Difference between revisions of "X2Go"
m (Bot: Removing from Category:HOWTOs (English))
(removed parts about tcp_wrappers (deprecated))
|Line 22:||Line 22:|
To have sshd started at boot time, you have to put it into the daemeons line in
Revision as of 10:09, 22 July 2011
With x2go you can access your desktop using another computer -- that means both LAN and internet connections. The transmmission is done using the ssh protocol, so it is encrypted. By using the free nx libraries from NoMachine, a very acceptable permformance in both speed and responsiveness is archieved. Even an ISDN-connection runs smoothly.
This makes it is possible to connect your laptop to any computer with the environment, applications, and performance of the remote desktop. It is also possible to have a bunch of computers connected to a single server (terminal-server, thin-client).
Clients are available for Linux (Qt4/Gtk/cli), Windows and Mac. The latter two can be downloaded directly from the x2go homepage.
x2go and Arch Linux
Arch Linux x2go packages are available in the AUR. Currently the server and clients are available. The LDAP based usermanagement suite is not yet finished, nor are tools that make x2go more convenient for use in schools and thin client environments.
Installation and configuration
Configuring the Server
Install the x2goserver package:
There are two different server packages: x2goserver and x2goserver-one. x2goserver-one is a single node server and relies on sqlite. If you don't need multiple servers in an array then choose x2goserver-one, otherwise choose x2goserver.
Install the ssh-daemon:
pacman -S openssh /etc/rc.d/sshd start
To have sshd started at boot time, you have to put it into the daemeons line in /etc/rc.conf, e.g.
DAEMONS=(... network ... sshd ...)
Load the fuse module:
This makes it possible for the server to access files on the client computer.
To have this module loaded at boot time, you also have to put it into the MODULES line in /etc/rc.conf, e.g.
Add user priviledges: Some users or groups need the rights to run a program as root.
pacman -S sudo visudo
An example for an entry in this file for all members of the group users:
%users ALL=(ALL) NOPASSWD: /usr/bin/x2gopgwrapper
Initialize the SQL database and start the SQL server:
If you are using x2goserver (not x2goserver-one), start postgres and create the database tables:
/etc/rc.d/postgresql start cd /usr/lib/x2go ./x2gocreatebase.sh /etc/rc.d/postgresql restart
Start the x2goserver (both x2goserver and x2goserver-one):
If you want to have this services started at boot time, include them in the DAEMONS line in /etc/rc.conf
DAEMONS=(... network ... sshd ... postgresql ... x2goserver)
Note that x2goserver daemon will spam your /var/log/auth.log every few seconds, therefore make sure you have logrotate run regularly via cron.
Check SSH daemon configuration to allow non-English session:
If you are using other than POSIX (C) locale, you may want to add the following line to /etc/ssh/sshd_config:
# Allow client to pass locale environment variables AcceptEnv LANG LC_*
Then, restart the daemon (as root):
Configuration of the Client
Install the client:
You may choose x2goclient (for qt) or x2goclient-gtk (for gtk)
Double check ssh
Convince yourself that you can open a ssh-session from the client to the server (host).
Within the local network this should not be a problem. The way you connect from beyond your network, lets say the internet, to your comuter at home is a question of how your network is build up. This would go beyond the scope of this article. Therefore here only a few items:
- A port has to be opened at the router resp. gateway which forwards requests to your server, and there especially to the sshd-port (which normally is 22). To prevent a big part of the portscan attacks it is probably better to have 222 as publicly reachable port.
- To prevent you from having the need to keep your public IP address in mind (especially if this changes dynamically) it is advisable to use a dynamic DNS-Service (DynDNS, DynIP). Many routers are preconfigured to be reachable under a name rather than an IP address.
Enough preliminaries! Now to the x2goclient. Run it:
This opens the client application. You can now create several sessions, which then appear on the right side and can be selected by a mouseclick. Each entry consists of your username on the server, hostname and IP and the port for ssh-connection. Furthermore you can define several speed profiles (coming from modem up to LAN) and the desktop environment you want to start remotely.
Do not simply choose the defaults of KDE or Gnome, since the executables startkde or startgnome are usually not in the PATH when logging in using ssh. Use full paths to startkde or startgnome. You can also start openbox or another window manager.
You should be asked for your password for your user at the server now and after login you will see the x2go logo for a short time, and -- voila -- the desktop.
Exchange data between client and server(desktop)
On the x2goclient (e.g. laptop) local directories could be shared. The server will use fuse and sshfs to access this directory and mount it to a subdirectory media of your home directory on the server. This enables you to have access to laptop data on your server or to exchange files. It is also possible to mount these shares automatically at each session start.
To leave a session temorarily
Another special feature of x2go is the possibility of suspending a session. This means you can leave a session on one client and reopen it even from another client at the same point. This can be used to to start a session in the LAN and to reopen it later on a laptop. The session data are stored and administrated in a potges databse on the server in the meanwhile. The state of the sessions is protocolled by a process named x2gocleansessions.
Workaround for failing compoziting window manager for remote session
This is useful for situations, when the computer running x2gserver is used also for local sessions with e.g. compiz as the window manager. For remote connections with x2goclient, compiz fails to load and metacity should be used instead. The following is for GNOME, but could be modified for other desktop environments. (Getting compiz ready is not part of this how-to.)
[Desktop Entry] Type=Application Encoding=UTF-8 Name=gnome-wm-test Exec=/usr/local/bin/gnome-wm-test.sh NoDisplay=true
Create script /usr/local/bin/gnome-wm-test.sh:
#!/bin/sh # Script for choosing compiz when possible, otherwise metacity # Proper way to use this script is to set the key to mk-gnome-wm # /desktop/gnome/session/required_components/windowmanager xdpyinfo 2> /dev/null | grep -q "^ *Composite$" 2> /dev/null IS_X_COMPOSITED=$? if [ $IS_X_COMPOSITED -eq 0 ] ; then gtk-window-decorator & WM="compiz ccp --indirect-rendering --sm-client-id $DESKTOP_AUTOSTART_ID" else WM="metacity --sm-client-id=$DESKTOP_AUTOSTART_ID" fi exec bash -c "$WM"
Modify the following gconf key to start the session with gnome-wm-test window manager:
$ gconftool-2 --type string --set /desktop/gnome/session/required_components/windowmanager "gnome-wm-test"
At the moment the package consists mainly of the x2goserver and the x2goclient. It is planned to add in near future:
- LDAP-Integration. This allow the administration of users, sessions and logins using LDAP. This is an interesting feature for schols or companys. For this purpose there are control programs which integrate themselves into the KDE Control Center.
- The option to use x2goclient as a login screen for thin clients.
- The possibility to use locale devices (CD, floppy, USB-stick) remotely and transparently.
Questions and problems? You could contact me also directly. GerBra
(Many thanks to Stefan Husmann for translation from archlinux.de wiki)