Linux in Government: Major Breakthrough in Linux Technology

by Tom Adelstein

Often, technology breakthroughs never see the light of day. Sometimes, they pop up and people simply go "ho-hum". I've had personal experiences with that kind of reception in the past and understand the frustrations and disappointments.

When you conceive an idea and bring it into reality, you have an expectation of an immediate embrace. In your mind, you see something like a ticker-tape parade welcome. But, then the phone doesn't ring, and the press release gets set on the shelf.

In the era of information overload, perhaps some people think of new technology as another thing with which they have to cope. They immediately put it off until tomorrow. But tomorrow never comes, so they put it to the side.

The same phenomenon occurs within the media. Many writers do not understand their beats. Instead, they regurgitate press releases, opinions of people in their networks and the insights of others.

Then, we have the skeptics and the "so-what" crowd. I read a comment following an article about FreeNX that said, "Excuse me if I'm skeptical of something that will claim to change the world". The comment came after numerous testimonials about how great FreeNX works in schools and companies.

Despite all of this, Fabian Franz and Kurt Pfeifle have a breakthrough technology. They created the first usable implementation of the GPL version of NX. In an interview conducted around the time FreeNX was announced, they expressed extreme optimism about their project's future. You can sense their vision and euphoria simply by reading the interview. In short, they expected their project to run away from them.

But Freinz and Pfeifle's project, the FreeNX project, has not received the coverage it deserves. Certainly, their dreams and aspirations have not yet materialized fully. Compared to VNC and Microsoft's RDP, the media treats NX seems like a blip on the screen, in spite of its vastly superior nature.

Gian Filippo Pinzari, who developed the original NX code, may have similar feelings, as he discontinued the NX developers and users mailing-lists on May 25th, 2005. He hopes to see the mailing-lists move to the FreeNX project. He explained his reasons in an e-mail dated May 19. Here's an excerpt:

It is not easy to build a presence in the Linux market...

We want to remain collaborative while being paid for support. We want to give away most of the software we produce and keep selling some of it. We want to dedicate ourselves to bringing an idea to success, invest money and most of our time, gather talents, cultivate a culture, remain entrepreneurs while being developers. They are all freedoms that, for us, are as important as having the chance of modifying the source code. In a perfect OSS world, users must be free to choose their software and avoid being locked into a single solution. At the same time, thousands of Linux companies around the world must be free to grow a business while remaining independent. If you like freedom as we do, you will surely understand our point.

Quite eloquently, Gian Filippo Pinzari sums up the dreams and aspirations of many open-source visionaries. He runs a small but growing company. In the spirit of free/open-source software, he released his core technology under GPL licenses.

Perhaps Pinzari has moments when he questions the viability of that decision. For those with an eye for significant discoveries, FreeNX should follow the successful open-source business model: give away the recipe and sell the cake.

What Is FreeNX?

For technically inclined people, imagine X server technology with compression so tight that GNOME and KDE sessions run over modems with SSH encryption. Image lightening-fast thin clients that use tiny amounts of bandwidth and handle audio and video, printing and session suspension instead of termination. Imagine real virtual KVM switches without hardware. Say goodbye to SunRay servers and all the thin clients that never lived up to their promise. Think about real heterogeneous interoperability on PCs and devices that scale.

For the less technically inclined, imagine system administrators being able to see and operate every server in their data centers with a single keyboard, video console and mouse--without a hardwire switch and hundreds of cables.

Or, imagine that when you call for support, someone logs on to your computer remotely and fixes it. Imagine logging onto your computer for work and forgetting you're at home. Or, imagine setting up a single computer in a closet that everyone in the family can access from an inexpensive device, and you control the content. How about clients for PlayStation2, iPAQ or Zaurus 5XXX?

Gian Filippo Pinzari invented NX based on X. He took the fat and insecure X client/server and utilized inventive compression to make it very thin. His company, NoMachine.com, released the code under the GPL license in 2003. Now, the Open Source community has something that goes beyond the "me-too" category. Some users have referred to FreeNX as a Citrix and Windows Terminal Server killer.

