Remote Desktop in Linux
2013-04-07
Derek Zhou
Linux or all Unix in general, is fundimentally multi-user enabled. You can ssh in to the box any time you want, with out concurrentcy limitations. However, if you want to have remote GUI, things get a little complicated. There are many choicess, and each with its own pros and cons.
Remote desktop or remote Application
Fundimentally there are 2 ways to go remote. You can either have a complete remote GUI login session or you can just launch a remote application and has its desplay and inputs redirected.
Network constraints
We also has to consider the constraints imposed by the network. 2 limitations need to be considered:
Bandwidth. Today's broadband onnections can give you 50KB/s consistant bandwidth to most hosts; which is good enough for most remote GUI needs except video. Even if you have higher bandwidth watching video on a remote application may not be pleasant; A better way is always to stream the video through network directly and watch it locally.
Latency. Actually latency is the more problematic limitation for remote access. Anytime you go beyond LAN the round trip latency is most likely 50ms or higher; crossing continent it will be 500ms or higher. You will fell the lag from the key press to the response on the screen once the latency go beyond a couple of hundred ms; and if the latency go higher than 1 or 2 seconds then remote access is not going to be pleasant.
Native X11 remote
The X11 protocol itself has network transparency built in. One can just redefine DISPLAY to have a single application forwarded or use XDMCP to have a remote login session. However, it has severe problems:
- security. Traffic is unprotected, passwd go through the network in clear.
- very latency senstive. Anything beyond LAN will be really unworkable.
ssh X11 forwarding
ssh comes with -X -C options to encrypt and compress the X11 traffic. It solve the security problem but the latency problem is only reduced, not solved. It can be used as an emergency backup plan but not much for day to day work.
VNC
VNC is basically pushing image around. It is much less sensitive to latency. However:
- security problem still there, one can use VPN or SSH port forwarding to handle it though.
- Free VNC implementation does not has some of the advance functionality of the non-free ones.
NX from Nomachine
NX is a technology developed by Nomachine, which is more advance than VNC and performs better than VNC. The core lib is open source and free server and clients exists. However, Nomachine is going closed source at V4 and the V3 implementation is basically abandoned.
X2go
X2go is a new (<2 years) technology that is a fork of NX v3. It is backed up by Ubuntu so it should stick around. However:
- it is still young and few package outside Ubuntu and Debian exists. Also it has some rough edge too.
- It is not compatible with NX sadly.
SPICE
SPICE is a technology that was mainly used in virtualization which can also be used for general purpose remote access. It is backed up by redhat, so it should stick around. However:
- it is also new
- It is very virtualization targeted, so it is at a very low level, similiar to VNC, so it may not perform as well as NX or X2go.