Vino, Vinagre, VNC

Another bit of lore that I don’t use often, manage to forget, and end up having to figure out again from time to time:

Vinagre is obsolete. This was the name of the previous built in remote viewing client in gnome (and therefore, for my purposes, in both Ubuntu and Fedora). It will operate as a VNC client (i.e. enable opening windows to VNC servers), but also an RDP client and will even pop up a terminal window for an SSH session. .

Remmina is the new remote viewing client, replacing Vinagre.

Vino is the name of the built in VNC server. This is launched when you invoke the “desktop sharing” preference and enable “allow other users to view your desktop”. Your gnome instance sprouts a vino server listening on 5900, giving (possibly password protected) access to the existing desktop to any vnc client that can reach port 5900. A remote user attached in this way is sharing the desktop with the user seated at the “console”. When either moves the mouse, both will see the cursor move on the the display.

Realvnc, Tightvnc, Tigervnc, Ultravnc are all different forks of the original VNC. Realvnc was the first, from the original devlopers. Tightvnc developed improvements in the encoding (tight encoding) if both ends are tightvnc. Tigervnc seems to be a Fedora fork of tightvnc. All will work with other, but some improvements only kick in if both ends share the improvement.

Xvnc in linux (as installed with the tigervnc package) is a little different animal. It is really a two-headed server, with an X server on one side and a vnc server on the other. The X server is an entirely separate virtual display than the console. There is no physical monitor anywhere, but applications can be started which open that X server and display upon it. On the other side, VNC clients are able to view and control the applications which are displaying on the X server. When the X server is launched, any X applications wanted can also be launched — including an entire gnome desktop environment (entirely independent of the gnome environment which might be running on the “console”, if there is one). Multiple users can have different desktop environments open, albeit using different network ports for each. VNC ports normally start at 5900, which vino attempts to use if it is enabled. So different remote users can use 5901, 5902, 5903… 

As a practical example, consider the Ubuntu box in my friends house. He has a box whose physical display is actually his giant television. He can control it with a keyboard and mouse in the living room, but for many administrative tasks that is inconvenient, and instead he uses a Windows box in a more comfortable location and opens a vnc client to the box. Now with his windows mouse, screen and keyboard he can control the ubuntu box. He is using the vino server, and communicating on port 5900. When he moves the mouse on his windows box, the cursor moves on the television.

Occasionally I attach to that box from my house through an ssh tunnel. If I try to connect to his vino server, the first issue is that I may be unsuccessful if he is already connected. Or if I am connected, and he tries to, he will fail. Even if he is not connected, since I will be controlling the desktop environment that is displayed on the television, I’ll be very disruptive if they are trying to watch XBMC.

Instead, I use an Xvnc connection. When I create the ssh tunnel I launch (through ssh) an Xvnc environment (using command “vncserver :5 -geometry 2560×1440”. The “:5” says use port 5905. The geometry matches the screen at my house). Then I create an ssh tunnel connecting port x in my house to port 5905 on his box, where the new Xvnc environment is listening, and connect my local vnc client (vinagre, or something else) to localhost:x (e.g. localhost:5901) . In my login directory on his box there is a directory .vnc containing a file “xstartup” which is used by the vncserver command, when launching Xvnc, to specify what X client applications should be started as clients of the new X server. This is a bash script that says:

on his Ubuntu Oneiric box:

#!/bin/sh
unset SESSION_MANAGER
exec sh /etc/X11/xinit/xinitrc “gnome-session –session=ubuntu-2d”

on another Fedora13 box of mine:
#!/bin/sh
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc

In the case of the more modern ubuntu instance, it is necessary to instruct gnome-session not to try to start the new gnome shell that requires a more capable graphics card for fancy effects.

This launches an entire gnome session in the new X server. When I connect my remote desktop viewer (vinagre) to localhost:5901 I get a nice, new gnome desktop, I log in, and Bob’s your uncle. My gnome desktop is entirely separate from whatever my friend is doing.

Encryption became an issue after installing Ubuntu 14.04 and Fedora 20. Some part of the VNC community has moved toward encryption of the channel, with TLS or elsewise. The tightvnc client on Windows (as of this writing) doesn’t support that, and refuses to connect to a server which requires encryption. There is no setting available in the Ubuntu GUI to change that. It can be reset with

gsettings set org.gnome.Vino require-encryption false

I can also see it with dconf-editor if I search for remote-access.