Remote Observing Manual

From SharedSkies
Jump to navigation Jump to search

This manual documents the remote observing operations of Shared Skies. It covers the basic elements of all of the telescopes available remotely, and provides links to information about robotic observing and data archives. Other shorter pages are available as well. Please check the index for those.

Overview

System Architecture

Each telescope, its instruments, and its enclosure are controlled by a single computer system connected to the hardware. For different instruments there are other network components for power control and live video. The telescope operator and the observers do not have to be on site because these components are accessible remotely, either through the Internet by secure login and encrypted transmission, or through servers that limit functionality while insuring safe reliable, largely robotic, operation.

Remote Observing

In remote observing use, the telescope may have an operator on site and an observer off site, or it may be operated entirely by an off site observer-operator. In the latter case, when a fast network with low latency is available, the observer can have very effective control of the telescope in real time. Under less favorable conditions, the observer may make use of scripted operations and use a server on the high speed network to take on more automatic control of the system. Fully robotic operation based on queued requests is planned for some of the instruments in our network, but is not yet available.

Each telescope with its instruments and enclosure is under the control of a single computer system that is running INDI, an flexible instrumentation server protocol that accommodates several devices and clients simultaneously. In this way the observer may have control of the telescope while the operator stands by and monitors events, or the operator may take control as needed while the observer works with the data pipeline. Indeed, the "observer" may simply be another server on the network placing requests to the INDI server at the telescope. The essential software components that enable this process are

xephem: an astronomical ephemeris, interactive sky map, and instrumentation interface

xmtel: a telescope control panel

xmccd: a camera and filter wheel control panel

ds9: interactive image display spawned by xmccd

xmguide: an autoguider controlpanel

xmdome: a dome rotation and shutter control panel

indiserver: the remote server

drivers: ccd, dome, tel, guide or others that talk to the server


All of the clients (xmtel, xmccd, ...) are remote user interfaces to the INDI protocol. XEphem has a "control panel" that offers full access to the commands enabled by the hardware drivers, but it is not as convenient to use as the the individual panels. (At this time xmguide and xmdome are not available in indi versions, but their functions are handled by xephem.)

The server system is accessible on the command line with getINDI and setINDI issued on a system which has access to the port on which indiserver is running. With these commands a number of scripted utilities have been built to handle routine tasks such as starting the observations or running a sequential queue of images.

Connect to the Telescope Computer

Operator and Observers

The operator must have an account on the telescope computer system, and must be working on a network enabling a Secure Shell (SSH) connection to the observatory with access to the power control server. It is not necessary for the operator to be physically present at the observatory although in most cases the operator will at least be working within the university network because the firewalls block access to all ports.

A Virtual Private Network (VPN) account may enable this access from outside the universities because VPN users appear to our systems as being on campus originating from a specific range of known IP addresses. Note that the firewalls of both the University of Louisville and the University of Southern Queensland do not offer unlimited connectivity between campuses. For example, an operator at USQ wants to run a telescope at Moore Observatory must have access to the remote observatory's INDI port, such as through a server on the USQ network at Mt. Kent. For this reason, remote observing between Australia and the US is best done from a campus or observatory location.

With those constraints, a command line to connect to CDK20S and enable trusted X11 forwarding is

ssh -Y user@crux.mko.usq.edu.au

which responds with a request for a password. Similarly, to connect to CDK20N the command would be

ssh -Y user@pegasus.astro.louisville.edu

The role of the telescope operator is to start the system, oversee safe use, and stop the system at the end of the session. The operator also may do service observing for remote users, manage a queue of previously scheduled requests, or act as an expert co-observer when help is needed.

The observer will have control of the science, selecting and scheduling targets during the night, and controlling data acquisition during real-time sessions. For complete control the observer, like the operator, must have access to the observatory network. Alternatively, robotic operation or queued observing run by the operator may be more efficient if critical decisions during a run are not required. In that case, only access to a secure server is required.

Videoconferencing telepresence is also available between the observatories as well as to some campus locations to assist observers and operators. Skype with video is available to enable real-time interaction between remote observers and the observatory operator.

Passwordless Login

Secure Shell (SSH) permits secure passwordless login with public/private key encryption. Once set, this feature remains available until some change in the computer systems alters the keys. Assuming you are using a computer that has a full implementation of Secure Shell installed as is common in most Linux distributions, the command line

ssh-keygen -t dsa

generates two files in $HOME/.ssh

-rw------- id_dsa -rw-r--r-- id_dsa.pub

id_dsa is the private key and id_dsa.pub is the public key. Note the differences in the default permissions.

To permit passwordless login copy and append id_dsa.pub from your computer to

$HOME/.ssh/authorized_keys

on the remote computer. You should copy only the public key to the remote system.

This copy and append operation is more simply done using the ssh-copy-id command on your system

ssh-copy-id user@remote_host

For reciprocal passwordless login, do this on both machines.


Tunneling for INDI with SSH

Secure Shell permits tunneling through the firewalls to pass ports securely from one system to another.

The indiserver uses port 7624. To tunnel it through ssh, initiate a passwordless session from the client to the server with this command line:

ssh -L 7624:localhost:7624 user@remoteserver

If you need to view graphical content from the remote server, then add the -Y flag to enable trusted X11 forwarding

ssh -Y -L 7624:localhost:7624 user@remoteserver

Retrieved from "https://www.astro.louisville.edu/astrowiki/index.php?title=Remote_Observing_Manual&oldid=130"