Unix

How to Fast VNC alternativ to Remote Desktop to a Mac using NoMachine

March 24, 2010 in Computer, Mac, Network, Software, Unix

I am a very happy Mac OS user with a Mac mini and a MacBook Pro coming soon, but one things I really miss about Mac OS X is the lack of a fast and standards based remote desktop solution. The VNC server built into Mac OS X isn’t really compatible with all clients, and I still haven’t figured out if it’s possible to run it with a different resolution and color depth than the real screen!!!

But, I recently re-discovered a solution I got to know in my Linux time on a desktop: NoMachine. You’ll need a server running a recent Linux distribution or OpenSolaris which will act as a kind of a proxy and the setup is a bit complex, but it does work well. I’ll show you how to do it running Ubuntu Lucid.

First go to http://www.nomachine.com/select-package.php?os=linux&id=1 select your architecture and download all three files: client, node and server.

Then install them in the following order, fix the missing dependecies and install a vnclient plus vncpassword:

sudo dpkg -i nxclient_3.4.0-7_x86_64.deb
sudo dpkg -i nxnode_3.4.0-11_x86_64.deb
sudo dpkg -i nxserver_3.4.0-12_x86_64.deb
sudo aptitude -f install
sudo aptitude install xvnc4viewer vnc4-common

Since it’s really advisable I hope you already have PasswordAuthentication no in your sshd_config to disable Password authentication and to only allow key-based authentication. You’ll need to tweak nxserver a bit to get it working with key-based auth. Edit /usr/NX/etc/server.cfg to…

EnablePasswordDB = "1"

…edit the following line in /usr/NX/etc/node.cfg to enable VNC…

CommandStartRFB = "/usr/bin/vncviewer -fullscreen"

…create a key for your key-based authentication and restart nxserver.

sudo /usr/NX/bin/nxserver --keygen
sudo service nxserver restart

Your new key is placed at /usr/NX/share/keys/default.id_dsa.key. Copy it the device you want to connect from using scp or similar tools. Now all you need to do is enable the users you wan’t in nxserver:

sudo /usr/NX/bin/nxserver --useradd <user>

This enables the user in NX’s database and copies the previously generated key to the user’s authorized_keys file.

Now just enable VNC on your Mac. Go to “System Preferences”, select “Sharing” and enable “Screen Sharing”:

Now you’ll need to configure your client. Read more…

2009’s Virtualization Techniques Compared

June 4, 2009 in Computer, Hardware, Network, Security, Software, Unix

Hi folks, before we get started a small explanation of my setup and why I want to replace it.
My small home server runs Xen 3.3 with Ubuntu Intrepid, a Debian Xen kernel and the guests on LVM devices. Guest OSs vary from Debian over Solaris to Windows. I built the server last year, but sadly I’m already running out of HDD space and want to upgrade soon. I also want to re-install the Dom0 because Intrepid doesn’t run very well: USB doesn’t work with all devices, there are some bugs in the start-up scripts and I have trouble with the ttys.
A lot has changed since I last fiddled with virtualization so I used this weeks bad weather to compare the current status of all those virtualization systems.
Because there are so many different needs, there are many specialized solutions for desktop and server virtualization. Open-Source, free or commercial ones.

I use VirtualBox on my workstation because it’s free, fast, easy to use and runs very very well. I’ve used the VMware products earlier on Linux and Windows until they became too feature-rich, slow and sometimes even buggy for me. But this post is not about desktop virtualization, it’s about open-source (or free) server virtualization.

VMware Server, VMware ESXi, Microsoft Hyper-V, VirtualBox, Xen and KVM are the ones I’ve tried. There is also Virtuozzo, OpenVZ, UML and so on, but these are more like chroots on steroids. Continue reading to see what I liked and what I didn’t like about them.

