• Home
  •  > 
  • Android
  •  > 
  • How to connect to ubuntu desktop. Crazy hands: installing Linux and BSD remotely

How to connect to ubuntu desktop. Crazy hands: installing Linux and BSD remotely


Date published: Tuesday, January 19, 2009 10:43:53
Translation: Kovalenko A.M.
Transfer date: August 4, 2009

Do you use both Windows and Linux? Can you remotely control Windows from Linux (Ubuntu or another distribution) or Linux from Windows? Surely you can. Similar to how it is used Remote Desktop Connection between Microsoft platforms (or remote control between Linux machines), it is also possible to control the desktop from different platforms. You can click on your desktop and launch applications, just as you would if you were sitting directly in front of your computer.

We'll discuss a few different features you can get using a Remote Desktop Connection. Plus, we'll walk you through a step-by-step method of establishing a remote desktop connection using free tools. So let's get started.

Selecting a Remote Desktop Protocol

Remote desktop applications typically use either Remote Desktop Protocol(RDP) or protocol Virtual Computing Network(VNC). To establish a remote connection, both nodes (server and client) must support the same protocol. The problem is that not all operating systems (OS) use the same protocols by default. In addition, some Linux distributions and some editions of Windows do not include either a Remote Desktop server application, a Remote Desktop client application, or no Remote Desktop application at all.

Your first task should be to determine the protocol that is already supported on your computers. In addition to researching your OS, searching for documentation, linking to cheat sheets, you should be able to understand what is what and where. Then, at the end, you must select the protocol to use on all your computers.

Please note:

  • Remote desktop VNC is generally slower than RDP connections, however, VNC is usually easier to implement on a variety of platforms.
  • For better performance and security, you can use the free NoMachine's NX server and clients or the FreeNX server and clients, but it is more complex to configure and requires some thought.
  • It is also possible to provide support for RDP connections on Linux machines, for example, using an xrdp server.

Opening a firewall (firewall)

Before you can start making or accepting remote connections, you need to configure your firewall software. The computers you want to connect to remotely must allow VNC or RDP traffic through your firewall.

In Windows, when the server starts, you should receive a request to Block or Allow network access to the remote desktop server application. If you click the "Allow" button, everything should work. If you do not receive the request, you can go to the Windows Firewall properties and manually add permission for this application using the port numbers listed below.

On Linux, you will most likely need to manually add rules for incoming connections in the firewall on the computer receiving the connection requests. If necessary, you can bring up the browser from the menu and search Google for information on how to set up a firewall. Your Linux distribution may include a GUI (graphical user interface) for your firewall, or you can use the command line to configure it. In the same way, add an exception or rule to allow traffic on the appropriate ports listed below.

  • RDP uses TCP port 3389
  • VNC uses ports starting at 5900 (each remote connection to the server uses a different port; display 1 uses port 5901, display 2 uses port 5902, etc.). The best method, therefore, is to define a port scope (such as 5900 - 5905) when you create a firewall rule or exception.

Now you have the ability to remotely connect to computers on your local network. To connect remotely via the Internet, you must also configure your router. We will discuss this in the next part.

Using VNC server and client in Ubuntu

If you are using Ububntu, then you already have a VNC client and server installed and ready to use. (This article is based on the Ubuntu Desktop 8.10 Intrepid Ibex distribution.) To be able to accept remote connections, simply select from the menu System > Properties > Remote Desktop. In the dialog box, configure the desired shares and security settings. The command/address list is presented to you to indicate other computers on the local network with Ubuntu or another Linux distribution installed from which the connection will be made.

To use the VNC viewer on Ubuntu, select Applications > System Tools > Terminal. If you are connecting to a computer running Ubuntu, type the command suggested by Ubuntu. If you are connecting to a computer running another Linux distribution, the following command format is used:

$vncviewerComputerName or _IP_address:#

as shown in Figure 1. This line contains the command, vncviewer, followed by the name or IP address of the computer (or Internet IP if the connection is via the web), ending with a colon and the ID (identifier) ​​of the display (tunnel). If you are connecting to a computer on which Windows is installed, then the colon and display number are not specified, in which case the command format is as follows:

$ vncviewerComputerName_or_IP_Address

figure 1

Installing VNC Client and Server on other Linux distributions

If you are using a Linux distribution other than Ubuntu, look in its repositories for appropriate packages for installing VNC server and client. If there are no such packages, then you can download TightVNC directly from their website and follow the assembly and installation instructions.

