Good catch, John - I should have mentioned that! (I do keep my monitors
off as well).
Yes - given I'm on i3, I do a `DISPLAY=:0 i3lock &` and a simple Ctrl+C
is good for killing the x0vncserver started in the SSH shell.
Thanks for pointing out those very important caveats.
Regards,
Chris
On 12/5/22 11:09, John Stoffel wrote:
> I'm sure you're re-locking the X-display when you're done and killing
> the x0vncserver, but I think it should be a part of your notes, so
> that things are kept secure.
Hey Everybody,
I'm moving the meeting to the 15th!
We brought up a whole bunch of interesting meeting ideas last meeting.
QUIK was talked about.
We also talked about redoing the KiCAD talk so we could see the full talk
(and actually record it!)
We also talked about deep diving into the new wifi standards.
PiKVM as well as FOSS music players and piCroft.
Let me know what you might be interested in talking about.
Thanks,
Tim.
--
I am leery of the allegiances of any politician who refers to their
constituents as "consumers".
Chris,
Thanks for the writeup and information. That's a really good set of
notes on how to make this work for the occasional use.
Of course this also means that your local home session is now unlocked
and visible while you're working on it remotely, and if your home
isn't secure, you might be leaving yourself open.
I'm sure you're re-locking the X-display when you're done and killing
the x0vncserver, but I think it should be a part of your notes, so
that things are kept secure.
Now if you turn off your monitors at home while on the road, this is a
little less of a risk if only because your montiors won't light up
when you're using them remotely.
I still like the mobaxterm solution for some situations. But if you
need to grab info from a running X tool which can't be
stopped/restarted, then this works well.
John
>>>>> "Chris" == Chris Thompson via WLUG <wlug(a)lists.wlug.org> writes:
> Hi all,
> Following up on a 6 month or so old inquiry...
> My request had been to get to my desktop session of X remotely. I seldom use this (mosh is
> typically more than enough) but occasionally it can be handy - e.g. grabbing a password I forgot
> to move out from FireFox into KeyPassXC, etc. (I do use FF sync, but not for passwords...call me
> paranoid - I don't mind).
> I ended up going with John's suggestion: something VNC-based. While you can set up Xvnc itself for
> a separate session, I prefer not to do this (nor do I need/want a Display Manager remotely). I
> only wanted on-demand access to the desktop shown (i.e. what's on the local monitor), and have
> found TigerVNC to be a good fit for this.
> Setup...
> "Client" = laptop on the road, "Server" = the desktop @ home
> Client setup: while you can use `ssh -L etc.` to set up port forwards, I prefer just using ~/.ssh/
> config, to which I added something like this:
> ```
> Host my_server # the alias I'm using for the server system
> LocalForward 5900 127.0.0.1:5900 # forward local port 5900 to 127.0.0.1:5900 on the server
> site
> HostName xxx.xxx.xxx.xxx # IP or fqdn of server system
> ```
> So, my laptop's localhost:5900 is now forwarded (through SSH) to the server system's equivalent of
> 127.0.0.1:5900. You can of course change the ports as needed, but as I do not run an VNC server
> process on my laptop, this is fine for me.
> This is where Tiger's x0vncserver comes in (x11vnc is another alternative). From `man x0vncserver
> `:
> x0vncserver is a TigerVNC Server which makes any X display remotely accessible via VNC,
> TigerVNC or compatible viewers. Unlike Xvnc(1), it does not create a virtual display. Instead,
> it
> just shares an existing X server (typically, that one connected to the physical screen).
> Just what I wanted! Once I have connected via SSH, to the server system, I start vnc on the server
> with ` x0vncserver -localhost -SecurityTypes none -display=:0`. This only listens on localhost,
> disabling security, and shares out from display :0, which is my normal i3/X11 desktop. There are a
> few additional security options with tigervnc, but I'm just relying on SSH in this case.
> Finally, I connect to my desktop from my client machine with `vncviewer localhost`. You can also
> just run vncviewer and will be presented with a GUI for specifying options.
