Only show posts tagged with: metablogging, english, sotramont, francais, linux, ubuntu, geeky, web, python, django, screwtheman, spam sucks, vélo, akoha, hiring, chicago, pycon, cloud, consulting, quacks
Older posts:
- 2010
- 2009
- 2008
- 2007
Subscribe to the RSS feed for
mon petit blogue sans importance...
why i like google's NeatX announcement
Just saw a post on /. about Google releasing a Free NX server clone (Google Open Source Blog post), NeatX. That's good news for all - see below for why.
NX is quite neat technology. I've used VNC a lot (the free versions) in the past, but i've recently become interested in other remote desktop technologies as i'm working on different technologies in "the cloud" (specifically, in EC2) and one of the problems was how best to get non-technical people connect to the cloud servers. The thing is, they want to print and easily transfer files and such...
There are already some products that do this:
- Citrix supports printing and sound and shares, but it's windows-only on the server-side, and quite expensive
- VNC - the free versions (or even Free) - is easy to use and easy to tunnel, but doesn't do printing or shares or sound
- RealVNC's for-pay VNC *does* do those, however, but doesn't want to be tunneled - they seem to have decided that they can do auth and encryption better than ssh... (i hope i'm wrong; but they do do encryption in the product itself). Furthermore, they don't have a free version of this product, all you get is a timebomb trial. But, it does work very well, and i could indeed use shares and printers rather easily through the link.
- NoMachine's NX, on the other hand, is free to use non-commercially but you only get 2 concurrent sessions. But that's not time-limited. It supports sounds, printing and shares. I didn't try the sound part, but i could get shares and printing to work, as i remember. I do like *how* they did auth: they don't have a daemon on the server, and they didn't try to re-invent encryption. On the server, NX creates a user 'nx', who has no password but does have an ssh key. You distribute the key to those who need NX access to the machine. They'll also need an account of theirs of course, and you have full control over how their account gets authenticated. When you launch the nx client, it connects through ssh as nx. NX's shell is not bash or any other shell, it's an nx server program which negociates with the nx client and establishes the connection. Then, when the user is authenticated, the process su's to that user and starts the session script you want. It still means that a hole in the nx server code would be bad, but for attackers to use that hole, they'd still need the nx user's ssh key to get through to that process in the first place - using ssh as the encryption and first layer of auth is something i rather like.
- There is also a Free version of NX, but it's out of date and doesn't support sound, printing or shares - you might as well use VNC.
The reason i like google's announcement is that a better codebase, using a protocol that seems to be pretty well designed and already existing with other existing servers and clients you can test with, means that perhaps this will be the project that will implement the missing pieces in a Free product, finally. Particularly if indeed Google has Grand Master Plans for this piece of tech, which would be something like using it so that your "GoogleOS" device can easily access your home or office machine.
And, of course, it's written in python.
by wiswaud
on 15 July 2009
Tags:
english, geeky, linux, python
Comments
Copyright © 2009 Éric St-Jean