TightVNC/RealVNC server does not have a GUI, you have to use the command line, but don't worry - it's easy. Just open Terminal, type vncserver and press Enter. When you first start it, you will be asked to create a password for VNC connections. Once you have set the password, the display or tunnel will be automatically configured as shown in Figure 2.


figure 2

VNC supports multiple displays to provide access to a large number of users and/or to define variations of attributes such as screen resolution, startup commands, etc. Each time it is run, the vncserver command creates a new tunnel, with a number usually starting from 1, which is incremented by one each time the command is run.

Below are various vncserver command options that are useful to remember:

  • For help, use the -help option or enter the man vncserver command.
  • Using the -name desiredname option you can assign a name to a specific tunnel or display, which is displayed in the VNC client title bar when a remote connection is made to that display.
  • Correction:# allows you to manually define the tunnel or display number.
  • Using the -geometry WxH option you can set the screen width and height for displaying the remote desktop.
  • By adding -depth # you can set the color depth from 8 to 32 bits per pixel.
  • To close a VNC tunnel, use the -kill:# option, replacing the hash icon with the desired tunnel (display) identifier.

Depending on the specific Linux distribution and the VNC solution that is installed, you may or may not have a graphical user interface for the client or viewer application. If a GUI is available, feel free to use it, but you can also use the command line if you wish.

For a GUI, you can usually configure options from a dialog box. When connecting to a machine running a Linux distribution, type the computer name or IP address of the remote machine (or Internet IP when connecting via the web), followed by a colon, the tunnel or display ID, and press Enter. For example, ericlinuxbox:1 or 192.168.0.122:1. If you are connecting to a Windows machine, the colon and display number are not required. To connect from a terminal, enter vncviewer and host information in the same manner as shown in Figure 1 earlier.

Installing VNC client/server on Windows

TightVNC also offers a client and server in a Windows version on its download page. After installing TightVNC you can start the server from the menu Start (approx. translator: Start > All Programs > TightVNC), selecting Launch TightVNC server. This will bring up a properties dialog (see Figure 3) where you must assign a password for incoming sessions.

figure 3

After checking all settings, click OK. The server will be running and ready to receive incoming connections, and at the same time the server icon will appear in the system tray. Once again, do not use a colon and display number when connecting to a Windows computer from any platform.

If you are connecting to a remote computer from Windows, select the TightVNC Viewer shortcut from the start menu. Likewise, to connect from other platforms, enter the name or IP address of the remote computer (or Internet IP address when connecting via the web), and when connecting to a Linux computer, include a colon and display number in the command.

Pay special attention to the next part: in it we will look at the security of VNC connections and all the settings necessary for remote connection via the Internet.

Eric Geier, author of numerous books about computers and networking, including Home Networking: An All-in-One Desktop Guide for Dummies (Wiley 2008) and 100 Things You Need to Know About Microsoft Windows Vista (Que 2007).

Remote Desktop allows you to connect to your computer over the Internet using another computer or even a smartphone. You may often need to do something on another computer, even if you are not near it. Ubuntu also has this option.

In this article, we will look at how to set up a remote desktop on Ubuntu 16.04, as well as how to connect to it using various devices. We will use VNC as the remote access protocol; it is slow and already outdated, but it is supported everywhere. In Ubuntu 16.04, almost all the software is already installed by default, you just need to change a few settings.

Ubuntu Remote Desktop

As I already said, we will use VNC as the remote access protocol. And as a server - Vino, this program is supplied by default with the distribution. And all you have to do is make a few settings for it to work.

Open the Dash main menu and search for Desktop Sharing.

