Language Selection

English French German Italian Portuguese Spanish

Mike Gabriel: X2Go, Remmina and X2GoKdrive

Filed under
Software

In this blog post, I will cover a few related but also different topics around X2Go - the GNU/Linux based remote computing framework.

Introduction and Catch Up

For those, who haven't come across X2Go, so far... With X2Go [0] you can log into remote GNU/Linux machines graphically and launch headless desktop environments, seamless/published applications or access an already running desktop session (on a local Xserver or running as a headless X2Go desktop session) via X2Go's session shadowing / mirroring feature.

Graphical backend: NXv3

For several years, there was only one graphical backend available in X2Go, the NXv3 software. In NXv3, you have a headless or nested (it can do both) Xserver that has some remote magic built-in and is able to transfer the Xserver's graphical data to a remote client (NX proxy). Over the wire, the NX protocol allows for data compression (JPEG, PNG, etc.) and combines it with bitmap caching, so that the overall result is a fast and responsive desktop experience even on low latency and low bandwidth connections. This especially applies to X desktop environments that use many native X protocol operations for drawing windows and widget onto the screen. The more bitmaps involved (e.g. in applications with client-side rendering of window controls and such), the worse the quality of a session experience.

The current main maintainer of NVv3 (aka nx-libs [1]) is Ulrich Sibiller. Uli has my and the X2Go community's full appreciation, admiration and gratitude for all the work he does on nx-libs, constantly improving NXv3 without breaking compatibility with legacy use cases (yes, FreeNX is still alive, by the way).

Read more

More in Tux Machines

Android Leftovers

Best Linux laptop for 2021: Which one should you buy?

I remember, back in my early days of Linux, finding a laptop that could run the open-source operating system was tricky business. You might get a distribution to work with the video chipset. You might even find one that interacts with your soundcard. If you could manage to get wireless working, you were something special. That was then, and this is a very different time. Now, you can find Linux pre-installed laptops all over the place. Companies like System76, Tuxedo Computers, Juno Computers, Dell, Lenovo and HP are all producing laptops that support or are even fully certified to run Linux. Read more

today's leftovers

  • Paradox of the perfect code editor

    Imagine if someone summoned a magical genie and wished for a perfect code editor. Since it is perfect, does that mean it provides you everything you ever need to code the optimal solution? Or since it is perfect, does it enable you to accomplish the coding aspect instantly?

    Thus, the paradox:

    Does the perfect code editor mean that you spend nearly 100% of your work time using the editor or does it mean you spend nearly 0% of your work time using the editor?

  • I write code 100 hours/week, here's why I probably won't stop

    I feel strongly you should never feel compelled or required to do what I am doing. Any company, manager, or person asking you to do so is horrible and you should get out quick. I don’t want to contribute to that culture or feed it.

    But-I love what I’m doing. I love the amount of progress I’m able to achieve every day. I love my time spent solving problems. I love what I’ve achieved so far. I want to go further than ever before - I’ve been marathon coding for as long as I can remember, and I’m not going to stop. I need to see how far I can go.

    I love the choices I’ve made in life. I hope you love yours too.

  • The reports of Perl’s death have been greatly exaggerated

    But you know what? Perl’s still going. It’s had a steady cadence of year­ly releas­es for the past decade, intro­duc­ing new fea­tures and fenc­ing in bad behav­ior while main­tain­ing an admirable lev­el of back­ward com­pat­i­bil­i­ty. Yes, there was a too-​long adven­ture devel­op­ing what start­ed as Perl 6, but that lan­guage now has its own iden­ti­ty as Raku and even has facil­i­ties for mix­ing Perl with its native code or vice versa.

  • Share with us your say on interoperability benefits in digital public service delivery

    As the the ISA2 programme and ELISE are coming to an end, is the right time to reflect on what we have achieved together and how to build on that in the next generation programmes.

  • How BSD Authentication Works

    The way OpenBSD authenticates users is quite different from other Unix-like operating systems. Most other systems like AIX, Solaris, Linux, the other BSDs, and MacOS, use a framework called Pluggable Authentication Module (PAM). The two main implementations are Linux PAM and OpenPAM. PAM modules are created as dynamically loaded shared objects, which communicate using a combination of common and implementation specific interfaces (Linux-PAM and OpenPAM). It's configured using the pam.d directory and pam.conf file. While it can be flexible, it's highly complex and very easy to mis-configure, leaving you open to strange and hard to track down authentication bugs. On top of that, the fact that it's a shared library means that any vulnerability in a poorly vetted authentication module gives attackers direct access to the internals of your application. Author Michael W. Lucas said it best when he described PAM as unstandardized black magic.

    OpenBSD on the other hand uses a mechanism called BSD Authentication. It was originally developed for a now-defunct proprietary operating system called BSD/OS by Berkeley Software Design Inc., who later donated the system. It was then adopted by OpenBSD in release 2.9. BSD Auth is comparatively much simpler than PAM. Modules or, authentication "styles", are instead stand alone applications or scripts that communicate over IPC. The module has no ability to interfere with the parent and can very easily revoke permissions using pledge(2) or unveil(2). The BSD Authentication system of configured through login.conf(5).

  • Explaining top(1) on FreeBSD

    We all know and have at least once used the top(1) command to track information about our cpu and processes, but how many of you know what each field means? Today we will guide you through each of these fields. By default, top(1) displays the ‘top’ processes on each system and periodically updates this information every 2.0 seconds using the raw cpu use percentage to rank the processes in the list.

Integrity/Availability, Security, and DRM

  • Sinclair hit by ransomware attack, TV stations disrupted [iophk: Windows TCO]

    Sinclair Broadcast Group, which operates dozens of TV stations across the U.S., said Monday that some of its servers and work stations were encrypted with ransomware and that data was stolen from its network.

  • Sinclair hit by ransomware attack, TV stations disrupted [iophk: Windows TCO]

    The Hunt Valley, Maryland-based company either owns or operates 21 regional sports network and owns, operates or provides services to 185 television stations in 86 markets.

  • Canon Sued For Disabling Printer Scanners When Devices Run Out Of Ink

    For more than a decade now, computer printer manufacturers have been engaged in an endless quest called: "let's be as annoying as humanly possible." That quest, driven by a desire to monopolize and boost the sale of their own printer cartridges, has resulted in all manner of obnoxious DRM and other restrictions designed to make using cheaper, third-party printing cartridges a monumental headache. Often, software or firmware updates have been designed to intentionally grind printing to a halt if you try to use these alternative options.

  • Caskading Failures

    In case you hadn’t heard, Let’s Encrypt’s root certificate expired on September 30th, causing many old applications and devices to reject connections to any site secured by certificates issued by Let’s Encrypt. At Cider and Saddle, all of our services are backed by a Let’s Encrypt wildcard certificate, which we’d configured to automatically renew when needed. We thought that meant we’d be in the clear; after all, we were sure to keep our production system up-to-date, and as long as the system’s CA certificates were fresh, there shouldn’t be any issues.

    We were wrong.

    On October 3rd, one of our community members noticed Cask was throwing 500 errors upon visiting the page. Scrubbing through the logs, it was pretty easy to guess what was going on: [...]