> The performance is ...well, about what I expected from VNC at times, but overall it's been pretty
> reasonable/good for my limited use cases. A couple notes specific to me that may apply to you: I
> normally run a picom (an X11 compositor) - killing this before connecting is a good performance
> choice. Additionally, I disable a monitor with xrandr. The VNC client works well (when in full
> screen) with multiple displays by scrolling following the mouse motion, but it's just less
> practical IMO than dropping a monitor.
> There are some other options that make this set up even simpler (e.g. see the `-via` option of
> vncviewer), but I figured starting with a more spelled-out example was better. My primary
> reference was the Arch wiki: https://wiki.archlinux.org/title/TigerVNC
> Regards,
> Chris
> On 7/24/22 14:37, John Stoffel via WLUG wrote:
> "Chris" == Chris (wolcen) Thompson via WLUG <wlug(a)lists.wlug.org> writes:
Chris> Great to see you all in the last meeting :-) I was the
Chris> skateboarder...who caught me almost falling shortly before I
Chris> left? LOL
> It was good to meet you, hopefully face to face sometime. And I hope
> you're all staying cool today, it's been a scorcher!
Chris> [Insert name I've forgotten here (sorry!)] mentioned that their
Chris> users connect to a remote session's root desktop (or whatever
Chris> you call the initial/primary display :0 deal that you
Chris> initially/locally get).
Chris> I would like to do this as well. SSH with port forwarding is
Chris> probably my preference, but wireguard would be OK as well. I
Chris> don't think I want to directly expose anything like xrdp.
Chris> Anyway - could you please refresh my memory as to what was
Chris> being used? I'm running i3 in this case (started via
Chris> lightdm). I generally have not loved using VNC-based tools, but
Chris> if that's what is currently recommended, I guess I'll give it
Chris> another go.
> For a long time I was using NX (or FreeNX) on my work desktop so I
> could connect between a windows box and a linux desktop using Synergy
> to map the keyboard/mouse between systems as I moved the mouse between
> my desktops.
> That was using the 'nomachine.com' software, though I used the freenx
> stuff. But after a while it got to be too painful, and now that I
> mostly work on a windows laptop for work (due to the work VPN
> requirements) I don't tend to do anything beyond lots of putty
> sessions in which I run screen.
> I've tried MobaXterm, but never really liked it, even though it does
> offer native X display, so you can fire up remote graphical tools.
> This would work better if I wasnt' 80-100 miliseconds of lag
> (basically across the entire US) distant from the remote systems I
> manage and work on.
> Much as I hate to say it, I've sometimes just fallen back to VNC when
> I need to fire up a web browser to download a 5-10gb ISO image to do a
> system install.
Chris> ------------
Chris> SSHFS Optimization
Chris> Also - I referred to using sshfs internally for myself to my NAS, and
Chris> some optimizations for it. This is my current alias to mount it:
Chris> sshfs -o cache=yes -o kernel_cache -o Ciphers=aes128-ctr -o
Chris> Compression=no -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o
Chris> reconnect -C -o idmap=user server: /mymountpoint
Chris> I got a few of the recommended switches from this article that finally
Chris> convinced me to just forget about NFS:
Chris> https://blog.ja-ke.tech/2019/08/27/nas-performance-sshfs-nfs-smb.html
> This is a great set of info, because I too have used sshfs at times
> but cursed to slow speed. I'll definitely try this out. It would be
> nice if the windows client also supported these options as well at
> times.
> Cheers!
> Joohn
> _______________________________________________
> WLUG mailing list -- wlug(a)lists.wlug.org
> To unsubscribe send an email to wlug-leave(a)lists.wlug.org
> Create Account: https://wlug.mailman3.com/accounts/signup/
> Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/
> Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/P6JMC…
> _______________________________________________
> WLUG mailing list -- wlug(a)lists.wlug.org
> To unsubscribe send an email to wlug-leave(a)lists.wlug.org
> Create Account: https://wlug.mailman3.com/accounts/signup/
> Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/
> Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/3GKRQ…
Hi all,
Following up on a 6 month or so old inquiry...
