Remote Desktops with VNC and RDP

I find it useful to have a remote desktop to my Ubuntu systems.   On secure connections, I have been using VNC via xinetd.  Connections with xrdp where possible, but it wasn’t launching the desktop for the connection.  For secure terminal connections, I stick with ssh. All these connections have a login at the start of the connection. This is how I do it.

Setting up VNC over xinetd

This installation requires three packages, xinetd, xdm, and tightvncserver.  vnc4server does not work with the example. The necessary change is noted after the example. You may want to enable multiple display managers as described later. This will allow you to restart xdm without killing your local session.

Using xinetd gives a fixed terminal size. I use several ports (displays) with appropriate sizes.  The smallest gives me a full-screen desktop on a netbook. The largest matches the size of the monitor I am using to write this post. The /etc/xinet.d/xvnc-1 configuration file for the netbook looks like:

service xvnc-1
{
 disable = no
# bind = 192.168.10.6
 port = 5901
 type = UNLISTED
 socket_type = stream
 protocol = tcp
 wait = yes
 user = nobody
 server = /usr/bin/Xtightvnc
 server_args = -inetd -geometry 1024x600 -depth 16 -query localhost -once -ac -desktop Server-netbook
# server = /usr/bin/Xvnc4
# server_args = -inetd -geometry 1024x600 -depth 16 -query localhost -once -SecurityTypes none -desktop Server-netbook
 libwrap = xvnc
 log_on_success = PID HOST EXIT DURATION TRAFFIC
 log_on_failure = HOST
}

For each display you will need to change the service name, port and geometry arguments. You may also want to change or omit the -desktop description. The bind option is optional unless you have other services (virtual servers) using the same display numbers. Access to all displays can be controlled by defining rules for xvnc in /etc/hosts.allow. Review man xinetd.conf for additional configuration options. When I upgraded to Ubuntu Lucid (10.4), I had to drop -extension XFIXES from the server_args specification as VNC did not start with it included.

To use vnc4server replace -ac with -SecurityTypes none in the server args. WARNING: I have had limited success using tightvncserver with xrdp. The configuration above is hard-coded to tightvncserver so that vnc4server can be installed as well. The configuration for vnc4server is commented out. Remove the commented lines if you prefer.

Logins are handled by xdm.  Recent versions of gdm seem to be unable to handle the required XDMCP requests.  Prior to upgrading to Ubuntu Lucid I was using gdm with an /etc/gdm/custom.conf file.
To enable xdm to listen to XDMCP requests on TCP you need to edit some files.

  • Edit /etc/X11/xdm/xdm-config to comment out the DisplayManager.requestPort line. By default, xdm is configured not to listen on for IP connections.
  • Edit /etc/X11/xdm/Xaccess to uncomment the line allowing any host to get a login window. Alternatively, you can just add a line reading localhost.
  • You may want to edit /etc/X11/xdm/Xsetup to uncomment the xsetroot line. xsetroot can also be used to provide a background picture or other effects.

Special settings for the local display(s)

I have a dual-screen setup which requires some setup for the desktop.  I created the executable file /etc/X11/xdm/Xserver_0 to run the required setup.  I wanted the login panel on the right screen.  To handle this I added the following lines to /etc/X11/xdm/Xresouces.

#if WIDTH > 2000
xlogin*geometry:                -400+300
#endif

Enabling gdm or kdm on the local display

gdm or kdm are the default display managers and can be used to manage the local display. This requires running two display managers.  Use dpkg-reconfigure xdm to select the default display manger (gdm or kdm) to handle the main screen.

You will then need to edit two xdm files. Comment out all uncommented servers in /etc/X11/xdm/Xservers.  This is the last line of the default configuration.

Edit /etc/init.d/xdm. Change HEED_DEFAULT_DISPLAY_MANGER to false.  This can be done by adding a line just after the set -e line reading HEED_DEFAULT_DISPLAY_MANGER=false.  This will enable both display managers to run.  You can then start xdm with the command /etc/init.d/xmd start.

