I’ve recently installed POP_OS on my Dell XPS laptop. I want to use it to continue experimenting with open source Design applications, and other things.
I want to get remote desktop access, so I can securely access it remotely over the same network.
To do this I’ll need two things: to setup an SSH tunnel between the Mac OS machine (from now on called steve) and the POP_OS machine (from now on called lenny).
Setup SSH on lenny
SSH, Secure Shell, is a secure way to access Linux based computers, remotely. The connection between the client and the server is encrypted.
This essentially means that someone else cannot listen in to the connection. Configure SSH 1)System 76 have short instructions: https://support.system76.com/articles/server-setup/ as in the video below.
Fig 1: configure SSH on POP_OS
There’s a nice overview video explainer 2)A nice Youtube video explaining SSH: https://www.youtube.com/watch?v=zlv9dI-9g1U of how SSH and tunnelling works.
Create SSH tunnel on Steve
Using the great SSH tunnel application, SecurePipes, it’s easy to setup the SSH tunnel.
To do this you need:
- the IP address of lenny
- your username and password on lenny
- enter lenny’s IP address into “SSH Server Address” and “Remote Host address” fields like below
Fig 2: Configure SSH tunnel on Mac OS machine
When the SSH tunnel is created, you’ll see a little green dot beside the connection, like in the image below. This now means that a secure tunnel has been created between both steve and lenny.
Fig 3: Green dot shows the SSH tunnel is active
Enabling desktop sharing on lenny
This is easy. On lenny, in the settings application, go to sharing:
- top RHS, slide the switch to show the arrow
- click on Screen sharing Active
- check allow connections to control the screen
- enter a password (NB: only first 8 characters of the password are used!)
- restrict access to lenny to only the networks you own or trust
Fig 4: configuring remote desktop access (VNC) on POP_OS
VNC Viewer on Steve
On steve, download the VNCViewer client from RealVNC (the inventors of the VNC protocol!). It works really nicely.
Enter the “Local bind address” IP address and port from fig 2 above to make a new connection.
Fig 5: VNC client configuration on Steve the Mac OS machine, using the “local bind address” of the SSH tunnel
Error: ‘Unknown authType 18’
Every time I tried to connect to lenny (and any Ubuntu machine in the past), I got ‘Unknown authType 18’ error message.
In the VNC Viewer client I tried allowing the connection encryption to be negotiated by the VNC server (Encryption: Let the server choose). It failed. I’ve tried a number of other parameters. It failed.
The solution to the above error message is to disable encryption on the VNC server.
To do this, go to lenny, and in the terminal type:
gsettings set org.gnome.Vino require-encryption false
This disables encryption on the VNC server. I still can’t understand why the parameter “let the server choose” does not work as disabling encryption should be the eventual outcome.
Once you explicitly disable encryption on the server, as above, VNC will then work.
But isn’t this insecure?
Since you are connecting to lenny the POP_OS machine through a secure SSH tunnel, the unencrypted VNC connection is no longer a concern.
This will give you secure, remote desktop access to the POP_OS machine. You will be able to use it as if you were sitting in front of it.
Don’t forget to turn it off when you are finished! 🙂
References [ + ]
|1.||↑||System 76 have short instructions: https://support.system76.com/articles/server-setup/|
|2.||↑||A nice Youtube video explaining SSH: https://www.youtube.com/watch?v=zlv9dI-9g1U|