My request had been to get to my desktop session of X remotely. I seldom
use this (mosh is typically more than enough) but occasionally it can be
handy - e.g. grabbing a password I forgot to move out from FireFox into
KeyPassXC, etc. (I do use FF sync, but not for passwords...call me
paranoid - I don't mind).
I ended up going with John's suggestion: something VNC-based. While you
can set up Xvnc itself for a separate session, I prefer not to do this
(nor do I need/want a Display Manager remotely). I only wanted on-demand
access to the desktop shown (i.e. what's on the local monitor), and have
found TigerVNC to be a good fit for this.
Setup...
"Client" = laptop on the road, "Server" = the desktop @ home
Client setup: while you can use `ssh -L etc.` to set up port forwards, I
prefer just using ~/.ssh/config, to which I added something like this:
```
Host my_server # the alias I'm using for the server system
LocalForward 5900 127.0.0.1:5900 # forward local port 5900 to
127.0.0.1:5900 on the server site
HostName xxx.xxx.xxx.xxx # IP or fqdn of server system
```
So, my laptop's localhost:5900 is now forwarded (through SSH) to the
server system's equivalent of 127.0.0.1:5900. You can of course change
the ports as needed, but as I do not run an VNC server process on my
laptop, this is fine for me.
This is where Tiger's*x0vncserver* comes in (*x11vnc* is another
alternative). From `man x0vncserver`:
x0vncserver is a TigerVNC Server which makes any X display
remotely accessible via VNC, TigerVNC or compatible viewers. Unlike
Xvnc(1), it does not create a virtual display. Instead, it
just shares an existing X server (typically, that one connected
to the physical screen).
Just what I wanted! Once I have connected via SSH, to the server system,
I start vnc on the server with ` x0vncserver -localhost -SecurityTypes
none -display=:0`. This only listens on localhost, disabling security,
and shares out from display :0, which is my normal i3/X11 desktop. There
are a few additional security options with tigervnc, but I'm just
relying on SSH in this case.
Finally, I connect to my desktop from my client machine with `vncviewer
localhost`. You can also just run vncviewer and will be presented with a
GUI for specifying options.
The performance is ...well, about what I expected from VNC at times, but
overall it's been pretty reasonable/good for my limited use cases. A
couple notes specific to me that may apply to you: I normally run a
picom (an X11 compositor) - killing this before connecting is a good
performance choice. Additionally, I disable a monitor with xrandr. The
VNC client works well (when in full screen) with multiple displays by
scrolling following the mouse motion, but it's just less practical IMO
than dropping a monitor.
There are some other options that make this set up even simpler (e.g.
see the `-via` option of vncviewer), but I figured starting with a more
spelled-out example was better. My primary reference was the Arch wiki:
https://wiki.archlinux.org/title/TigerVNC
Regards,
Chris
On 7/24/22 14:37, John Stoffel via WLUG wrote:
>>>>>> "Chris" == Chris (wolcen) Thompson via WLUG<wlug(a)lists.wlug.org> writes:
>
> Chris> Great to see you all in the last meeting :-) I was the
> Chris> skateboarder...who caught me almost falling shortly before I
> Chris> left? LOL
>
> It was good to meet you, hopefully face to face sometime. And I hope
> you're all staying cool today, it's been a scorcher!
>
> Chris> [Insert name I've forgotten here (sorry!)] mentioned that their
> Chris> users connect to a remote session's root desktop (or whatever
> Chris> you call the initial/primary display :0 deal that you
> Chris> initially/locally get).
>
> Chris> I would like to do this as well. SSH with port forwarding is
> Chris> probably my preference, but wireguard would be OK as well. I
> Chris> don't think I want to directly expose anything like xrdp.
