Computing help and supportX Windows System
X windows programs (like xclock and the programs on the Teaching System, etc) don’t put graphics directly onto the screen. They need to have another program – an X server – running. Programs like xclock tell the X server what to do using commands that are part of the X protocol. These commands might be just a few bytes long, almost as simple as “draw a line from (10,10) to 30,10)”. The X server interprets these commands, using the current settings of line-thickness, color, etc to produce graphics. Note that xclock and the X server needn’t be on the same machine.
This approach is flexible network-wise, and remote working is simple, but the X server’s quite a complicated program. The protocol messages might be compact for some actions, but bulky for others.
VNC
An alternative strategy is used by VNC, which essentially keeps copying screendumps over from a virtual screen on the remote machine to the screen you’re sat at. It does this efficiently, so that only modified areas of the screen are copied over. An extra program needs to run on the distant machine and on the local machine, but these needn’t be too complex. Because VNC only deals with the end product – the graphics – it doesn’t care how the graphics are produced. Some kinds of graphics will produce more network traffic with X11 than with VNC, and some less.
Networks and Security
Some of our machines are only available from within CUED. Some are only available within the cam.ac.uk domain. You need to be aware of these restrictions when trying to work remotely. Note also that gate is a general name for more than one machine – if you access gate twice you may be using 2 different machines.
Machines communicate by sending messages to numbered input ‘sockets’ (called ‘ports’). VNC communicates on “TCP ports 5900-5906”. These are often blocked by firewalls (firewalls are security programs that might be on your machine or might be run by the college). The trick is to use “ssh tunnelling”. ssh encrypts information and uses port 22, which is rarely blocked, to “tunnel” through the firewall. This means that if you can use ssh to get into a machine, you can use VNC. The encryption involves an overhead. The less that’s transmitted, the less that needs coding and decoding.
Both X11 and VNC approaches should only be used with encryption.
Screen Management
Do you want the remote machine’s output to take over your whole screen, or should the remote screen be a window on the local desktop? Sometimes you have no choice. Both options have their problems.
- It’s good to have a local window manager – you don’t want a time-delay when trying to move windows around.
- Having one window manager working on the main desktop and another window manager working in an embedded desktop can be very confusing
Advanced/Specialist features
See also Wikipedia’s Comparison of remote desktop software
VPN
VPN (Virtual Private Network) provides secure access over public telecommunications infrastructure. When you have successfully created a VPN connection to the department you should then be able to connect to internal local resources as if your machine were on the departmental network.