Thinking Thin

Connecting thin clients to Linux.
Thin-Client Protocols

There are four common thin-client protocols:

  • Remote Desktop Protocol (RDP) is a proprietary MS protocol that provides monolithic remote desktop support. It includes encryption and redirection to allow remote applications to access most local hardware, including audio, filesystems and printers. It currently does not allow single applications to be run remotely (without a desktop), but RDP 6.0 is supposed to add this. RDP clients are available for Linux, but there is no functional RDP server, although a nascent product named xrdp is under development.

  • Independent Computing Architecture (ICA) is a proprietary protocol from Citrix. It is largely similar to RDP, which is based on an earlier version of ICA. ICA includes the ability to run single applications remotely, without the entire desktop, but it requires Citrix Presentation Server, which is available for MS Windows and some UNIX systems.

  • X Display Manager Control Protocol (XDMCP) is an open standard used by the X Window System (X). It is notably different from RDP and ICA in two respects. First, the same software modules (described below) are used for local and remote sessions. No separate terminal server software is necessary. Second, it is not monolithic. In the UNIX tradition, it does what it does and works with other tools that do what they do. It does not provide compression or the ability for remote applications to access local hardware other than KVM.

  • NX is an open standard server built on top of X that simplifies thin-client networking. It includes built-in support for encryption (using SSH), access to the local filesystem (using Samba) and local audio (using ESD or aRts). The server also is able to translate foreign protocols to allow connections from RDP and other clients. NX is a product of NoMachine, which develops an open-source core, on which proprietary versions of both the server and client are built. There is also a completely open-source project called FreeNX.

A distinction should be made between these protocols and remote framebuffer protocols like VNC. VNC provides remote control of a desktop that is still local, while thin-client protocols provide remote desktops.

Pieces of X

X is nothing if not modular. Modularity is a good thing, but seeing how all the pieces of X fit together can be daunting for a new user. Below is a summary of the main modules and their interactions that will make the rest of this article accessible to readers with no previous X networking experience.

All access to the physical display is through the X server. This is a source of confusion for new users, because the display is intuitively client-side. But, the display is the service to which it provides access, hence the name. The clients for an X server are X applications that use it to display their output. We will see relationships later in this article where the X server acts as a client to other services.

The display manager (DM) is the heart of the terminal server. X servers and DMs have a dual client-server/server-client relationship. An X server can, as a client, initiate a connection to a DM on UDP port 177. The DM will then connect to the X server as a client on TCP port 6000 to display a graphical login screen to the user. A client can have multiple displays (windows or virtual terminals), in which case, the second display would be on port 6001 and so on. The protocol for this communication is XDMCP. If the X server and the DM are on the same system, they communicate using a UNIX socket.

The X server and DM are about displays and pixels. Neither has any concept of a window or a widget. These are handled by the window manager (WM).

Although the window manager provides the fundamental functionality and the major aspects of the look and feel, that is not enough to consider it a fully usable system. The desktop environment (DE) completes the user interface with utilities, such as control panels and toolbars, and basic applications, such as calculators and text editors.

There is often one additional component used: an X font server. The name of this server is xfs. In relation to xfs, an X server is a client that connects to an xfs server on TCP port 7100. X servers also can be configured to retrieve fonts from a filesystem folder.

The main decisions to make when deploying thin clients and a terminal server are the DM and the DE. The X server is built in to the thin client, and the DE will have a default WM that there is usually no reason to change. There are two dominant DEs in use today: GNOME (GNU Network Object Model Environment) and KDE (K Desktop Environment). Both have extensive features, and they are about equal in market share. GNOME is written in C and uses the GTK+ libraries. KDE is written in C++ and uses the Qt libraries. Both GNOME and KDE have their own WMs, named Metacity and KWin, respectively. They each also provide their own DMs, GDM and KDM, one of which is normally used in place of the standard XDM provided with X.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix