Running Remote Applications
One of the clever ways to use VNC is to connect the local keyboard and mouse to the remote desktop. This simulates a multihead configuration where two monitors act as a single screen. Using x2vnc, the local computer acts like the first monitor, and the remote desktop acts like the second monitor. Moving the mouse off the right edge of the local monitor moves it into the left edge of the remote desktop. This is a clever way of using a laptop to control a MythTV client connected to your TV without having to deal with IR remote controls or IR keyboard/mouse combinations. For example:
x2vnc <remote host> -east (or -west, -north, -south)
Above, the -east option configures the remote desktop to act as if were to the right of the local desktop, and -west reverses this setup. Various other options are available to refine the use of this configuration.
VNC extensions provide various forms of compression and security. These extensions must be supported on both ends of the communication. If the server supports these but the client does not, VNC still will function between the two but without those extensions.
VNC Pros and Cons
Extremely easy to configure under GNOME, especially for a local network (behind firewall).
Can be secured with passwords.
Displays the entire desktop—in fact, it actually controls the remote desktop.
Can link single keyboard/mouse to multiple computers.
Displays the entire desktop, not just individual applications, all within a single window.
Does not support audio or video playback.
Use of multiple ports may require use of setting up VPN first to use over the Internet.
Not secure by default.
Remote desktop must be running—login session must be active.
From a bandwidth perspective, the use of SSH is likely to provide the best performance of these three options, as long as only a single remote application is displayed locally. GDM-based connections are likely to be roughly similar in performance, depending on the compression available in the SSH connection and what, if any, compression may be configured in GDM.
VNC has the potential to be the fastest of all three if extensions are introduced that compress the frame buffer data sufficiently. Because VNC is based on a tile architecture, where rectangles of frame buffer memory are resent if they have been updated, any compression that improves the transfer of tiles will have serious performance implications. However, at the time of this writing, there were no such extensions currently in use.
XDMCP uses UDP port 177, and the X server uses TCP port ranges from 6000 + display number. XDMCP also is prone to DoS attacks. GDM has some configuration options to address this, but XDMCP use still should be considered insecure. Therefore, GDM and XDMCP should be limited to use behind firewalls and should not be used across the Internet.
SSH connections are, by design, secure if properly used. Because of built-in encryption, there is no reason SSH X11Forwarding could not be used across the Internet. Note that the use of X11 protocols over SSH can be bandwidth-intensive, and therefore, only a small number of applications from the remote system should be displayed locally using SSH.
VNC can be used across the Internet as long as the remote server's firewall forwards port 5900 to that server. VNC does not include security extensions by default and, therefore, is insecure in nature. Various server implementations provide security extensions, but Vino does not. VNC use across the Internet using Vino as the server should be done only over VPN or SSH connections.
None of these options support playing media files, such as movies or music. I mentioned that media servers could be managed remotely, and I stand by that. The management of those systems—starting and stopping servers, configuring them and so forth—is easily done using any of these methods. But, making use of those media provided by those servers is best left to streaming media players that connect from the local system to the remote servers.
For home users who need to manage remote systems on their local network that sit behind a well configured firewall, VNC offers the most complete and easy-to-use option. Home office users who need to connect to remote systems may find SSH a better option (as this author does). GDM/XDMCP is the least-favored solution, because SSH is faster and arguably easier to use for single applications, and VNC offers easier-to-use solutions for accessing remote desktops. Still, GDM/XDMCP is the only option if your needs include starting a new session on a remote system, as neither SSH nor VNC supports that type of use.
- Users, Permissions and Multitenant Sites
- New Products
- Flexible Access Control with Squid Proxy
- Security in Three Ds: Detect, Decide and Deny
- High-Availability Storage with HA-LVM
- DevOps: Everything You Need to Know
- Tighten Up SSH
- Solving ODEs on Linux
- Non-Linux FOSS: MenuMeters
- March 2015 Issue of Linux Journal: System Administration