Klaus Knopper answers your Linux questions
Klaus looks at problems with VNC-based shared desktops and a frozen screen with an Nvidia card.
VNC-Based Shared Desktop
Hi Klaus: I was asked to provide a generic method of remote desktop sharing on a fairly complex environment. The servers in this environment are running Fedora 19/20 with LightDM as the desktop manager and a variety of desktop environments available on each server (Gnome/KDE/LXDE/Xfce/Openbox) with TigerVNC as the VNC server/client.
I need each VNC session to go through system authentication via LightDM (I skip VNC passwords by setting the Xvnc option
-SecurityTypes None), but I want to be able to connect to existing sessions. I've tried to tackle this problem two different ways.
1. I managed to set up a shared Xvnc inetd service, but once the user goes through the initial LightDM authentication, any additional connections log in to the existing session WITHOUT any authentication (i.e., I can't get them to authenticate via LightDM). This, of course, is completely unacceptable from a security standpoint. I can work around the problem by forcing the VNC server to accept connections from localhost only and then from the client side use SSH local port forwarding to the VNC session, thus forcing people to authenticate via SSH, but I'm looking for a solution rather than a workaround.
Buy this article as PDF
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.