Remote X11 Connection
Konstantin Svist
fry.kun at gmail.com
Sat Aug 4 21:04:39 UTC 2007
Chris Jones wrote:
>> Very cool, thanks!
>>
>> Now let's assume SSH is the only open port on remote machine (local,
>> too, but that doesn't usually matter). Which of the methods you
>> mentioned are still viable?
>>
>
> If we are talking about connections over a slow network (by which I mean
> anything less than a 100Mbp local network !) I would go the vnc or freenx
> route. Anything else is likely to be too slow to use in practice.
>
> I have no experience with freenx (although I've heard good things about it)
> but have used vnc, so I'll describe this.
>
> First, you have to start a vnc session on the remote machine. Note that vnc is
> not an inherently secure system, not at all in fact but it can be used
> securely. I would run something like
>
> > vncserver :8 -localhost -geometry 1024x768
>
> to start a vncserver session, on display 8, screen dimensions 1024x768
>
> The -localhost is important, as this means you can only connect to the vnc
> session from the 'localhost' (i.e. the remote one). Whats use this I hear you
> ask, well ...
>
> on you local host run
>
>
>> vncviewer -via <username>@<remote-host> :8
>>
>
> The via means vncviewer will first establish an SSH connection to the remote
> host. Then, once there it will connect to the vnc server, and pipe everything
> back to you via the SSH tunnel. Hence at the remote machine the vncserver is
> connected to from its 'localhost' and all is well.
>
> one final thing, killing the vncviewer does *not* kill the session. This is
> partly what makes this useful as it means you can disconnect at one location,
> move to another machine and reconnect and find you desktop just as it was
> before. However, for security reasons when you finally no longer need the vnc
> session, you need to explicitly kill it with
>
>
>> vncserver -kill :8
>>
>
> from the remote site.
>
> As I said at the start, I've also heard good things about freenx. I gather it
> makes the process much slicker, without the need for all the CLI stuff.
> However, its not at all standard in most distros, whilst vnc is and installing
> in places significant burden on the remote sys-admin, so you might have to
> fight to convince them to do so (unless you happen to be that admin ;) )
>
What about 100/1000 connections with SSH-only?
More information about the users
mailing list