>
> Chris> Anyway - could you please refresh my memory as to what was
> Chris> being used? I'm running i3 in this case (started via
> Chris> lightdm). I generally have not loved using VNC-based tools, but
> Chris> if that's what is currently recommended, I guess I'll give it
> Chris> another go.
>
> For a long time I was using NX (or FreeNX) on my work desktop so I
> could connect between a windows box and a linux desktop using Synergy
> to map the keyboard/mouse between systems as I moved the mouse between
> my desktops.
>
> That was using the 'nomachine.com' software, though I used the freenx
> stuff. But after a while it got to be too painful, and now that I
> mostly work on a windows laptop for work (due to the work VPN
> requirements) I don't tend to do anything beyond lots of putty
> sessions in which I run screen.
>
> I've tried MobaXterm, but never really liked it, even though it does
> offer native X display, so you can fire up remote graphical tools.
> This would work better if I wasnt' 80-100 miliseconds of lag
> (basically across the entire US) distant from the remote systems I
> manage and work on.
>
> Much as I hate to say it, I've sometimes just fallen back to VNC when
> I need to fire up a web browser to download a 5-10gb ISO image to do a
> system install.
>
>
> Chris> ------------
>
> Chris> SSHFS Optimization
>
> Chris> Also - I referred to using sshfs internally for myself to my NAS, and
> Chris> some optimizations for it. This is my current alias to mount it:
>
> Chris> sshfs -o cache=yes -o kernel_cache -o Ciphers=aes128-ctr -o
> Chris> Compression=no -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o
> Chris> reconnect -C -o idmap=user server: /mymountpoint
>
> Chris> I got a few of the recommended switches from this article that finally
> Chris> convinced me to just forget about NFS:
>
> Chris>https://blog.ja-ke.tech/2019/08/27/nas-performance-sshfs-nfs-smb.html
>
> This is a great set of info, because I too have used sshfs at times
> but cursed to slow speed. I'll definitely try this out. It would be
> nice if the windows client also supported these options as well at
> times.
>
>
> Cheers!
> Joohn
> _______________________________________________
> WLUG mailing list --wlug(a)lists.wlug.org
> To unsubscribe send an email towlug-leave(a)lists.wlug.org
> Create Account:https://wlug.mailman3.com/accounts/signup/
> Change Settings:https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/
> Web Forum/Archive:https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org…
I stepped out when the QUIC discussion was going on. This is a good article written by Geoff Huston.
Enjoy
Patrick
https://www.potaroo.net/ispcol/2022-11/quicvtcp.html
From: Tim Keller via WLUG <wlug(a)lists.wlug.org>
Reply-To: Worcester Linux Users' Group General Discussion <wlug(a)lists.wlug.org>
Date: Wednesday, November 9, 2022 at 11:54 PM
To: John Stoffel <john(a)stoffel.org>
Cc: Worcester Linux Users' Group General Discussion <wlug(a)lists.wlug.org>, Tim Keller <turbofx(a)gmail.com>
Subject: [WLUG] Re: Reminder: Wlug meeting November 9th: Location: Rec Center Rm 61
Hey everybody! So the meeting was good, but we need to work some kinks out with the A/V.
The video was good, but the audio was definitely something to be desired.
I'm going to work on getting some better omni directional mics for future meetings.
Beyond that we had a very interesting conversation about the future of wifi with the 6e and 7 standards.
We also delved a bit into some FOSS alternatives to popular commerial products like discord and options for unencumbered music players.
Later,
Tim.
On Wed, Nov 9, 2022, 4:56 PM Tim Keller <turbofx(a)gmail.com<mailto:turbofx@gmail.com>> wrote:
Tonight is also going to be a test of my A/V setup. I've got a dedicated laptop, with tripod and webcam.
Thanks,
Tim.
On Wed, Nov 9, 2022 at 3:39 PM John Stoffel <john(a)stoffel.org<mailto:john@stoffel.org>> wrote:
>>>>> "Tim" == Tim Keller via WLUG <wlug(a)lists.wlug.org<mailto:wlug@lists.wlug.org>> writes:
> We've got a meeting on Wednesday November 9th!