Installing xrdp

I have tried xrdp at various times in the past. Until recently, I haven’t managed to get it to work as expected. I tried the native version for Ubuntu Lucid (10.4) and still found it unsatisfactory. Ubuntu Maverick (10.10) has xrpd version 0.5.  It is compatible with the packages installed for Lucid. I downloaded and install the Maverick package. Finally, I have a working version of xrdp. It starts a VNC server as needed.

I edited the Security section of /etc/xrdp/sesman.ini to disable root logins and limit the users who can connect. Review the man documentation and configure it appropriately for your situation.

I have had problems using the tightvncserver package dropping connections. This problem has been traced to a bug in how clipboard events are handled. I replaced it with the vnc4server package which does not share the clipboard events automatically.  This requires a minor edit to the /etc/xrdp/sesman.ini file.  In the [Xvnc] section change param2=-ac to param2=+kb.

I did not want most of the default xrdc connections. These are defined in /etc/xrdp/xrdp.ini.  I deleted the lines from [xrdp2] to the end of the file.   The sesman-X11rpd connection did not work for me, although I believe that it is likely the most desirable connection.  This is because the required X server is not packaged yet. If you have multiple servers behind a firewall, you may want to enable the sesman-any connection on a host accessible via NAT.  Be sure you secure and test your network accordingly.

Using Remote Desktop from Windows

The default configuration for Remote Desktop is to use 32-bit colors.  xrdp only support 8-bit and 16-bit colors so the options need to be adjusted accordingly.  If you define a user id, it will default the user id in the xrdp sesman login window.   Enter the name or IP address and connect. You will get an xrdp login window after which you will get a desktop session.

Application Issues

Some applications only support a single session active at a time.   These will cause problems if you are already logged in and have an active session.

By default, Firefox will not start a second session.  If you have multiple profiles, you can select an inactive profile in the second session. To enable this  set StartWithLastProfile=0 in ~/.mozilla/firefox/profiles.ini. Firefox will then start the session chooser when you start it. Alternatively, you can create an additional launcher specifying an alternate session.

xdrp does not handle sound requests from Windows well. It does not migrate the sound to the client if requested. Session shutdown may stop playback on the server.

vnc4server does not share clipboard events. These cause xrdp to drop the connection, so it is the preferred option in this case. If you are using xinetd you can enable clipboard sharing by running the vncconfig command. Running it as vncconfig -nowin & will run it in the background without a control window.

On systems that don’t already have a window manager, you may want to install one. Otherwise, you will be limited to what you can configure with ~/.xsession. I installed a minimal XFCE4 environment by installing xfdesktop4, Xorg, and ttf-freefont.

4 comments

  1. Were you able get clipboard sharing to work with xrdp? I read somewhere that you need to run “vncconfig -nowin” for this and confirmed from the man page that it should work, but the first time I ran it, the session got disconnected. I was able to connect back, but whenever I try to copy something, the session gets disconnected, so I ended up killing vncconfig.

    Also, how do you configure what gets launched as part of the xrdp session? E.g., for vncserver, it uses .vnc/xstartup, so is there something like that for xrdp?

    Reply

    1. The first option using xinetd will give you a fixed size screen as specified in the definition. When I needed multiple sizes, I defined multiple services on different ports with appropriate sizes. You can also setup different services with different color depths.

      The second option using xrdp requires a Windows RDP client. The screen size is the size specified by the client when you connect. VNC clients will not be able to successfully connect.

      Reply

  2. I had not tried sharing the clipboard from VNC using xdrp. I do most of my command line connections over SSH and clipboard works well with it. I found enabling the clipboard resulted the same problems you encountered. The clipboard works when running VNC via xinetd.

    What programs run for your session is controlled by ~/.xsession. However, if you have a desktop manager installed it should already be run by the Xsession default files in /etc/Xsession/*. I have updated the notes section to include the packages required for a minimal XFCE desktop. My main system runs gnome, and I get my regular desktop resized appropriately.

    Reply

    1. From a quick review of the package description, x11vnc does not work like either of the options I have presented here. With Solaris I tend to use an ssh session with X forwarding to a Linux host, or an Xserver running on Windows. There are open source Xservers that work well with Solaris. It is easy to create a Linux VirtualBox image. Unless I am running a program that requires an Xserver, I work from the command line in a Putty session from Windows.

      Reply

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Cookie Consent with Real Cookie Banner