Try It for Yourself

I tested FreeNX before I knew anything about it. I'm currently on assignment to produce material for another Linux book. The editor asked me to write about Microsoft's Remote Desktop Protocol (RDP) as implemented by the open-source rdesktop and VNC. During my research, I ran across an article on how to install FreeNX.

I installed FreeNX on Ubuntu first, after obtaining it from the Ubuntu backports community. I followed the directions on the site and added the recommended mirrors to my /etc/apt/sources.list. I then ran apt-get install FreeNX and had my server.

Once installed, I added myself as a user; see Figure 1.

Figure 1. Adding Users to the FreeNX Server

Following the set up, I logged out and saw FreeNX added to my menu; see Figure 2.

Figure 2. FreeNX on the Menu

Next, I found RPMs for Fedora Core 3 and installed the client and server. Again, I added myself as a user.

In the client configuration section, Rick Stout wrote, "The most important part of the initial connection is the key file. This file, client.id_dsa.key, must be copied from the server to your client machine". Following his directions, I executed the following commands:

bash-3.00# scp /var/lib/nxserver/home/.ssh/client.id_dsa.key username@192.168.1.109:~/
The authenticity of host '192.168.1.109 (192.168.1.109)' can't be established.
RSA key fingerprint is 40:54:e3:c9:5e:81:39:2d:ac:70:b9:bf:44:a9:ec:a8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.109' (RSA) to the list of known hosts.
Password:
client.id_dsa.key                             100%  672     0.7KB/s   00:00
bash-3.00#
Testing Performance

Switching between machines, I was surprised at FreeNX's performance as compared to every other thin client I have tested and used. I also noticed that I could set up the client to use VNC and RDP.

In the middle of doing some work, I remember thinking for some reason that OpenOffice.org Writer had started running faster than normal. I was amused when I realized I was running the word processor remotely.

FreeNX also opens sessions quickly. During testing, I suspended sessions rather than closed them. When I resumed a suspended session, the client revalidated but still resumed mid-session, at the point where I had left off. Although this is not a stateless session in the purest terms, it does save bandwidth; see Figures 3 and 4.

Figure 3. Resuming a Session from Fedora to Ubuntu

Figure 4. Running a FreeNX Session on Ubuntu with the Server on Fedora Core 3

Don't Take My Word

After discovering FreeNX and testing it in a heterogeneous environment, I decided to research it further. I found around 10% as much material on FreeNX and NX as I did on VNC. However, the reports I did find were wildly in favor of FreeNX. Here are a few excerpts from user comments reprinted from the link mentioned above:

It's not about simply remotely accessing a product, ala VNC, but creating a true "Thin Client" environment.

Imagine either a school or business with an Athlon 2400+ and 1[GB] RAM, as well as a pile of useless 486s laying about that they picked up for 2 cents each. Whack a network card in them and voila - you have a thin client - able to run all of the latest productivity apps. Why? Because it's all on the server! And yes, it scales. Think big!

Unlike RDP and VNC, the performance is great! It's actually usable and responsive over dialup - something that I cannot say about RDP or VNC! Ick!

No, it won't be a games machine - but it's not trying to be.

Here's one more:

We just got done with an implementation of this in a fairly good size school. We have modified the system to allow authentication by their Windows active directory. One Mandrake Linux server, with a nomachine client on 120 + Windows machines, which include one computer lab.

As usual, space requirements do not allow us to publish extensive user comments. If you would like to read more, simply do a Google search on FreeNX.

Final Note

FreeNX has many advantages for enterprise users in Government. It provides us with an excellent and inexpensive thin client environment. It's fast, and it uses a proven encryption methodology (OpenSSH) that has made it through major FIPS 140 criteria tests in source code form. FreeNX also is available for Ubuntu and Fedora, which are free distributions of Linux that have extensive community support.

Using Open Source Maturity Model criteria, FreeNX and its commercial cousin NX from NoMachine.com provide Linux with breakthrough technology that leaves competitors behind. Let's see what the future holds and if this product grabs the attention it deserves.

Tom Adelstein is a Principal of Hiser + Adelstein, an open-source company headquartered in New York City. He's the co-author of the book Exploring the JDS Linux Desktop and author of an upcoming book on Linux system administration to be published by O'Reilly. Tom has been consulting and writing articles and books about Linux since early 1999.

Load Disqus comments