diff options
Diffstat (limited to 'src/Linux:Desktop_Sharing.adoc')
| -rw-r--r-- | src/Linux:Desktop_Sharing.adoc | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/src/Linux:Desktop_Sharing.adoc b/src/Linux:Desktop_Sharing.adoc new file mode 100644 index 0000000..521a16d --- /dev/null +++ b/src/Linux:Desktop_Sharing.adoc @@ -0,0 +1,73 @@ +Linux:Desktop Sharing +===================== +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +For the last several weeks, I and several others running Linux on my team have +been unable to use the third party desktop sharing service our company has +purchased. This is due to the fact that several weeks ago, we all received +updates to our system versions of Java (openjdk and icedtea), which broke their +"web" client. We still need to share desktops though on occasion for meetings, +so a solution needs to be found. Thankfully there is a pretty great solution +out there for this that handles surprisingly well: +https://en.wikipedia.org/wiki/Virtual_Network_Computing[VNC]. + +[[enter-vnc]] +== Enter VNC + +I'm not VNC's biggest fan. It's a really neat protocol, but it is often +misused. In nearly every deployment of it that I have seen, the end user didn't +tunnel through ssh, didn't enable ssl, and/or used their actual account +password to password the vnc session. If someone were particularly clever, they +could record the packets and effectively replay the vnc session and possibly +get the user's password amongst a list of other potential things. + +Now, given that we're doing desktop sharing, we can't tunnel over ssh because +that requires a user account (unless you set up an anonymous account, which is +another good option). We can however do vnc over ssl. + +To get going, we need one piece of software - +**http://www.karlrunge.com/x11vnc/[x11vnc]**. X11vnc differs from other vnc +servers in that it allows you to share display :0 rather than creating a new +virtual display (typically starting at :1). This allows you to physically be +using the display while other people watch it. Let's look at the +command/script to get this started... + +---- +#!/usr/bin/env bash +echo "Sharing desktop on 5900" x11vnc -viewonly -ssl -sslonly -passwd <password> -forever +---- + +What we have here is... + +[cols=",,,,,",options="header",] +|=============================================================== +|x11vnc |-viewonly |-ssl |-sslonly |-passwd <password> |-forever +| +|Prevents users from taking control of your display +|Makes ssl connections available +|Forces SSL to be used by all connecting clients +|Set the session password +|Don't shut the server down when a user disconnects +|=============================================================== + +A few things to note here... + +One final thing I would like to point out is that with this, you can do +clipboard sharing if the clients all support it. All the sharer has to do is +copy something and all of the clients should be able to paste it on their +computers. I've used this for several meetings now and it works great. The +biggest difficulty I've had up to this point is to get people to install VNC +clients for the first time. Once they've got that going, they typically comment +shortly after the meeting about how much faster and easier vnc is than the +service the company pays for. + + +Category:VNC +Category:Linux + + +// vim: set syntax=asciidoc: |