If the system does not detect anything, this is a common bug. You can run the utility through the terminal. To do this, open a terminal with Ctrl+Alt+T and do:

vino-preferences

Next, in the window that opens, check the box "Allow other users to see your desktop" Then opposite the field "Require password" enter the password that will be used to connect:

That's it, ubuntu remote desktop is configured. And now you can try to connect to your computer using another Linux distribution. But there is one more point. You won't be able to connect from Windows. By default, mandatory encryption is enabled. And this is not supported by all clients. To disable forced encryption you need to install dconf-editor:

sudo apt install dconf-editor

Then open the program and follow the path org.gnome.desktop.remote-desktop there, uncheck the box:

Now you are ready to test your ubuntu remote desktop connection. Open the main menu and find the Remmina remote connection client.

In the connection line, select the protocol VNC, then enter the address, since we are going to check on the local machine, then enter localhost, in other cases you will have to use the computer’s IP address. Next click "Connect":

Immediately the program will ask you for a password to gain remote access to the computer:

And then, in the VNC system, the server will ask whether this client needs to be allowed to connect to the ubuntu 16.04 remote desktop:

Once you approve the connection, you can use the remote desktop. Now is the time to connect from another computer. You can use any VNC client for Linux, Windows or Android and connect to your computer if it is on the local network. In addition, you can access it even via the Internet by creating a private local network, for example, using hamachi or OpenVPN.

Conclusions

In this article, we looked at how to set up a remote desktop on Ubuntu 16.04, as well as how to access it using other devices. Everything is very simple, even simpler than with x11vnc, for which you need to create several configuration files. If you have any questions, ask in the comments!

Related posts:


In this article, I will talk in detail about the VNC protocol, which allows you to remotely control Ubuntu both from another machine with Ubuntu and from Windows, as well as control Windows from Ubuntu in graphical mode.

Configuring Ubuntu to Allow Remote Access

Everything is very simple here: the VNC server and client are included as standard with Ubuntu Desktop. On the Ubuntu computer that we are going to manage, go to the “System - Settings - Remote Desktop” menu and set the necessary settings. First of all, check the “Allow other users to see your desktop” checkbox; if you need to let them control it, check the second checkbox as well. Below, on a yellow background, information appears on how you can connect to your computer from a local network or the Internet. Another important point: do not forget to set the access parameters for your computer, whether you will be required to allow every incoming connection, or whether you will require a password to access the computer. I highly do not recommend setting the free access option without a password and without permissions - after all, the time on the Internet is not calm =).

ATTENTION! If you use desktop effects, you need to DISABLE them for the duration of the remote access session, otherwise remote access will either not work at all or will be extremely slow.

After this we can connect to our machine from Ubuntu or Windows. To connect from Ubuntu, you don’t need any additional settings: just go to the “Applications - Internet - View remote desktops” menu, click the “Connect” button in the toolbar, select the VNC protocol and indicate the name of the computer on the local network or its IP address in field "Node", below there are additional parameters at your discretion: "Full screen mode", "View only", "Zoom". You can connect.

VNC on Windows. Setting up UltraVNC.

To work with VNC on Windows, we will use the UltraVNC package. Previously, I used another package - RealVNC, but its server part in the free version does not work under Windows Vista, 2008 and 7, so I will consider UltraVNC, although it is more difficult to configure.

If you are using Windows 2000 or XP, you can try setting up RealVNC yourself; it can be downloaded from the official website: http://realvnc.com/products/free/4.1/download.html.

Download UltraVNC here: http://www.uvnc.com/download/index.html(select the latest version, then select the Full version, then win32 for a regular 32-bit OS, or X64 for a 64-bit OS).

Let's start the installation. At the “Select Components” step, you need to select the installation type, I will not dwell on this in detail - experienced users will figure it out themselves, but I recommend simply selecting “Full Installation” - a full installation if they will connect to this machine. If not, select “Viewer only” - only the client part, in order to be able to connect from this computer.

If you have Windows Vista or 7 installed, the installer will also offer to download additional non-free components, without which under these versions of Windows the image will slow down a little and it will not be possible to transfer the “ctrl+alt+del” keystrokes. I strongly recommend installing them by checking the "Download Vista addons files now" checkbox.

