Remote X11 Connection

Konstantin Svist fry.kun at gmail.com
Sat Aug 4 21:04:39 UTC 2007 

Chris Jones wrote:
>> Very cool, thanks!
>>
>> Now let's assume SSH is the only open port on remote machine (local,
>> too, but that doesn't usually matter). Which of the methods you
>> mentioned are still viable?
>>     
>
> If we are talking about connections over a slow network (by which I mean 
> anything less than a 100Mbp local network !) I would go the vnc or freenx 
> route. Anything else is likely to be too slow to use in practice.
>
> I have no experience with freenx (although I've heard good things about it) 
> but have used vnc, so I'll describe this.
>
> First, you have to start a vnc session on the remote machine. Note that vnc is 
> not an inherently secure system, not at all in fact but it can be used 
> securely. I would run something like
>
>  > vncserver :8 -localhost -geometry 1024x768
>
> to start a vncserver session, on display 8, screen dimensions 1024x768
>
> The -localhost is important, as this means you can only connect to the vnc 
> session from the 'localhost' (i.e. the remote one). Whats use this I hear you 
> ask, well ...
>
> on you local host run
>
>   
>> vncviewer -via <username>@<remote-host> :8
>>     
>
> The via means vncviewer will first establish an SSH connection to the remote 
> host. Then, once there it will connect to the vnc server, and pipe everything 
> back to you via the SSH tunnel. Hence at the remote machine the vncserver is 
> connected to from its 'localhost' and all is well.
>
> one final thing, killing the vncviewer does *not* kill the session. This is 
> partly what makes this useful as it means you can disconnect at one location, 
> move to another machine and reconnect and find you desktop just as it was 
> before. However, for security reasons when you finally no longer need the vnc 
> session, you need to explicitly kill it with
>
>   
>> vncserver -kill :8
>>     
>
> from the remote site.
>
> As I said at the start, I've also heard good things about freenx. I gather it 
> makes the process much slicker, without the need for all the CLI stuff. 
> However, its not at all standard in most distros, whilst vnc is and installing 
> in places significant burden on the remote sys-admin, so you might have to 
> fight to convince them to do so (unless you happen to be that admin ;) )
>   

What about 100/1000 connections with SSH-only?

More information about the users mailing list