Is it possible to clone image from display via ssh? I want to see what is on my first laptop display from another laptop, but without any additional software like teamviewer or vnc.
The short answer is: Yes, but you may be unhappy with the results.
The protocol you are looking for is called X11 Forwarding. This option must be enabled on your server by setting X11Forwarding yes in /etc/ssh/sshd_config, then reloading the daemon.
Once enabled on the server, the client must initiate their ssh session using the -x flag.
The major limitations of this technology are that:
The data is not optimized for transfer over the wire. For most environments you end up with a low framerate and/or graphical artifacts. As long as you're doing something like running a GUI installer it should not be a problem, but do not expect to be able to stream video / play a game using X11 forwarding.
The client must have an X server installed. If you are connecting from a Windows machine (or another machine that does not have an X server installed), you may need to use a project such as Xming in order to actually interpret the data once you get it to the client.
Related
I would like to setup a small computer (Raspberry Pi) running Arch Linux to accept remote X sessions. Doing this usually means setting up Xorg server and running one of the Display Managers. I have done this before, and I will go this route if I have to. However, since the machine is very underpowered, and it is actually not connected to a physical monitor, I was hoping to setup the X server to accept only remote sessions. This way no memory would be wasted on managing the local graphics card, video memory etc, since they are not being used. Is it possible to setup the X server to accept only remote sessions without going into local graphical mode? And how?
It's possible to set up a *ix to remote display to a system you're sitting in front of, without an X server on the machine running the app.
You need X11 libraries, one or more X11 applications, and you probably want openssh set up for remote X11 forwarding - all on the raspberry pi. You'll also want an X server running on the machine you're sitting in front of.
On the Raspberry Pi, change your sshd_config to include "X11Forwarding yes". After making this change, restart sshd or reboot.
Then apt-get or yum your X11 libraries and app(s).
When you connect to the Raspberry Pi machine, use "ssh -Y" instead of just ssh to pass along xauth data.
Good luck!
Disable automatic start of the login manager and X server, instructions are googlable, say http://www.debianadmin.com/howto-boot-debian-in-text-mode-instead-of-graphical-mode-gui.html. From personal experience running X apps on raspberry remotely is not too good either.
Scenario:
Many embedded devices (running Linux) out in the fields, behind routers so NAT'd and we can't make connections to them.
We need for a support person to be able to initiate a terminal/shell session on any of the devices.
Their local terminal will also be NAT'd behind a corporate firewall, so we need some central "meeting point" that both they and the device can connect to.
If necessary, we could require the support person to log into some sort of terminal server, but I'd prefer a solution that just popped up a terminal window on their desktop.
We can (through other means) tell the device to execute some arbitary script or application to start up the session.
Without the NAT, it's just SSH to the device and away we go. But what are my options in this NAT'd environment?
We're OK to develop code at either end or at the meeting point server if required, but obviously if there are apps out there so we don't have to write stuff, even better.
Pointers to other questions I may have missed (although I have looked) or to applications that I should consider for the central "meeting point" server welcomed
How about simply setting up an ssh server that is reachable by both the device and the support user, and have the device set up a reverse tunnel (using remote port forwarding)?
ssh -R 10022:localhost:22 device#server
Then the support personnel can simply connect to the server and log on using
ssh -p 10022 localhost
Of course there are several security aspects that need to be accounted for here, depending on what kind of information the devices hold/have access to and how the support organization is set up.
SSH is an adequate tool for this. You will, as you say, need a middle-man server. But it would be very easy to set up, assuming that your 'other means of executing a script' are remote and can be executed from your office.
So, fire up a new server on a global IP (an Amazon AWS micro node is free for a year and would do the job just fine), and install an ssh deamon. Say it has the hostname middleman.example.org.
The script to put onto your embedded devices would look like;
#!/bin/bash
ssh -i ./middle_id.pem -R 22:localhost:2222 middleuser#middle.example.org
(The private key authentication would be a way of making the login non-interactive)
The script to put onto your desktop machines would look like; (assuming the argument $1 is the IP of the embedded device, and that prod_remote_device.sh executes the above script on the chosen embedded device.)
#!/bin/bash
./prod_remote_device.sh $1
ssh -i ./device_id.pem deviceuser#middle.example.org:2222
And that should forward your connection to the embedded device.
In order to make it bind to all interfaces, use:
ssh -N -R 0.0.0.0:2222:localhost:22 root#example.com
Don't forget to edit /etc/ssh/sshd_config and go to GatewayPorts and enable it and set it to yes.