Next, the installer suggests installing the "Mirror Driver", which uses it to update the screen faster and reduce the load on the central processor several times. I recommend installing it by checking the "Download the mirror driver" checkbox. The next step is especially important if you are installing the program along with the server part. Choose:

  • "Register UltraVNC Server as system service"- register the server as a system service. Check this if we want the server part to start itself when the computer is turned on and work in the background.
  • "Start or restart UltraVNC Server"- start or restart the server service NOW (note, otherwise you will have to restart the computer to start the service).
  • "Create UltraVNC desktop icons"- create desktop icons (at your discretion).
  • "Associate UltraVNC Viewer with the .vnc file extension"- associate .vnc files with the program (preferably noted).
  • "UltraVNC Server driver install"- installation of the server driver (required).

After completing the installation with the server part, we will be prompted to immediately configure it. I won’t explain all the points in the settings window - I’ll tell you about the most important ones: Section "Authentication":

  • "VNC Password"- password for connection (I highly recommend specifying it!).
  • "View-Only Password"- password for connecting in viewing mode (only observation without keyboard and mouse control, I highly recommend specifying it!).

Section "File Transfer":

  • "Enable"- to turn on.

Section "Misc.":

  • "Remove Aero (Vista)"- disable Aero effects when connecting a client. Highly recommended for increased performance.
  • "Remove Wallpaper for Viewers"- Do not show desktop wallpaper to clients. Highly recommended for increased performance.
  • "Capture Alpha-Blending"- display transparency. Not recommended for performance reasons.
  • "Disable Tray Icon"- remove the icon in the system tray (tray). This way you can hide the work of the server.

"When Last Client Disconnects" - what to do when everyone disconnects:

  • "Do Nothing"- do nothing
  • "Lock Workstation"- lock screen
  • Logoff Workstation- log out of your account

All. When the server is configured, you can connect to it, both from Windows and from Ubuntu or any other system where the VNC client is installed.

To connect to another machine from Windows, use the UltraVNC Viewer shortcut: here you need to enter the IP address or name of the computer on the local network in the "VNC Sever" field.

You may also be interested in the “View Only” option - viewing the screen without controlling the computer.

That's basically all. To be honest, at the beginning of writing this article, I myself did not expect that in a bare, freshly installed Ubuntu it was possible to set up remote access to the desktop so easily and without problems. As you can see, this is much simpler than a similar task in Windows. Of course, you can object to me by saying that Windows has its own remote desktop control protocol (RDP), which is configured using its standard tools - but here I don’t quite agree with you. Firstly, RDP cannot be used in the same way as VNC for tasks such as "remotely helping a friend": when connecting to a computer remotely, the local user is kicked out of his account, or the remote user must work in a separate account. While remote VNC users work with the local one in one session (only the second cursor is missing =)), which allows you to demonstrate the execution of any tasks over the network. Well, secondly, there are excellent RDP clients for Linux, for example - krdp, but there are no RDP servers for other systems other than Windows, so in terms of cross-platform solutions from Microsoft, as usual, are left behind.

Write about problems in the comments - I will add and correct them.

AND Vino. The general principle of operation: a secure SSH tunnel is created from a Windows computer to Ubuntu and a VNC connection (remote desktop) is created through it.

The article is divided into four parts:

  • Installing and activating SecureShellServer: sudo apt-get install openssh-server service ssh status ssh start/running, process 2006

    Checking that port 22 is open (default port used by SSH):

    Netstat -tulpan | grep:22 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -

    In Linux, to connect via SSH using local port forwarding, the following command is generally used:

    Ssh -C -p -L<локальный_порт>:<адрес_машины>:<удаленный_порт>-l<пользователь>

    This means that any connection originating from the local computer (localhost) through the port<локальный_порт>will be redirected via the SSH tunnel to<удаленный_порт>remote machine.

    There is some confusion regarding which IP to specify in And<адрес_машины>. If the computer is located behind a router (NAT) then<адрес_машины>must be the internal IP address of the computer (for example, 10.0.0.5), and in external IP address of the router. If the computer connects to the Internet directly, then the addresses And<адрес_машины>will be the same.

