it may be the current political climate of the country I’m living it, but kernel level remote access makes me feel inherently less secure. Don’t get me wrong, I never intend to give up my dumb terminal as my only way to use my computer either.
Sure. It risks introducing vulnerabilities. It needs to be implemented very carefully. I think a built in version, with security in mind, is a lower risk than relying on users to implement their own solution, and risk them picking the wrong one or setting it up incorrectly.
Every user convenience introduces vulnerabilities. The users are the weakest link in every system. It’s a balancing act, and one I don’t think Linux has ever balanced well for usability. But server core has shown there’s no reason for the service to be on by default. There’s much more dangerous Linux features that are switched on by default configs, like root logins and password authentication, so let’s not pretend Linux has ever taken a hard line on this.
I wasn’t trying for any ‘gotcha’ moment or anything, my paranoia is just particularly high these days. I apologize if my open rambling about my personal distrusts has caused you undue stress.
Yeah, I know. Same on Windows Server Core I believe, but the option is in there to enable it.
I admit I don’t know the technical details well enough. But I know the user experience difference is ridiculously bad trying to remote into Linux. My workflow now is mostly using my tablet and remoting. If Linux had better Remote Desktop protocol, it’d also be my go-to for a desktop experience. Right now, if I can’t use the terminal app for something, I’d rather just remote into a Windows box than feel like I’m using a computer from the 90’s with Linux Remote Desktop options.
In the old days we just used X over SSH (xforwarding) and only sent the single application over, no desktop need by running on the host (well technically client as X is backwords).
I know the user experience difference is ridiculously bad trying to remote into Linux.
It isn’t. There are lots of tools for this, including using RDP. It is really easy actually. It is a graphical front end tool on KDE.
The “bad” part is that the user must already be logged in and the desktop opened because that is how linux works.
Speaking of modern: I usually just use moonlight for streaming and sunshine for hosting between machines that are on the same network because it is so simple and available in Fdriod for Android devices. You can share apps or the desktop.
You CAN configure wake on lan and run a script to auto log in a user (with moonlight) if you wanted to use it with a machine that is off, but I can agree that that is a few extra steps.
I remember in college we had access to a Unix box via these computers that remoted into it. I don’t know the technical details, but I was able to log in with my account and it was presented as a GUI on my end. We used No Machine as the client if that’s relevant. I wonder how something like that can be set up.
I actually just tried moonlight/sunshine this past week for gaming, and I was disappointed. The interface is missing critical components that Steam link has. Makes it almost useless unless you have a keyboard attached in many cases.
But I hadn’t thought of using it for Remote Desktop into Linux. Sounds a lot better than No Machine. Thanks for the tip.
The biggest issue for me was their tvOS app. If you can’t tap the screen with three fingers, you can’t bring up alternate controls when you run into a problem.
Windows Server Core still has a window manager, just all it does show a command prompt very similar to the one in the usual Windows recovery environment.
I never mentioned vulnerabilities, I just wanted to point out that, RDP doesn’t really work without a graphical session, Windows Server Core gets around this by being a graphical session (although very basic).
Also I’m not sure, but I don’t think Windows handles RDP on the kernel level, it’s just nicely tied in with DWM and doesn’t have to deal with the multitude of window managers on Linux.
Handling RDP on the kernel level does sound like a bad idea security wise, but there should be a better way.
You… want remote desktop on kernel level?
The protocol, yes.
Odd, I specifically find the concept of this disturbing.
Yeah, I know suggesting UI and user experience improvements spooks Linux diehards.
it may be the current political climate of the country I’m living it, but kernel level remote access makes me feel inherently less secure. Don’t get me wrong, I never intend to give up my dumb terminal as my only way to use my computer either.
Sure. It risks introducing vulnerabilities. It needs to be implemented very carefully. I think a built in version, with security in mind, is a lower risk than relying on users to implement their own solution, and risk them picking the wrong one or setting it up incorrectly.
Every user convenience introduces vulnerabilities. The users are the weakest link in every system. It’s a balancing act, and one I don’t think Linux has ever balanced well for usability. But server core has shown there’s no reason for the service to be on by default. There’s much more dangerous Linux features that are switched on by default configs, like root logins and password authentication, so let’s not pretend Linux has ever taken a hard line on this.
I wasn’t trying for any ‘gotcha’ moment or anything, my paranoia is just particularly high these days. I apologize if my open rambling about my personal distrusts has caused you undue stress.
I’m looking through my comment, and I can’t imagine what you would interpret as undue stress or emotion.
This doesn’t work without a grapical session tho.
Yeah, I know. Same on Windows Server Core I believe, but the option is in there to enable it.
I admit I don’t know the technical details well enough. But I know the user experience difference is ridiculously bad trying to remote into Linux. My workflow now is mostly using my tablet and remoting. If Linux had better Remote Desktop protocol, it’d also be my go-to for a desktop experience. Right now, if I can’t use the terminal app for something, I’d rather just remote into a Windows box than feel like I’m using a computer from the 90’s with Linux Remote Desktop options.
In the old days we just used X over SSH (xforwarding) and only sent the single application over, no desktop need by running on the host (well technically client as X is backwords).
It isn’t. There are lots of tools for this, including using RDP. It is really easy actually. It is a graphical front end tool on KDE.
The “bad” part is that the user must already be logged in and the desktop opened because that is how linux works.
Speaking of modern: I usually just use moonlight for streaming and sunshine for hosting between machines that are on the same network because it is so simple and available in Fdriod for Android devices. You can share apps or the desktop.
You CAN configure wake on lan and run a script to auto log in a user (with moonlight) if you wanted to use it with a machine that is off, but I can agree that that is a few extra steps.
Those names. Moonlight is a gui for ghostscript for easy pdf-compression, too.
I remember in college we had access to a Unix box via these computers that remoted into it. I don’t know the technical details, but I was able to log in with my account and it was presented as a GUI on my end. We used No Machine as the client if that’s relevant. I wonder how something like that can be set up.
I actually just tried moonlight/sunshine this past week for gaming, and I was disappointed. The interface is missing critical components that Steam link has. Makes it almost useless unless you have a keyboard attached in many cases.
But I hadn’t thought of using it for Remote Desktop into Linux. Sounds a lot better than No Machine. Thanks for the tip.
What is missing? I have had no issues with it.
But you can use Steamlink as a remote desktop tool too. I do it all the time with my steamdeck in desktop mode.
The biggest issue for me was their tvOS app. If you can’t tap the screen with three fingers, you can’t bring up alternate controls when you run into a problem.
Ah, I have never messed with that. Of course Apple makes it hard, lol.
Windows Server Core still has a window manager, just all it does show a command prompt very similar to the one in the usual Windows recovery environment.
K. And what massive vulnerabilities have been introduced by that? I’ve seen no articles or sources backing that claim.
I never mentioned vulnerabilities, I just wanted to point out that, RDP doesn’t really work without a graphical session, Windows Server Core gets around this by being a graphical session (although very basic).
Also I’m not sure, but I don’t think Windows handles RDP on the kernel level, it’s just nicely tied in with DWM and doesn’t have to deal with the multitude of window managers on Linux.
Handling RDP on the kernel level does sound like a bad idea security wise, but there should be a better way.