New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Best way to securely run remote linux desktop on a dedi
I would like to ask for your advise on this. For servers, I use Linux. But for remote desktop environments, I use RDP with Duo.
I just got a KS-LE with 2 4TB disks. I plan to use this machine as a remote desktop. I can install Windows on it but can only utilize 2 TB on the boot disk (even if it's a GPT installation) because of legacy boot. Any easy setup for remote desktop for Linux? What distro would you recommend? And how can I securely access it from a client running on Windows?
Comments
Take a look at this.
KasmVNC - Linux Web Remote Desktop.
Modern VNC Server and client, web based and secure
https://github.com/kasmtech/KasmVNC
Set up a VNC server and listen on 127.0.0.01 only. Then you will use SSH port forwarding to connect to it.
This. 127.0.0.1 correction.
And for safe measure which is over kill, make sure firewall does not accept direct vnc connections on the port (paranoia and not necessary).
Use ssh key as well to auth of course.
Here is what you need to do for a perfectly working ultra fast remote linux desktop experience:
1- prepare your server with anykind of ubuntu-server / minimal install your provider offers:
then on your server:
create a sudo user in your server before next steps:
on your home client pc:
if running windows: download and install:
if running linux:
select xubuntu as your desktop on drop down x2go client menu.
connect to your server ip:22 with your sudo user
enjoy!
I'd always recommend this script that I wrote last year. https://github.com/Har-Kuun/OneClickDesktop
It sets up xrdp on a Linux server in 1-click. You can access your desktop not only from an RDP client software, but also directly from your web browser.
It also comes with a plugin that easily sets up audio redirection, such that you can play videos and songs on your remote desktop.
https://github.com/Har-Kuun/OneClickDesktop/tree/master/plugins/Audio
Honestly, I don’t know exactly how secure it is, but I run LXDE under Debian, with NX to handle the Remote Desktop part.
Connections are protected via firewall rules to only permit connections to the NX port from a small set of IP addresses that are under my control.
The basis came from a Remote Desktop setup script that a member here put together several years ago, I’ve pulled it apart and it’s down to about 7 commands now, one day I’ll stop being lazy and properly automate it.
Windows OS can see and use both the disks
1.8 TB x 2
I like also the x2go way.
As long as you use a safe password, you don't need any sort of firewall/whitelisting for this.
It's really simple.
Would this be faster than xrdp/any noticeable advantage over xrdp?
>
If your ping times to your server is below or around 20ms this is the best possible remote desktop experience you will get.
Copy and paste isn't automation enough?
Nice! I've been using this for a year or so now on an LXC container on a Proxmox box and it's been awesome, thanks for your work!
It's great to know that someone from LET created it too.
Thanks for the kind words
Nope,
See : https://github.com/NARKOZ/hacker-scripts
xxx: OK, so, our build engineer has left for another company. The dude was literally living inside the terminal. You know, that type of a guy who loves Vim, creates diagrams in Dot and writes wiki-posts in Markdown... If something - anything - requires more than 90 seconds of his time, he writes a script to automate that.
xxx: So we're sitting here, looking through his, uhm, "legacy"
xxx: You're gonna love this
xxx: smack-my-bitch-up.sh - sends a text message "late at work" to his wife (apparently). Automatically picks reasons from an array of strings, randomly. Runs inside a cron-job. The job fires if there are active SSH-sessions on the server after 9pm with his login.
xxx: kumar-asshole.sh - scans the inbox for emails from "Kumar" (a DBA at our clients). Looks for keywords like "help", "trouble", "sorry" etc. If keywords are found - the script SSHes into the clients server and rolls back the staging database to the latest backup. Then sends a reply "no worries mate, be careful next time".
xxx: hangover.sh - another cron-job that is set to specific dates. Sends automated emails like "not feeling well/gonna work from home" etc. Adds a random "reason" from another predefined array of strings. Fires if there are no interactive sessions on the server at 8:45am.
xxx: (and the oscar goes to) fucking-coffee.sh - this one waits exactly 17 seconds (!), then opens a telnet session to our coffee-machine (we had no frikin idea the coffee machine is on the network, runs linux and has a TCP socket up and running) and sends something like sys brew. Turns out this thing starts brewing a mid-sized half-caf latte and waits another 24 (!) seconds before pouring it into a cup. The timing is exactly how long it takes to walk to the machine from the dudes desk.
xxx: holy sh*t I'm keeping those
Original: http://bash.im/quote/436725 (in Russian)
Pull requests with other implementations (Python, Perl, Shell, etc) are welcome.
thats fucking hilarious
I use nomachine. It's close enough to x2go but I enjoy the UX and automatic handling of the client a bit more. It and x2go being the best performing for Linux, comparable to RDP for windows.
I would setup a wireguard server, (great info here, @yoursunny posted a quick tutorial there) and then have a VNC server listening on the wgX (wireguard) adapter.
Add firewall rules for..., fun maybe?
Clearly, it’s enough for me as I’ve been doing it for about 5 years…..
I've been putting off writing scripts or implementing some other form of automation for years but now I don't feel so bad about just having a clusterfuck of code snippets that I just copy and paste.
Standard Notes is my Ansible.
We are truly brothers from another mother, I have everything stored in Standard Notes.
I'm not sure how I ever functioned without it. Running it vanilla as I was too cheap to buy the lifetime and now the price went up. Time to add it to my self-hosted collection I suppose.
I regret not going lifetime during last year’s BF sale, it was a great price but it was that or a lifetime PlexPass. I may go for the lowest tier of yearly sub to support the devs now as that should do what I need.
Notesnook is another alternative
Thanks for the suggestions guys, I'll try all of it when I have the time and choose the best one for me. Rendering on the QT app on Windows leaves some trail on x2go and that puts me off. That's its so far for me, I have yet to try your setup/configs, I might have a better experience using your setup.
Sounds dirty.
personally im using nomachine or anydesk imo its way faster than vnc even with 250ms ping