Access CRCD SRE via Azure Virtual Desktop (AVD)

The CRCD Secure Research Environment (SRE) is where you can do computation on regulated data requiring NIST SP 800-171 compliance (self-attested) and is suitable for satisfying controlled-access data requirements from NSF and NIH. It is suitable for storing data containing Protected Health Information (PHI), particularly data containing any of the 18 HIPAA identifiers. This environment is restricted to authorized users on projects that are covered under an approved IRB application or data use agreement (DUA). The documentation below describes how to set up AVD for accessing the CRCD SRE.

A schematic of the process is depicted below.

Definitions

• Client -- this is your computer or internet-connected device
• Access Portal -- one of several remote servers used to submit jobs to the high performance computing clusters or to perform data management operations
• CRCD SRE -- the total footprint of the CRCD Secure Research Environment, including a high performance computing cluster, a data storage system, access portals, networking equipment, and software
• Azure Virtual Desktop -- A cloud-based Windows Remote Desktop that has a direct connection to the CRCD SRE

1. Install and Configure Remote Desktop client

You will need to install the Remote Desktop client for your OS. The previous link provides instructions for various types of devices. Below, we will only highlight MacOS and Windows.

Installing and Configuring the Remote Desktop client

MacOSWindows

In MacOS, the Windows App client software is distributed through the Mac App Store. Open the the Windows App after download.

Next, add Pitt's Remote Desktop Device by selecting Add Work or School Account from the + widget, located towards the upper right-hand corner of the window.

This will take you to the Microsoft Sign in panel for authenticating using Pitt Single Sign-On.

Authenticate via Pitt Passport
1	2
3	4

In Windows, the Microsoft Remote Desktop software is distributed through the Microsoft App Store. Open Remote Desktop installer after download.

Next, add Pitt's Workspaces by selecting Workspaces from the + Add widget, located towards the upper right-hand corner of the window.

This will take you to the Subscribe to a Workspace window where you will be asked to sign in using your Pitt credentials..

Authenticate via Pitt Passport
1	2
3	4

2. Connecting to an AVD Device

Connecting to a Remote Device

MacOSWindows

After successful authentication, you will be presented with list of authorized remote Devices that you can connect to. Your device list may be different from what is shown below, depending on your role. Authorized users of the Secure Research Environment will see a Device called CRCD-SRE. If you do not see this Device but should have access, please submit a help ticket, stating that you need authorization to use AVD to access the CRCD Secure Research Environment.

Double clicking on that selection will prompt for your Pitt credentials.

You will see the Remote Windows Desktop after successful login. From this remote portal, you can access the Secure Research Environment.

After successful authentication, you will be presented with list of authorized Workspaces that you can connect to. Your Workspaces may be different from what is shown below, depending on your role. Authorized users of the HIPAA environment will see a Workspace called CRCD-SRE. If you do not see this Workspace but should have access, please submit a help ticket, stating that you need authorization to use AVD to access the CRCD Secure Research Environment.

Double clicking on that selection will prompt for your Pitt credentials.

Authenticate via Pitt Passport
1	2

You will see the Remote Windows Desktop after successful login. From this remote portal, you can access the HIPAA environment.

3. Various Methods Connecting to CRCD SRE

Options for Connecting to CRCD SRE

Full Desktop Overview of all ToolsPuTTYCRCD Webportals

Shown below is the Desktop of the CRCD-SRE AVD, where there are active connections to CRCD using

• PuTTY
• Open OnDemand portal via a web browser

Search for and launch the PuTTY app from the Windows Start Menu.

Fill in the PuTTY Configuration using the following values:

• Host Name (or IP address): login.res.crc.pitt.edu
• Port: 22
• Connection type: SSH

You might also want to Save the profile under a name for quick loading in the future.

When you first connect, you may see the following PuTTY Security Alert message below. Select Accept.

The login credentials are your Pitt username (all lowercase) and password.

A successful authentication will present you with a terminal to the CRCD SRE login node.

From within the AVD, all CRCD webportals are accessible, including

• Open OnDemand: https://ondemand.res.crc.pitt.edu

4. Recommendations on setting up your software environment

The CRCD team will work with you to set up the software environment. Where self service is possible, we will point you to the appropriate documentation that shows you how to do this yourself. If you run into problems, please submit a help ticket and we will engage in finding the solution. We summarize below, the best practices for various software.

• R and RStudio -- Most users will already have a working environment and will want to transfer packages from there to the CRCD SRE. Here is a blog post that shows how to automate the package installation process in three steps.

• Python -- The CRCD provides guidance on setting up a Python environment. One way clone an environment from one system to another is to create a requirements file and then to use that for the package installation in the other system. This is described in the pip documentation.

5. Ending your AVD session

Once you are done with your work session, be sure to Sign out.