terminal services prototype

Mark McLoughlin markmc at redhat.com
Thu Jun 3 17:11:28 UTC 2004


Hey,
	Caolán and I have been working on prototyping a VNC based terminal
services system which also allows hot-desking.

	The idea is that we allow GDM to accept VNC connections, spawn a VNC
server for each new connection and display a login screen. The user then
authenticates through the login screen as normal and GDM starts a new
session on the VNC server. However, if you then close your VNC client,
the session doesn't go away. GDM continues to manage that session.

	You may then go to a different terminal, the server will spawn off a
new VNC server with a login screen through which you log in. However,
once you log in, GDM detects that you already have a session running and
switches you to your original session rather than starting a new
session.

	You could imagine terminals which are very similar to LTSP terminals,
but instead of starting an X server which queries the server for a login
using XDMCP, it starts a fullscreen vncviewer which connects to the
server.

	We've reached a stage where we can demo the basic idea, so here's the
results:

 1) On a test machine which will act as the terminal server, install
    the "gdm" and "vnc-server" packages from:

        http://people.redhat.com/markmc/terminal-services-demo

    Note: there are packages built against both FC2 and rawhide.

 2) Punch port 5900 through the firewall on the server - i.e. 
    system-config-securitylevel, Other ports, "5900:tcp"

 3) Reboot for good luck.

 4) From another machine, vncviewer -FullScreen -FullColor myserver

 5) Log in as normal, play around, start a few apps.

 6) Close vncviewer (F8, Exit viewer)

 7) Start vncviewer as in (4)

 8) Log in as normal, you should be immediately switched back to your 
    original session.

	Caveats:

  + You don't want install these packages on a machine which you need to
    stay working. We're making no stability/security guarantees 
    whatsoever yet.

  + The VNC protocol stream is unencrypted. When you type in your 
    password to the login screen its going across the network in plain 
    text. Don't test this on an untrusted network. We'll be making all 
    this work using the SSL extension used in Vino[1].

  + Right now, the client will be encoding the pixels using the "raw" 
    encoding. No compression, so it'll be slow. We'll be fixing that 
    soon too.

Cheers,
Mark.

[1] - http://www.gnome.org/~markmc/blog/05022004





More information about the Fedora-desktop-list mailing list