Remote desktop to my Linux

Dear all,
I would like to have a remote desktop from my home (windows machines) to my linux’s work machine.

I have set up already vnc but what I do not like is that I can not see the desktop how I left it at work. Example I left something at work running in matlab and I want to check from home how it goes.

For this type of functionality I think I should go for remote desktop functionality.
Thus I installed the rdesktop packages and I followed this guide
Windows Linux RDP Remote Desktop Connections using openSUSE as Client or Server (terminal server)

So far I can connect to this rdesktop client from my linux machine and get the nice screen.

When I tried from home to connect (windows 7 rdesktop default software) I could not.
I have checked by using nmap at my linux machine that packets were arriving at the right port , so I do not think it is something wrong with the connection.

I am using 11.4 opensuse, and I would like to have your experience how I proceed.

Best Regards
Alex

I only have experience with nxclient on Windows and nxserver on Linux. Search for freenx on software.opensuse.org. You download nxclient from nomachine.com. Searching the wiki en.opensuse.org for freenx will give you some information on the installation and use.

The only way, I am sure, which works, is that you use nxclient also on your work to start a session. Using <Ctrl>+<Alt>+T you get a dialog in which you can disconnect from that session. You can reconnect to that session from anywhere. On your Linux system the only open port needs to be port 22, the ssh port.

If you want to connect to a session which is open on your display, the only way I can think off is using krfb, which opens port 5900. It could be that there is a Windows client which uses remote desktop frame buffer to connect to that port. I am not sure about the possibility to encrypt the data on the connection. Otherwise you could use freenx to connect to your Linux server and connect from there to that port 5900 on localhost.

You can connect to runing sessions with vnc, at least I know with x11vnc you can

I think the way it goes is, port 5900 for a new session, port 5901 for connecting to an existing session

For nx to login to a running session you would have to be doing everything at work in an nx session (it does have a vnc shadowing mode but I don’t know how well it works), but a benefit to nx is it usually works quicker than vnc and gets more responsive over time especially when using suspended sessions in the way fdekruijf suggested

I don’t really have any experience with rdp into linux from windows but one thing I can think of is whether you are selecting the correct security protocol option in the windows client to match what the linux rdp server is running, this is of course assuming rdp access is allowed on the server at work

There are other options and some of the web-based ones are pretty decent, one springs to mind which I have used and requires almost no setup, basically just install and use. Again though I’ve not used it to remote into linux, though I have to remote out into windows machines

I’ve never really been bothered about accessing running linux sessions and I don’t see leaving a session running somewhere that anyone walking past can just sit down and take over as being good security practice. There’s not many things that progress can’t be saved, app shut down, session logged out, then log back in, reopen the app and resume your work from your remote location. To my way of thinking, remotely accessing running sessions is a tool for helping people, ‘now watch how I do this so you’ll be able to do it yourself next time’ kinda thing

Anyway, each to their own and there’s a couple of things there for ya to think on/check out

On Thu, 21 Jul 2011 12:17:03 +0000, alaios wrote:

> When I tried from home to connect (windows 7 rdesktop default software)
> I could not.
> I have checked by using nmap at my linux machine that packets were
> arriving at the right port , so I do not think it is something wrong
> with the connection.

Make sure you’ve got the necessary ports forwarded for your router at
home - if you don’t, there’s no way you’ll be able to connect.

Also try running ‘rdesktop’ from the terminal and see what messages show
up - that’ll help you diagnose the connectivity issues.

I would be cautious of using VNC over the open Internet, as it is not
encrypted, and there are hacks available to break the password trivially
from a running session.

If you do use VNC over the 'net, always tunnel it over SSH or wrap it
in SSL.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

He’s trying to get into his linux desktop at work so I think he’s trying to connect out from his windows at home mate, router shouldn’t be interfering as I think most will allow all outgoing traffic by default so unless a rule’s been added to specifically block outgoing rdp he should be alright there. Could there be a software firewall on the windows blocking it maybe?

alaios if you’re running a firewall in your windows have you tried disabling it?

Sometimes you have to disable any services they’re running in services.msc and disable tray applets/guis in msconfig then reboot before they’re properly disabled, most windows security softwares don’t take too kindly to just turning them off and doing so can often block your net connection which doesn’t at all help when you’re trying to figure out if it’s blocking you from connecting to something. So many infections out there which attempt to disable running security software you might have that a lot of windows antimalware/antivirus/firewall softwares have mechanisms in them designed to stop infections taking them out that they often stop the user from completely disabling them.

