Access to magsim by VNC

Until now, the Magnet Group's computation server has only been accessed by SSH (text console) login followed by X-forwarding of graphical programs to the user's local terminal. (X is the unix network-transparent graphical windowing system)

This plain X-forwarding has the advantage that the window for the application running on magsim looks just like another window on the local computer --- it doesn't take over the whole screen.

One disadvantage is that if the local Xserver is stopped (the user logs out, the computer is turned off, ...) the program on magsim gets stopped too. This also means that it is not possible to keep a simulation running then look at it from home and from work. Another possible disadvantage is that X was not designed to give high compression, as it was originally used on local networks: it will not work well on connections less than a matter of Mbps.

Even for text-based (command-line) programs, it is hard to switch control between different computers (e.g. home and work) while keeping the program running.

These problems are solved by the "VNC" software that maintains a pretend display running on the server, then lets clients from different computers access and control what is running. Some of you may already have used VNC software within mswindows systems: the main difference with magsim is that as many users may be connected at once there is a need to remember which display number you have started on magsim and to connect to this when you connect with VNC. There is also the advantage that VNC clients and servers are free, while Xservers for mswindows seem to have considerable cost and not to be very good. For anyone using a single program always from the same computer on the ETS network, it is probably better to continue with X. For others, VNC is expected to be better.

Note: please minimise all windows on the desktop before logging out of VNC: this saves CPU use, since all movements within a visible window are processed by the VNC server even when the desktop is not being displayed: the CPU load can be very high just for text moving down a window!

What is now possible?

After logging in as usual to magsim, you can now start a VNC server that will start a whole desktop session in the computer's imagination! Then, you can connect from unix, mac or mswindows systems using a free viewer program, and see and control programs in this desktop. When you stop your viewer all programs will continue to work, in the darkness of the server-room, and you can log in again to see how the work is progressing.

For proper long documentation on TightVNC (the rather good version we are using) see the TightVNC website.

What is NOT possible

A slight complication is that VNC is not intended to be a secure communication --- an eavesdropper could find out what is being typed. On the ETS network this is not a problem, as the network is trusted. But opening VNC to outside hosts would mean allowing eavedropping and allowing people to attempt to guess passwords.

I will happily open it up to the world if all who will use VNC are not bothered by the risks, but I think it is better that we use SSH tunneling or Virtual Private Networking (VPN) to get access to the ETS net from outside.

SSH tunneling (unix) As expected, this is simple. Just call vncviewer host:display as usual, but give the extra argument -via host to cause the viewer to make an ssh login to the computer called `host' and from there communicate with the VNC server. It works beautifully! You can just use magsim as the via host. Note that this -via option is specific to TightVNC, and may not exist in other VNC viewers.

VPN (other) I don't know how this is done in mswindows. Our network has a computer called vpngw (presumably VPN gateway) so perhaps the system is already there -- ask Peter about how to use it.

HOW TO USE IT

  • Log in to magsim as usual (ssh, putty, ...)

  • See the manual page for vncserver (command: man vncserver)(q to exit)

  • Start a display (desktop) for yourself: vncserver
    The first time, you will be asked to set up a password, which you will use to connect. You also get the option of a "read-only" password that would allow a user to see but not to control the display.

  • Note what the vncserver command has said to you: before disappearing into the background it should tell you what display number you have, e.g. magsim:3 . Remember, from outside ETS this would have to be magsim.ets.kth.se:3 !

  • Now on the computers you will connect from, get VNC programs: TightVNC downloads. For mswindows users, just the small viewer is enough unless you'd like to run a server to allow remote use of your own computer. Gentoo users may simply type emerge tightvnc to have everything installed---fairly similarly for *BSD and other systems with a package-add facility.

  • Run the vncviewer program, and give a suitable VNCserver name (e.g. magsim.ets.kth.se:3). Then you should get a password prompt, and after the password is approved you will see a very basic desktop with a terminal window (Xterm).

  • This basic window manager allows resizing of windows by dragging them suitably, but to close a window or make a new Xterm you need to click on the desktop background and select a kill or xterm option. In the next section I explain how to use a more advanced window manager (which will use more system resources).

  • Just run programs as normal, and you'll see them in the desktop. You can close the vncviewer window on your computer then just log in again later and continue the session. All programs will keep running while you are away.

  • To stop a particular VNC server, type (on magsim)
    vncserver -kill magsim:3 (for the case of display number 3).

    Extra clever things to do

    TO USE ANOTHER WINDOW MANAGER, you need to edit the file .vnc/xstartup within your home directory. In other words, this is the xstartup file in the .vnc directory in your home directory. This file gives the commands used by vncserver to start the display. Edit the last line (initially "twm &") if you would like to change the display manger. `twm' is very very basic. `icewm' is a little more rich. KDE is a very functional and popular unix desktop. For these latter you would change the twm line to "icewm &" or "startkde &" respectively.

    The manual pages (man vncserver and man Xvnc) give the most relevant information about options. The files under the .vnc directory in your home-directory on magsim also allow some configuration of your vncserver. The vncserver works by starting an imaginary Xserver (Xvnc) which accepts graphical window programs as a normal Xserver but just waits to display them on a VNC connection instead of putting them on a normal screen. All options for Xvnc are therefore supported by the vncserver command which just passes them on.

    Some useful options for the server are as follow: put them after the vncserver command, e.g.
    vncserver -geometry 1024x768 -httpd /usr/local/vnc/classes

  • -geometry wxh set the size (width x height) of the display
  • -name "text string" give the server a name (displayed in its window)
  • -alwaysshared, -nevershared, -dontdisconnect if more than 1 client tries to connect to a particular display at a time, then, respectively: let both be connected together, or disconnect the first, or refuse the later client.
  • -viewonly don't allow clients to use keyboard or mouse
  • -httpd /usr/local/vnc/classes start an http server that will allow a Java-supporting webbrowser to load a Java applet that is a vncviewer, then connect automatically to the VNC server! In this case you would write the web address as http://magsim.ets.kth.se:580n where n is the number of the display that the vncserver command tells you you have. E.g., if it says magsim:4 you would write http://magsim.ets.kth.se:5804 .

  • For the client there are many options to do with compression. High compression could make even a modem connection almost tolerable between fast computers. Low compression reduces computer load but is only reasonable on a fast connection. It is also possible to save load by reducing update frequency or colour depth.