fri, 8:30am - Midnight
Sat, 10:00am - Midnight
Sun, 10:30am - 2:00am

E2 Lab
Mon - Fri, 8:00am - 5:00pm

CAD Lab
The CAD Lab is currently open 24 hours a day, except
for some holidays.

The UCSB College of Engineering (COE) provides lifelong email forwarding to graduating students. This service is available only to students who received degrees and whose accounts have not been expired longer than 30 days.

Please read this information carefully and completely.

If you are an alumnus of the College of Engineering at UCSB, we will provide lifelong email forwarding for email messages addressed to you at your current This e-mail address is being protected from spambots, you need JavaScript enabled to view it address. We will also provide forwarding for This e-mail address is being protected from spambots, you need JavaScript enabled to view it .

This means you will have two different addresses available for your use:

This e-mail address is being protected from spambots, you need JavaScript enabled to view it
This e-mail address is being protected from spambots, you need JavaScript enabled to view it

The above addresses must forward to a single destination. You must provide us with the email address where you would like to have your email forwarded. It should be a permanent email address.

This service is for forwarding only; it does not include local delivery or access via IMAP after your account has expired. You will not be able to send mail through our outgoing mail server after your account expires. You may not continue login access or maintain web space. Your login access, files, any .forward files, and web pages will be removed after your account expires.

Please do not ask for alumni-forwarding until you are finished using your COE account. You will no longer be able to access your COE account when forwarding starts!

In the near future there will be a web page available for you to make authenticated changes to your forwarding destination. In the meantime, please send email to:
This e-mail address is being protected from spambots, you need JavaScript enabled to view it

Include your engineering account user name and the new destination address to where you would like your mail forwarded. After you have sent your email request, forwarding should begin within 24 hours. If you would like to modify your destination address, just send mail to the same address letting us know.

Mail that has already been delivered locally will not be forwarded; only new incoming messages will be forwarded.

This forwarding supersedes any .forward file you may have in place.

When your account expires, the lifelong forwarding will continue to function. If your degree is not granted or you are not a alumni, the forwarding will be canceled.

If you have any questions, please send mail to This e-mail address is being protected from spambots, you need JavaScript enabled to view it and we will be happy to assist you.

The College of Engineering takes an active role in preventing the transmission and reception of Unsolicited Bulk Email (UBE) and Unsolicited Commercial Email (UCE), more commonly known as "spam."

INFORMATION ABOUT SPAM
For information about UBE and UCE, what it is, why it is bad, and what generally can be done about it, please see http://spam.abuse.net and http://www.cauce.org/.

NOTIFICATION
The College of Engineering mail server presents all mail connections with the following notice during the SMTP mail transport transaction:

220- This equipment is located in California. In accordance with 17538.45
220- of the California Business and Professional Code, unsolicited
220- electronic mail advertisements are prohibited. See
220- http://www.engr.ucsb.edu/eci/UEMA_policy.html for details.

This serves to give legal notification to sites that we prohibit such mail transactions.

HOW WE PRE-SCREEN AND REJECT MESSAGES
Incoming messages to the College of Engineering email server are rejected if they meet some or all of the following conditions:

1. If the originating site is listed with http://mail-abuse.com/

2. If the "Subject" header or message body match certain known keywords commonly used in spam (e.g. "Make money fast!").

3. If the originating site is listed in our local list of sites from whom we have received UBE and UCE.

4. Various other heuristic scoring techniques to identify mail with falsified sender headers, known spam keywords and phrases in the body of the message, known spam generating "From" lines, etc.

WHAT TO DO IF YOU RECEIVE SPAM
The spam rejection techniques cannot catch all UBE and UCE. You may still receive spam. If you receive spam and would like to do something about it, please forward the message including the full message headers to This e-mail address is being protected from spambots, you need JavaScript enabled to view it . If you do not include the full message headers, then we will not be able to do anything useful to block the originating site.

WHAT TO DO IF LEGITIMATE MESSAGES TO YOU ARE REJECTED BY OUR MAIL SERVER
The spam rejection techniques may occasionally reject messages that are legitimate email. If this happens, please let This e-mail address is being protected from spambots, you need JavaScript enabled to view it know the details and we will ensure you are able to receive the messages.

All ECI Linux workstations are scheduled to be rebooted once per week. All ECI machines will be rebooted at 05:30 each Sunday. Users on the systems are warned 15 minutes before the reboots, so that they will have enough time to save all their work and log out. Note: All the processes on the systems will be killed during the rebooting process.