-
-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposed enhancements to the TurboVNC Session Manager #148
Comments
This commit modifies the SessionList() function in vncserver so that it prepends the session list with a session count and field size and separates fields with tabs instead of spaces. The field size is currently 1 but can be increased later, if we decide to add more session information to the -sessionlist output. That session information can now easily contain spaces as well, since we're using tabs as field separators. This commit also modifies the Session Manager parser so that it reads and verifies the session count and field size, as well as (for future-proofness) ignores any fields other than the ones it needs. Refer to #148
Although this is not a supported or documented configuration yet (refer to #148), there are some workflows for which it is useful. Caveats: When using an external SSH client with the TurboVNC Session Manager, the built-in SSH client will still be used for the Session Manager itself. The external SSH client will only be used when connecting to a session. Thus, two separate SSH sessions will remain open (one from the built-in SSH client and one from the external SSH client) as long as the connection is active. Also, if public key authentication is not used, then it will be necessary to authenticate twice with the SSH server. Fixes #321
Following up on #393, a great enhancement to the Session Manager would be to fully support ProxyCommand/ProxyJump in the vncviewer configuration, that is, to ssh into a host behind another ssh host and launch vncserver. Currently I use x2go to do this which has a full proxy configuration: |
Two basic problems with implementing external SSH client support in the Session Manager:
Frankly, that system seems more fragile than I would prefer. |
This is another one of those issues that I post in order to try to elicit ideas for funded development.
Proposals for enhancing the TurboVNC Session Manager
### Handle separate gateway and VNC hostThe TurboVNC Session Manager currently only supports simple deployment scenarios-- scenarios in which the TurboVNC host and SSH gateway are the same machine. It is conceivable that it could be extended to work like the-via
option, whereby the viewer connects to the SSH gateway and then uses it to connect to the TurboVNC host. This would, however, require some effort (and funding), and it's the sort of project on which I would want to work closely with an organization that could actively test the feature.Handle external SSH clients
It is also conceivable that the TurboVNC Session Manager could be extended to support external SSH clients, which might be beneficial for certain organizations (I'm thinking mainly of organizations that use Kerberos or another SSH authentication mechanism that our embedded SSH client doesn't support.)
Support sessions that are listening on Unix domain sockets
This is straightforward but would require extending the TurboVNC Session Manager protocol so that
vncserver -sessionstart
andvncserver -sessionlist
report both the X display of the session as well as its Unix domain socket path. The TurboVNC Session Manager would need both pieces of information in order to successfully generate an OTP for and connect to a session that is listening on a UDS. Since UDS support requires an external SSH client, this item depends on the item above.Provide additional session information
Referring to #211, it should be possible for the Session Manager to determine information about the TurboVNC sessions (such as uptime and number of viewers connected) that might help distinguish them. The uptime information could be determined by parsing /proc in the vncserver script. Connected session information could be stored by the RFB server using an X atom, which could be read by the vncserver script.
Better noVNC integration
This may not be very important, because if someone is using the TurboVNC Session Manager, they probably aren't using noVNC. However, it would be nice-- for collaboration purposes-- if the Session Manager could parse the output of the vncserver script to determine the noVNC URL, generate a new OTP for the session, append the OTP to the noVNC URL, and provide a dialog box with a hot link to launch the client-side browser and point it to that URL (or copy the URL to the clipboard.) That would allow a TurboVNC user to very easily share their session with a colleague who doesn't normally use TurboVNC.
Admin interface
Conceivably, a set of scripts could be developed that wrap
sudo
andvncserver
in order to make it easy for a SysAdmin to manage all TurboVNC sessions running on the host. These scripts need not necessarily be part of the TurboVNC package itself.The text was updated successfully, but these errors were encountered: