28.4. FreeNX: Linux as a Remote Desktop Server
Imagine X server technology with compression so tight that GNOME and KDE sessions run over modems with SSH encryption with impressive response time. FreeNX is an addition to the remote desktop line with stunning performance. Thin clients use small amounts of bandwidth while handling audio and video, printing, and other heavy applications, and permit the use of session suspension instead of termination. As long as you wish to primarily use Linux, FreeNX provides real virtual KVM switches without hardware.
FreeNX differs from both Windows RDP and VNC because it makes Linux the source of the applications people use. So if you want to set up a Linux server and provide OpenOffice.org or Firefox web browsers to remote users with minimal hardware, FreeNX would work for you. Also, if you have clients such as Windows 98 or Mac OS X, you can obtain free clients from http://nomachine.com to allow those platforms to connect and run those applications from the Linux server.
Using FreeNX server on Linux creates a secure environment for remote computing. Clients can run on Linux, of course, but FreeNX can also create X client sessions on various operating systems such as Windows and Macintosh without the need to install X. Clients also exist at the time of this writing for PlayStation2, iPAQ, and Zaurus 5XXX.
System administrators like FreeNX because they can control the features and content available to their users. They can also see and operate every Linux server in their data centers with a single keyboard, video console, and mouse. They can do this without a hardwire switch or keyboard, mouse, and video cables. They can also display multiple windows on a single desktop and monitor many servers at once, which they can't do with a KVM switch beccause it is limited to one server at a time.
Gian Filippo Pinzari invented NX by taking the fat and insecure X client/server protocol and utilizing inventive compression to make it very thin. His company, NoMachine.com, released the code under the GPL license in 2003.
Let's see how to set up and use FreeNX. We use an example that utilizes two free Linux distributions, Fedora and Ubuntu. First, we install FreeNX on Ubuntu, after obtaining it from the Ubuntu backports community at http://backports.ubuntuforums.org. Follow the directions on the site and add the recommended mirrors to your /etc/apt/sources.list file. Then run apt-get install FreeNX to add FreeNX to your server.
Once installed, add a user, as shown in Figure 28-14.
Following the setup, if you log out and log back in, you will see FreeNX added to the Applications menu under Internet. See Figure 28-15.
Next, obtain and install the RPMs for Fedora from http://fedoranews.org/contributors/rick_stout/freenx. Be sure to install both the client and the server. Again, add yourself as a user.
Client configuration involves running a wizard. As the wizard says, "The most important part of the initial connection is the key file. This file, client.id_dsa.key, must be copied from the server to your client machine." Following these directions, I executed the following commands:
bash-3.00# scp /var/lib/nxserver/home/.ssh/client.id_dsa.key email@example.com:~/
Figure 28-14. Adding users to the FreeNX server
Figure 28-15. FreeNX on the menu
The authenticity of host '192.168.1.109 (192.168.1.109)' can't be established. RSA key fingerprint is 40:54:e3:c9:5e:81:39:2d:ac:70:b9:bf:44:a9:ec:a8. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.109' (RSA) to the list of known hosts. Password: password entered here client.id_dsa.key 100% 672 0.7KB/s 00:00 bash-3.00#
Once you accomplish these tasks, you should be able to use the FreeNX server to connect as a remote client and see a complete Linux session. If you run into any problems, many support sites exist on the Internet to assist you. You can also find answers on the FreeNX mailing lists or in its archives at http://developer.berlios.de/projects/freenx.
FreeNX opens sessions quickly. You will also notice that FreeNX can suspend sessions rather than close them. When you resume a suspended session, the client revalidates but still resumes midsession, at the point where you left off. Although this is not a stateless session in the purest terms, it does save bandwidth; see Figures 28-16 and 28-17.
Figure 28-16. Resuming a session from Fedora to Ubuntu
FreeNX has many advantages for Linux uers. It provides an excellent and free thin client environment. It's fast, and it uses a proven encryption methodology (OpenSSH) that has made it through major FIPS 140 criteria tests in source code form. FreeNX also is available for most commercial Linux distributions. Free distributions of Linux such as the Fedora Project and Ubuntu have extensive community support.
Figure 28-17. Running a FreeNX session on Ubuntu with the server on Fedora Core 3
Finally, FreeNX can use a Linux server as a proxy to VNC and RDP servers. Run either vcnviewer or rdesktop on the Linux server and use those remote applications to start a Windows session. By using FreeNX, you speed up the VNC sessions, encrypt them, and provide broader access to Windows applications through RDP.