> Location: Recreation Center Rm 61. This is not our usual location!! This is the big "gym" building
> on the quad.
> Virtual Location: https://meet.jit.si/WlugMA
> Topic: Heartbleed, Linux kernel 6.0 getting rusty! FOSS pi based music player.
> Time: 7pm
> Snacks and refreshments will be provided and we'll do dinner afterwards!
I can't make it, I've got scouts and thetre rehearsal. Enjoy all!
--
I am leery of the allegiances of any politician who refers to their constituents as "consumers".
>>>>> "Joel" == Joel <joelgroup(a)gmail.com> writes:
> WLUG on 15th is good here. Joel
Offhand I don't see any problems with the 15th either. But life might change.
WLUG on 15th is good here. Joel
On November 10, 2022 5:07:16 PM Tim Keller via WLUG <wlug(a)lists.wlug.org> wrote:
> I was just looking at Best buy has a free standing omni directional microphone for $50 bucks. That's definitely within my budget.
>
> So the December meeting isn't going to work on the second Thursday of the month because it directly conflicts with Christmas concerts.
> We *could* do the 15th if that would work with everybody.
>
> Tim.
>
>
> On Thu, Nov 10, 2022 at 4:57 PM John Stoffel <john(a)stoffel.org> wrote:
>>>>>> "Tim" == Tim Keller <turbofx(a)gmail.com> writes:
>
>> Hey everybody! So the meeting was good, but we need to work some
>> kinks out with the A/V. The video was good, but the audio was
>> definitely something to be desired.
>
> Sorry I missed the meeting, hopefully I'll be there in December.
> Let's nail down a date/time/place early if we can! Wednesday doesn't
> really work for me though...
>
>> I'm going to work on getting some better omni directional mics for future meetings.
>
> One of those flat mics that sit on the desk/floor might be a good
> idea. Or an old plantronics or whatever the name of the octopus like
> three armed conference call phones was called.
>
>> Beyond that we had a very interesting conversation about the future
>> of wifi with the 6e and 7 standards.
>
>> We also delved a bit into some FOSS alternatives to popular
>> commerial products like discord and options for unencumbered music
>> players.
>
> I've beeen hearing alot of murmurs about Mastodon as an alternative
> for Twitter (which I never use) in some cases. I'm just enjoying
> watching the dumpster fire over there.
>
> Elon is a smart smart engineer, but he's also a doofus.
>
> John
>
>
>
> --
>
> I am leery of the allegiances of any politician who refers to their constituents as "consumers".
> _______________________________________________
> WLUG mailing list -- wlug(a)lists.wlug.org
> To unsubscribe send an email to wlug-leave(a)lists.wlug.org
> Create Account: https://wlug.mailman3.com/accounts/signup/
> Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/
> Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/2QRBB…
I was just looking at Best buy has a free standing omni directional
microphone for $50 bucks. That's definitely within my budget.
So the December meeting isn't going to work on the second Thursday of the
month because it directly conflicts with Christmas concerts.
We *could* do the 15th if that would work with everybody.
Tim.
On Thu, Nov 10, 2022 at 4:57 PM John Stoffel <john(a)stoffel.org> wrote:
> >>>>> "Tim" == Tim Keller <turbofx(a)gmail.com> writes:
>
> > Hey everybody! So the meeting was good, but we need to work some
> > kinks out with the A/V. The video was good, but the audio was
> > definitely something to be desired.
>
> Sorry I missed the meeting, hopefully I'll be there in December.
> Let's nail down a date/time/place early if we can! Wednesday doesn't
> really work for me though...
>
> > I'm going to work on getting some better omni directional mics for
> future meetings.
>
> One of those flat mics that sit on the desk/floor might be a good
> idea. Or an old plantronics or whatever the name of the octopus like
> three armed conference call phones was called.