And Then connect to it from any Loopback or Ethernet interface.
I am having some problems with launching firefox from a Linux daemon written in C.
When I launch firefox on the machine itself (via terminal) from the command shell using /usr/bin/firefox it works OK and a firefox browser window lanunches as it should.
However if I try this within my C daemon using system("/usr/bin/firefox"), firefox launches its process in the terminal but the browser window is not opened?
A similar thing happens when I try to do this using remote terminal acces. It's something to do with telling the system to open firefox in window mode rather than trying to open it in terminal mode - but I dont know how to specify this using bash commands?
I am using Lubuntu 11.10 in my Linux System.
Any help is most appreciated.
There's a reason I asked why you're attempting to do what you want. I didn't want to get into great details in my comment.
Firefox on Unix is an X-Window process (most of the Linux/Unix desktops are based upon the X11 protocol which is the heart of X-Window). What X-Window does is separate the display of the program from the process running the program. For example, I am now running Firefox from a Linux box at work, but the Linux box is actually displaying the Firefox browser window at home on my Mac.
In order to do this, I had to:
Run X11 on my Mac. The X11 program creates a default X11 client display called 0.0 which pretty much says the first screen and the first instance of X11 running (computer geeks like counting from zero). The process runs in the background on my Mac. In a certain sense, it's really a server process and not a client because it's waiting on port 6000 for a client X11 process (Firefox) to tell it what to do.
Before I run firefox, I have to tell my Mac's X11 process that I grant the X11 server running Firefox to be able to display on my X11 client process. Otherwise, you can imagine someone spamming another person by continuously popping up Windows on their display. You can use the xhost program to do this.
In order to run Firefox on the Linux box, I have tell the Firefox process what X11 client I'm running it on. I can do this by setting the DISPLAY environment variable to something like "10.0.1.33:0.0". This means the X11 client is running the the machine on IP address 10.0.1.33, and I want you to use the first screen, and the first instance of the X11 client on that screen.
Now, I can run Firefox on my Linux box, and the display will display on my Mac.
The problem you're running into is that there's simply no X11 client when you're starting FireFox as a daemon process. An X11 client is associated with a user and a display of some sort. The display could be a virtual display, but there's got to be an X11 client that's running and is addressable in some way, so the process knows where to display the output.
By the way, you said daemon which has a very, very specific meaning in Unix/Linux. A daemon is a process that runs in the background and usually has a service (and a port) associated with it. For example, there's an FTP daemon called ftpd, the mail server uses the sendmail daemon, ssh has the sshd daemon. Daemons have no display associated with them.
However, it looks like you might be using the word to mean launching Firefox via another process. Is that true? If so, you'll have to make sure that Firefox knows the X11 display to use (there's a command line setting to use to specify the display), and that your X11 client (your login session) has given permission for another process to update your display with the program window.
Can you please explain what you're trying to do in a bit more detail? If you simply want to download a file from a remote http server (which of course is running the http daemon process called httpd), you should use curl or wget which don't require a display and are way simpler to use. If you're trying to do something else, let us know exactly what it is.
Firefox needs to know which display it should open on. When you run it from within a gui, even through a terminal emulator, the DISPLAY environment variable is set to the appropriate value. When you launch from the daemon, try system("/usr/bin/firefox -display=:0").
Make sure that the DISPLAY environment variable is properly set in your daemon to refer to the X server that you want your firefox to use.
If the daemon is run as a different user account than the user account that "owns" the X server that you want to use, you will also need to use xauth(1) to configure the authentication token to grant permission to use the X server.
Often times, it is far easier to use ssh -X to tunnel X and properly configure the xauth(1) tokens in one go than try to manage xauth(1) tokens yourself. Maybe adding ssh -X into your environment would be suitable, maybe not. (I've even used ssh -X root#localhost before when I needed to run an X client as root and didn't want to bother with configuring xauth(1) manually. ssh(1) is just so much easier.)
I do this all the time using VNC and it is very easy, but I am curious about a few things like XDMCP. As I understand it, this is a way of creating the entire desktop on a remote X-Server which seems fairly elegant.
Several years ago, I worked on a Solaris server and multiple developers had X-Servers running in Windows and we were able to access a full remote X-desktop. All my efforts so far in X based systems seem to indicate that only one instance, remote or local, of the desktop can be loaded, so I guess this Solaris thing was an actual application that "emulated" a desktop, but who knows....
