terminal services prototype
Thomas J. Baker
tjb at unh.edu
Fri Jun 4 13:55:46 UTC 2004
On Thu, 2004-06-03 at 18:11 +0100, Mark McLoughlin wrote:
> Hey,
> Caolán and I have been working on prototyping a VNC based terminal
> services system which also allows hot-desking.
>
> The idea is that we allow GDM to accept VNC connections, spawn a VNC
> server for each new connection and display a login screen. The user then
> authenticates through the login screen as normal and GDM starts a new
> session on the VNC server. However, if you then close your VNC client,
> the session doesn't go away. GDM continues to manage that session.
>
> You may then go to a different terminal, the server will spawn off a
> new VNC server with a login screen through which you log in. However,
> once you log in, GDM detects that you already have a session running and
> switches you to your original session rather than starting a new
> session.
>
> You could imagine terminals which are very similar to LTSP terminals,
> but instead of starting an X server which queries the server for a login
> using XDMCP, it starts a fullscreen vncviewer which connects to the
> server.
>
> We've reached a stage where we can demo the basic idea, so here's the
> results:
>
> 1) On a test machine which will act as the terminal server, install
> the "gdm" and "vnc-server" packages from:
>
> http://people.redhat.com/markmc/terminal-services-demo
>
> Note: there are packages built against both FC2 and rawhide.
>
> 2) Punch port 5900 through the firewall on the server - i.e.
> system-config-securitylevel, Other ports, "5900:tcp"
>
> 3) Reboot for good luck.
>
> 4) From another machine, vncviewer -FullScreen -FullColor myserver
>
> 5) Log in as normal, play around, start a few apps.
>
> 6) Close vncviewer (F8, Exit viewer)
>
> 7) Start vncviewer as in (4)
>
> 8) Log in as normal, you should be immediately switched back to your
> original session.
>
> Caveats:
>
> + You don't want install these packages on a machine which you need to
> stay working. We're making no stability/security guarantees
> whatsoever yet.
>
> + The VNC protocol stream is unencrypted. When you type in your
> password to the login screen its going across the network in plain
> text. Don't test this on an untrusted network. We'll be making all
> this work using the SSL extension used in Vino[1].
>
> + Right now, the client will be encoding the pixels using the "raw"
> encoding. No compression, so it'll be slow. We'll be fixing that
> soon too.
>
> Cheers,
> Mark.
>
> [1] - http://www.gnome.org/~markmc/blog/05022004
>
>
Could you yummify your archive so we can just point at it and get
updates whenever you make them? (I realize this will probably hit
rawhide at some point but I'm taking a breather from rawhide for a while
between betas!)
Slightly OT:
Do you plan to add vino? I've got it all built (it seems to work) but
I'm not sure the rpms are complete. (I had to add vino-session as a
startup item.) And along the lines of a bug report, everytime a coworker
runs nessus against my system, vino-server goes off the deep end eating
100% of one CPU. Other than that, it works quite well.
Thanks,
tjb
--
=======================================================================
| Thomas Baker email: tjb at unh.edu |
| Systems Programmer |
| Research Computing Center voice: (603) 862-4490 |
| University of New Hampshire fax: (603) 862-1761 |
| 332 Morse Hall |
| Durham, NH 03824 USA http://wintermute.sr.unh.edu/~tjb |
=======================================================================
More information about the Fedora-desktop-list
mailing list