Read more…

My Backup Strategy

January 3, 2009 in Computer, Software, Unix

Now that a new year is here I really need to finish some points of my To-Do list! Here we go…
As I said few weeks ago, maybe a little bit delayed, here comes how I backup all my stuff. This post is not a how-to. It’s just a configuration example. If you want a howto use this link. :D Read more…

How to Windows Live Messenger and Webcam through OpenBSD and PF

December 31, 2008 in Computer, How-To, Security, Software, Unix, Windows

bsd1Windows Live Messaging is cool! All the others just suck! – At least that’s what almost everyone I know tells me. I mean… it has nice features, but it uses such a complex protocol that I don’t even want to think about security.

During the Christmas time I visited my family and one evening I wanted to talk to a cousine  using MSN and my Dell XPS M1530′s Webcam, but HELL this crappy SoHo router I was connecting through made it impossible to get a picture of her on my screen or to send her mine. Back home we wanted to try again… I know it worked before, but it wasn’t reliable. Sometimes it worked, sometimes not. Mhhh…. I set up my OpenBSD 4.2′s PF “firewall” about a year ago:

rdr on $ext_if proto tcp from any      to ($ext_if) port 5190 10.1.16.11
rdr on $ext_if proto tcp from any      to ($ext_if) port 1863 10.1.16.11
rdr on $ext_if proto tcp from any      to ($ext_if) port 6891:6901 10.1.16.11
rdr on $ext_if proto udp from any      to ($ext_if) port 5190 10.1.16.11
rdr on $ext_if proto udp from any      to ($ext_if) port 1863 10.1.16.11
rdr on $ext_if proto udp from any      to ($ext_if) port 6891:6901 10.1.16.11

Actually I thought that’s it (according to portforward.com), but it seems like it isn’t. I then googled around a bit… found a lot of outdated information and then came across a few newer posts which stated that UPNP is important for the full Live Messenger “experience”. :(

O.K. another short google: MiniUPNPd. Runs on most BSDs and even supports Linux’s iptables. So I downloaded and installed it according to the INSTALL file included in the tarball. In short, just do: make, make install, add rdr-anchor miniupnpd and anchor miniupnpd to your pf.conf, reload pf.conf, setup miniupnpd.conf or start with miniupnpd -i <yourextif> -a <yourinternalip>. That’s it.

To test if it’s working I found http://www.microsoft.com/windows/using/tools/igd/default.mspx (GRML! requires Windows, Internet Explorer and admin privileges) to be pretty useful. The UPNP test passed successfully. Aaaaand… et voilà she could see me and I could see her.

BUT the price of this is decreased security. Any crappy program could now modify my firewall ruleset!!! I am not going to write about UPNP security (just because I am not very familiarly with it), so if you’re curious read this post. But on the other hand, if you already have malware on your computer that wants to open ports in your firewall… you have other problems.

P.S. i know that’s the FreeBSD devil in the upper left, but I haven’t found anything better……..

How to Setup WebDAV and MySQL Authentication using Apache2

November 15, 2008 in Computer, How-To, Software, Unix

FTP is depracted. It’s been designed back in the days when the Internet consisted only of a few Computers. It’s not Firewall friendly (there are some hacks to get it through today’s Firewalls though) and should not be used any longer. Especially because the standard FTP protocol sends your password in clear-text across the net. Read more…

How to Backup MySQL using AutoMySQLBackup

November 14, 2008 in Computer, How-To, Unix

Have you ever had a hard disk or server failure and lost important docs? Well… I had.

I’ve been looking for a MySQL backup solution for a few days now, found many scripts, but only one that fits all my needs (Separated daily/weekly backups of all my databases, automatic backup rotation and network support): AutoMySQLBackup. Read more…

Christian KildauHi, my name is Chris. I am a wannabe photog, traveler & geek that lives in Hesse, Germany.

more about me...

PayPal - The safer, easier way to pay online!
Please consider supporting me


My flickr Fotos

Sponsoring

Advertise here Advertise here Advertise here Advertise here