Any input ?
From Windows I've found the best way to do this is using the Xwin command in cygwin.
Steps:
Install Cygwin, making sure to install X11. (Do this by scrolling to the bottom of the list on the "select packages" screen and click on the word "default" to the right of "X11". Give it a second or two and it will change to "install".)
Then, just run the Xwin command like this:
Xwin -query your.unix.system.name
You'll get a full-screen login window from you unix box. That's it!
Btw, sometimes firewalls get in the way of the UDP protocol for XDMCP. If that happens, look up the port numbers (one UDP outgoing, and one TCP incomming) and unblock them. Other xdmcp troubleshooting tips here.
NX will allow you to use a complete remote desktop environment locally, and most Linux distros already have the server available.
As an alternative to full cygwin install you might want to look at Xming. It is quite a bit lighter and should provide the same functionality.
In Xorg/GDM/LightDM options : "listen" should be activated (disabled by default)
In windows, try Xwin32.
In Linux, try Xnest (windowed) or X with "-query" command.
Be careful: it's slow and everything (passwords included) is transmitted in clear. So keep it on local network, tunnel it in SSH or better don't use it.
I found an additional remote desktop implementation which works quite nicely with LXDE:
x2go
Has clients for Windows, Linux and MacOS X.
In the spirit of being helpful, this is a problem I had and solved, so I will answer the question here.
Problem
I have:
An application that has to be installed on on Redhat or SuSE enterprise.
It has huge system requirements and requires OpenGL.
It is part of a suite of tools that need to operate together on one machine.
This application is used for a time intensive task in terms of man hours.
I don't want to sit in the server room working on this application.
So, the question came up... how do I run this application from a remote windows machine?
I'll outline my solution. Feel free to comment on alternatives. This solution should work for simpler environments as well. My case is somewhat extreme.
Solution
I installed two pieces of software:
PuTTY
XMing-mesa The mesa part is important.
PuTTY configuration
Connection->Seconds Between Keepalives: 30
Connection->Enable TCP Keepalives: Yes
Connection->SSH->X11->Enable X11 forwarding: Yes
Connection->SSH->X11->X display location: localhost:0:0
Lauching
Run Xming which will put simply start a process and put an icon in your system tray.
Launch putty, pointing to your linux box, with the above configuration.
Run program
Hopefully, Success!
If you want the OpenGL rendering to be performed on your local machine, using a Windows X server, like Xming is a good solution. However, if you want rendering to be done on the remote end with just images sent to the local machine, you want a specialized VNC system that can handle remote OpenGL rendering, like VirtualGL.
You could also use VNC ( like cross platform remote desktop )
X is more efficent since it only sends draw commands rather than pixels, but if you are using opengl it is likely that most of the data is a rendered image anyway.
Another big advantage of VNC is that you can start the program locally on the server and then connect to it with VNC, drop the connection, reconnect from another machine etc without disturbing the main running program.
For OpenGL, running an X server is definitely a better solution. Just make sure the application is developed to be networked. It should NOT use immediate mode for rendering and textures should be RARELY transferred.
Why is X server a better solution in this case (as opposed to VNC)? Because you get acceleration on workstation, while VNC'ed solution is usually not even accelerated on the mainframe. So as long as data is buffered on the X server (using vertex arrays, vertex buffer objects, texture objects, etc) you should get much higher speed than using VNC, especially with complex scenes since VNC has to analyze, transfer and decode them as pixels.
If you need server glx version 1.2 the free version of Xming (Mesa 2007) works fine. But if your application needs version 1.4, example qt5, the X Server from Cygwin works free to run it use this commands:
[On server]
sudo vi /etc/ssh/ssh_config
Add:
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalHost no
AllowTcpForwarding yes
TCPKeepAlive yes
ClientAliveInterval 30
ClientAliveCountMax 10000
sudo vi ~/.bashrc
Add:
export DISPLAY=ip_from_remote:0
Now restart ssh server
[On Client slide]
Install Cygwin64 (with support to X package) after that run this command:
d:\cygwin64\bin\run.exe --quote /usr/bin/bash.exe -l -c "cd; /usr/bin/xinit /etc/X11/xinit/startxwinrc -- /usr/bin/XWin :0 -ac -multiwindow -listen tcp"
Now execute ssh client:
d:\cygwin64\bin\mintty.exe -i /Cygwin-Terminal.ico -e /usr/bin/ssh -Y user_name#ip_from_server