    To summarize about tunneling, consider an example:

    Ssh -l myuserid -L 7777:work:22 gate ssh -p 7777 localhost

    This command does the following: creates a secure SSH connection to the gate machine under the user myuserid. At the same time, listening begins on the local machine (from which the connection was made) on port 7777. If a connection is organized on this port (again from within the local machine itself), then this connection is tunneled into an ssh connection, reaches the gate machine and a connection is made from it on the work machine on port 22. After this, we check the operation of the tunnel - by connecting via ssh to local port 7777, we eventually connect to the work machine (taking into account that it has an ssh server configured on port 22).

    Enhanced security when using an SSH tunnel is achieved due to the fact that only one port must be open to the outside (SSH) and the encrypted connection will only go through this port.
    We check whether the folder is present on the server

    /home/<имя_пользователся>/.ssh

    /home/<имя_пользователся>/.ssh/authorized_keys

    in it, if not, then create it under the user<имя_пользователся>(usually this is the first user in the system or administrator)

    Mkdir ~/.ssh cd ~/.ssh touch authorized_keys

    Configuring ssh for greater security. The settings file is located at

    /etc/ssh/sshd_config

    Making a backup copy

    Sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original

    In general, you should change:

    • TCP listening port (default 22):
      Port<Порт_на_котором_SSH_будет_ждать_подключения>
    • Disable the unreliable old SSH ver.1 protocol:
      Protocol 2
    • Allow public/private key pair authentication:
      PubkeyAuthentication yes
    • Indicate where to look for resolved public keys:
      AuthorizedKeysFile %h/.ssh/authorized_keys
    • Disable the ability to authenticate using a password (can be done later, after a successful first connection):
      PasswordAuthentication no

    For greater security, you should configure SSH authentication using a public key.
    Public keys allowed for ssh connections are stored in the file

    ~/.ssh/authorized_keys

    We generate a public/private key pair on the machine with which we will connect (will be described later) and copy the public key to this file.

    Particular attention should be paid to formatting - the entire key should be placed on one line and begin with “ssh-rsa" and file access (-rw——- (600)).

    Setting up correct access to the key file

    Chmod go-w $HOME $HOME/.ssh chmod 600 $HOME/.ssh/authorized_key chown `whoami` $HOME/.ssh/authorized_keys

    In the settings file /etc/ssh/sshd_config change

    StrictModes no

    To apply the settings made to the file /etc/ssh/sshd_config, you need to restart the sshd daemon.

    Sudo /etc/init.d/ssh restart

  • Download putty.exe.
    Before diving into Putty settings there are a few notes to make.
    • Putty saves settings in profiles.
    • To save all settings to a profile, you need to go to the Session menu, in the Saved Session column, enter the profile name and click Save. In order to load a specific profile into Putty, in the same menu you need to select the desired profile by name and click Load.
    • To automatically load a specific profile when you start Putty, you need to create a shortcut to the exe file and add in the Working folder line after the path to the exe file
      -load<имя_профиля>

    To improve security the following will be used:

    • local port forwarding
    • public key system

    If you use an SSH connection for access via VNC (remote desktop), you need to configure port forwarding, the so-called local port forwarding. It is used to improve security, since when using VNC, data is transmitted in clear text.

    To forward ports in Putty, go to the menu Connection -> SSH -> Tunnels and add 5900 like "Source port", localhost:5900 in "Destination" and click Add.

    You can use Puttygen to create a public/private key pair. Download Puttygen.exe. In the parameters, select SSH-2 RSA, set the number of bits to 2048 and click the Generate button.

    For additional security, you can enter "passphrase" twice. If there is a need to immediately log into the console during an SSH connection, then the field can be left empty.

    The public key is saved in a format that only Putty can understand. Therefore, to install it on Linux you need to do the following:

    1. While puttygen is still open, copy the public key in the "Public key for pasting..." section and paste it into the file authorized_keys on the server.
    2. Point Putty to the private key file in the Connection -> SSH -> Auth menu in the "Private key file for authentication" section generated *.ppk file.
  • By default, Ubuntu already includes the Vino VNC server. To configure it, you need to go to Menu -> System -> Preferences -> Remote Desktop and enable remote access. In the settings you can enable password authentication, but you cannot configure the listening port (5900 is used).
    To enable more detailed configuration, it is recommended to install X11VNC.
  • Download TightVNC and install. For the purposes of this article, it is sufficient to select only the client role.