>
> > Beyond that we had a very interesting conversation about the future
> > of wifi with the 6e and 7 standards.
>
> > We also delved a bit into some FOSS alternatives to popular
> > commerial products like discord and options for unencumbered music
> > players.
>
> I've beeen hearing alot of murmurs about Mastodon as an alternative
> for Twitter (which I never use) in some cases. I'm just enjoying
> watching the dumpster fire over there.
>
> Elon is a smart smart engineer, but he's also a doofus.
>
> John
>
--
I am leery of the allegiances of any politician who refers to their
constituents as "consumers".
>>>>> "Tim" == Tim Keller <turbofx(a)gmail.com> writes:
> Hey everybody! So the meeting was good, but we need to work some
> kinks out with the A/V. The video was good, but the audio was
> definitely something to be desired.
Sorry I missed the meeting, hopefully I'll be there in December.
Let's nail down a date/time/place early if we can! Wednesday doesn't
really work for me though...
> I'm going to work on getting some better omni directional mics for future meetings.
One of those flat mics that sit on the desk/floor might be a good
idea. Or an old plantronics or whatever the name of the octopus like
three armed conference call phones was called.
> Beyond that we had a very interesting conversation about the future
> of wifi with the 6e and 7 standards.
> We also delved a bit into some FOSS alternatives to popular
> commerial products like discord and options for unencumbered music
> players.
I've beeen hearing alot of murmurs about Mastodon as an alternative
for Twitter (which I never use) in some cases. I'm just enjoying
watching the dumpster fire over there.
Elon is a smart smart engineer, but he's also a doofus.
John
No worries. We did more talking about a whole range of stuff including the
new wifi standard stuff than the pi music player.
Also, if you did show up virtually, you'd have been frustrated. The room
was way too big for the dinky mic I brought.
I'm going to have to buy a good omni mic that I can put on a tripod in the
middle of the room. Possibly a lav mic for the person speaking as well.
Next month we will have a more organized presentation. Keegan, one of the
guys who's new to the group had a bunch of great suggestions so it'll be a
much better presentation for it.
In talking to the people in the room, the idea of a stand alone FOSS music
player was appealing to everybody.
Also, John redoing his KiCAD demo was of interest as well.
Tim.
On Thu, Nov 10, 2022 at 8:19 AM hammerron via WLUG <wlug(a)lists.wlug.org>
wrote:
> I did want to get there, and in particular wanted to hear about the FOSS
> pi based music player. Was all set to go and life got in the way at the
> last minute. Hope it went well
>
> On 11/9/22 15:39, John Stoffel via WLUG wrote:
> >>>>>> "Tim" == Tim Keller via WLUG <wlug(a)lists.wlug.org> writes:
> >> We've got a meeting on Wednesday November 9th!
> >> Location: Recreation Center Rm 61. This is not our usual location!!
> This is the big "gym" building
> >> on the quad.
> >> Virtual Location: https://meet.jit.si/WlugMA
> >> Topic: Heartbleed, Linux kernel 6.0 getting rusty! FOSS pi based music
> player.
> >> Time: 7pm
> >> Snacks and refreshments will be provided and we'll do dinner afterwards!
> > I can't make it, I've got scouts and thetre rehearsal. Enjoy all!
> > _______________________________________________
> > WLUG mailing list -- wlug(a)lists.wlug.org
> > To unsubscribe send an email to wlug-leave(a)lists.wlug.org
> > Create Account: https://wlug.mailman3.com/accounts/signup/
> > Change Settings:
> https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/
> > Web Forum/Archive:
> https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/CFGXW…
> _______________________________________________
> WLUG mailing list -- wlug(a)lists.wlug.org
> To unsubscribe send an email to wlug-leave(a)lists.wlug.org
> Create Account: https://wlug.mailman3.com/accounts/signup/
> Change Settings:
> https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/
> Web Forum/Archive:
> https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/D2X7C…
>
--
I am leery of the allegiances of any politician who refers to their
constituents as "consumers".