Good example is Outpost by Agnitum which is one of the more respected windows firewall/security suites, won’t even let you turn off or disable it’s main service when logged onto windows as an administrator, anyway, back to the point

The original poster has connected to the work server from his linux box he says, alaios is the linux box you connected with behind the same router as the windows machine you can’t connect from? If it is that would rule out it being a router issue for sure, and also rules out connections being refused at the server end

Best advice so far I reckon

That is one benefit of nx, works over ssh tunneling and I for one if given the choice would use nx before vnc every time, for me it was quicker and more functional than vnc, but I just remembered there is one issue with it that would stop it working in the way fdekruijf suggested which is to start a session on the linux box at work, disconnect it, and resume it from windows at home and that is (and I’m sure this will surprise everyone that reads it)

I always found that if I logged in and started a session using a windows machine and disconnected from it, I could resume it from a linux machine smooth as you like

Login with a linux machine, start a session, disconnect it, and it will NOT let you resume using a windows machine, I’d have to ssh in, kill the session, rm the cached and temp files in .nx, then start a new session

Which entirely defeats the purpose for the OP as he wants to login to a running desktop from his windows box not start a fresh instance

Having said that, it has been a while since I used nx and by now that little glitch might be ironed out, and again there is that vnc shadowing feature which could be worth a look if he decides to go the vnc route, does give the option/convenience of connecting over both vnc and nx from the same client, no idea how well that works though never having tried it

On Fri, 22 Jul 2011 04:16:03 +0000, Ecky wrote:

> Best advice so far I reckon
>
> That is one benefit of nx, works over ssh tunneling and I for one if
> given the choice would use nx before vnc every time, for me it was
> quicker and more functional than vnc, but I just remembered there is one
> issue with it that would stop it working in the way fdekruijf suggested
> which is to start a session on the linux box at work, disconnect it, and
> resume it from windows at home and that is (and I’m sure this will
> surprise everyone that reads it)

The thing about NX is that it typically is a ‘terminal server’ type
solution, rather than giving you access to display :0 (at least in my
experience) - something like x11vnc is better for access to display :0,
but it should definitely be tunneled over SSH.

Additionally, with SSH tunneling, having compression enabled will help
with performance, along with (for example) a single colour background
rather than an image.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On Fri, 22 Jul 2011 04:16:03 +0000, Ecky wrote:

> He’s trying to get into his linux desktop at work so I think he’s trying
> to connect out from his windows at home mate, router shouldn’t be
> interfering as I think most will allow all outgoing traffic by default
> so unless a rule’s been added to specifically block outgoing rdp he
> should be alright there. Could there be a software firewall on the
> windows blocking it maybe?
>
> alaios if you’re running a firewall in your windows have you tried
> disabling it?

Oh, yes, somehow I got that reversed; must be the work I’m doing that
requires connecting to Win7/Win2K8R2. Good catch. :slight_smile:

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Windows firewall by default allows for everything outgoing so it’s the same as with the router. No modifications should be required as far as the native Windows firewall is concerned. If not enabling logs on the Windows firewall and looking through them is safer than disabling it :slight_smile: It’s easy to enable logging on Windows firewall. Here’s a screen shot from Win7 :
SUSE Paste
SUSE Paste

Best regards,
Greg

Indeed mate, but I was thinking more third-party firewall software, most windows computers come with some ‘really excellent’ trial security suite pre-installed and some of those can do all kinds of wierd’n wonderful things, especially if it’s a trial who’s registration has run out

I meant temporarily as a test not permanently! My bad for not making that clear … just gimme five while I kick myself a bit :wink:

Fully agree with You with just one exception :slight_smile:
Disabling the firewall on a Windows machine even temporarily can have very sad consequences.

Best regards,
Greg

Fully agree with you too … oh wait!

You said disabling the firewall, thought for a second there you said installing windows :wink:

Or just connect to your NX server in “shadow” mode and you’ll be on display :0. The difference is that you should NOT logout out in the client (because it would log you out from the server too). When you’re done, disconnect the session from NX Session Administrator and you’ll find your Linux desktop just as you left it.

… while shutting down Windows permanently can only have happy results. :wink:

On Sat, 23 Jul 2011 15:56:02 +0000, please try again wrote:

> hendersj;2366998 Wrote:
>>
>> The thing about NX is that it typically is a ‘terminal server’ type
>> solution, rather than giving you access to display :0 (at least in my
>> experience) - something like x11vnc is better for access to display :0,
>> but it should definitely be tunneled over SSH.
>>
>>
> Or just connect to your NX server in “shadow” mode and you’ll be on
> display :0. The difference is that you should NOT logout out in the
> client (because it would log you out from the server too). When you’re
> done, disconnect the session from NX Session Administrator and you’ll
> find your Linux desktop just as you left it.

That’s cool, I wasn’t aware of that option. I might need to take some
time to try this out. :slight_smile:

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

If you use the free version from nomachines the shadow mode is enabled in the /use/lib/NX/nxserver.conf file. A few lines need to be comment in (remove the #). One drawback is the screen resolutions on the client need to the same or higher, NX doesn’t have sliders like VNC so the desktop is cutoff if the screen on the client is smaller. To get better performance use the custom mode which will run a application and display onto the remote system screen much like X, start a xterm and launch the programs from this xterm.