    Launch TightVNC on a Windows machine and enter

    Localhost:5900

People regularly receive inquiries about the GUI and remote access to it on virtual servers running Linux, despite the fact that there is a lot of material on the Internet covering this problem. Therefore, for our users, we decided to collect everything on this topic in one article.

You can also forward RDP traffic through an SSH tunnel. To do this, you need to edit the xrdp configuration file:

$ vi /etc/xrdp/xrdp.ini
You need to add the line to the section: address=127.0.0.1

$ systemctl restart xrdp
You can check that everything is correct like this:

$ nmap -p 3389 Starting Nmap 6.47 (http://nmap.org) at 2016-10-04 13:07 MSK Nmap scan report for unspecified.mtw.ru () Host is up (0.0087s latency). PORT STATE SERVICE 3389/tcp closed ms-wbt-server
Then if you are using cygwin or mingw, linux or mac os:

Ssh root@ -L 3389:localhost:3389
If PuTTY:

Launch PuTTY. In the tree menu on the left Connection → SSH → Tunnels. Next, add a new Forwarded Port (Source port: 3389, Destination: localhost:3389). Click Add.

VNC

Client:

For example, let's put this DE:

$ apt-key adv --recv-keys --keyserver keys.gnupg.net E1F958385BFE2B6E $ echo "deb http://packages.x2go.org/debian jessie main" > /etc/apt/sources.list.d/x2go .list $ echo "deb-src http://packages.x2go.org/debian jessie main" >> /etc/apt/sources.list.d/x2go.list $ apt-get update $ apt-get install x2go- keyring && apt-get update $ apt-get install x2goserver x2goserver-xsession
The output of the following command should show that x2go is ready to go:

$ systemctl status x2goserver ● x2goserver.service - LSB: Start and stop the X2Go daemon Loaded: loaded (/etc/init.d/x2goserver) Active: active (running) since Tue 2016-10-11 22:05:51 MSK; 30min ago...
And now an important point, you won’t be able to connect without this fix! You need to find the line “mesg n” in the .profile file and replace it with “tty -s && mesg n”.

$vi.profile
The following command will display the path to the startfluxbox executable file, which will be needed when setting up the client:

$whereis startfluxbox
Installing a server on Ubuntu:

$ apt-get install xfce4 xfce4-terminal $ add-apt-repository ppa:x2go/stable $ apt-get update $ apt-get install x2goserver x2goserver-xsession

$vi.profile
Installing a server on CentOS:

$ yum install epel-release $ yum install x2goserver x2goserver-xsession
The client for Linux is installed from the above repositories with the following command:

$ apt-get install x2goclient
For Windows - download, install, launch. There is a client for OS X at the same link above.

Let's launch the client:

In the session settings we indicate: in the Host field - the IP of your server, in the Login field - root, leave the port as is, session type - the GUI that was installed.

As you can see, there is an option for key authentication. In general, a lot of things. See for yourself. And the sound can be output through PulseAudio.

After clicking Ok, you will see these charming little things that you need to click on to receive a request to enter a password and connect to the selected session:

Note: please note that your favorite FluxBox is not in the list, so you have to write the path to it manually.

An important feature of x2go is the ability to run any graphical application without installing DE at all. To do this, in the session settings you need to select the single application item in the session type section and select the application to run or enter the path to the program that should be launched.

In this case, installing the software on the server will look like this. In the case of Ubuntu:

$ add-apt-repository ppa:x2go/stable $ apt-get update $ apt-get install x2goserver x2goserver-xsession
And now an important point, you won’t be able to connect without this fix! You need to find the line “mesg n ||” in the .profile file. true" and replace it with "tty -s && mesg n".

$ vi .profile $ apt-get install firefox xterm
And by setting up a session as shown below, you can launch the browser on the remote server, and a window displaying it will open on your machine.