9

Introduction

I am a rather new user of Ubuntu, and I'm trying to set up remote desktop access to my Ubuntu 22.04 in a specific way. I have tried both native GNOME Remote Desktop and XRDP; however, I have not been able to reach the desired behaviour which is the following.

When I work on my Ubuntu desktop, I need to switch between working physically on-site on the desktop and remotely working on the desktop. More importantly, I need to switch between working on-site and remotely without logging out of the user session. Therefore, I need to remote access the running user session on the remote Ubuntu desktop preferably not by a "screen mirror" method. (The same way as you can access the running user session on Windows using Windows RDP.)

Remote access options

I have looked into both the native Remote desktop in Ubuntu 22.04 (GNOME Remote Desktop) and XRDP. If I understand them correctly, they both have disadvantages which prevent me from using them for my specific remote access needs. Please see the overview of the remote access options below, and correct me if I am wrong in something.

GNOME Remote Desktop (GRD)

GNOME Remote Desktop supports a "screen share", also known as "remote assistance" mode, through VNC or RDP. This means that when you connect to the remote desktop using GNOME Remote Desktop, you connect to the existing session of the currently logged user, and you only see a mirrored screen of the user on remote desktop and you can control his mouse and keyboard. It is very similar to Anydesk or Chrome Remote Desktop. The remote desktop can be configured to either of the following:

  • Screen mirror only. This can be achieved by setting Remote Desktop "ON" and Remote Control is "OFF" on the remote desktop.
  • Full screen share (screen mirror + mouse & keyboard control). This can be achieved by setting Remote Desktop "ON" and Remote Control "ON" on the remote desktop.

Advantages:

  • You can connect to an existing session of the user logged on the remote desktop without disrupting it (i.e. without disrupting running processes), see why it is important.
  • The GUI is exactly the same as on the remote desktop because you are seeing the exact copy of the remote screen.

Disadvantages:

  • The remote desktop must be connected to a monitor, and the monitor must be turned on. Otherwise, there would be no screen to mirror back to you.
  • The remote access is much less seamless (compared to, e.g., XRDP) due to the screen mirror. Specifically, when opening and closing windows, the picture is laggy and blurry.
  • Anyone who has physical access to the remote desktop can see what you are doing on the remote desktop, and it it not possible to protect your computer from a local physical intrusion.

The third disadvantage can be partially solved by tweaking various settings but the first two disadvanatages remain.

XRDP

XRDP is very different from GNOME Remote Desktop and similar to Windows RDP. When you remote access the remote desktop using XRDP, you create a new session (log as a new user). The new session acts as a "virtual machine" accesible only to you, which means that whatever you do in the session can only be seen in your client desktop. On the remote desktop, only login screen is visible, and it looks like nothing is happening.

Advantages:

  • The remote desktop does not have to be connected to a monitor because the "virtual machine" is created specifically for your client monitor.
  • The remote access is so seamless that you can not even notice that you are working on remtoe desktop and not local desktop. Specifically, even when opening and closing windows, the picture is super fast and clean.
  • No one (even with physical access to the remote desktop) can see what you are doing on the remote desktop.

Disadvantages:

These disadvantages can be partially resolved by tweaking various settings as can be seen in the links above. However, even after this tweaking, some disadvantages remain.

Windows RDP

Windows RDP cannot be used on Ubuntu (as far as I know), but I present it here because it has the exact functionality that I am looking for.

Windows RDP is similar XRDP. As in the case of XRDP, when you connect to the remote desktop you create a "virtual machine" accesible only to you, which means that whatever you do in the session can only be seen in your client desktop. However, unlike XRDP, Windows RDP allows you to both create a new session (log as a new user) as well as connect to the existing session of the currently logged user. On the remote desktop, the currently logged user is locked out of his account but not logged out which means that the running processes are not disrupted!

Advantages:

  • You can connect to an existing session of the user logged on the remote desktop without disrupting it (i.e. without disrupting running processes).
  • The GUI is exactly the same as on the remote desktop.
  • The remote desktop does not have to be connected to a monitor because the "virtual machine" is created specifically for your client monitor.
  • The remote access is super seamless.
  • No one (even with physical access to the remote desktop) can see what you are doing on the remote desktop.

Disadvantages:

  • none?

As I have come to understand, Windows RDP combines the advantages of both GRD and XRDP without having any of their disadvantages.

My question

When I connect from Ubuntu client to Ubuntu remote desktop, Remmina uses the GRD or XRDP on the remote side and this has the abovementioned disadvantages. However, when I connect from Ubuntu client to Windows remote desktop, Remmina uses the Windows RDP on the remote side and everything is satisfactory.

Is there a way to achieve the desired behaviour for connecting from Ubuntu client to Ubuntu remote desktop?

I would be very grateful for any tips or links to relevant tutorials :)

EDIT 1:

This reddit question (and especially this comment) also nicely describe my problem.

EDIT 2:

I am currently using NoMachine to connect to the remote desktop. Although it is a "screen share" remote access (same as GRD and Anydesk) it does solve the "local physical intrusion" disadvantage by blanking the screen for local user and blocking local inputs. It also partially solves the "seamless" disadvantage. NoMachine is more seamless than GRD or Anydesk. However, since it still is a screen share remote access, it is much less seamless than XRDP or Windows RDP. In future, I may try Vino VNC or RealVNC as recommended by others in hopes that though still a screen share, it will be more seamless.

Jakub Holan
  • 191
  • Does this answer your question? Local ubuntu desktop cannot login after logging in remotely via Xrdp session – Raffa Jul 07 '23 at 11:06
  • @Raffa, only partially. Please see the question again. I have rewritten it substantially. – Jakub Holan Jul 07 '23 at 20:02
  • Ubuntu is not Windows. You will not get the Windows RDP functionality in Ubuntu. I think this question has been asked and answered before. See below: – user68186 Jul 07 '23 at 20:18
  • Does this answer your question? Connect when Remote Desktop is on login screen or screen locked (without autologin) – user68186 Jul 07 '23 at 20:18
  • @user68186, no, it does not. The answer says "use XRDP". I have, however, explained in the question that XRDP is not an option (as far as I understand it). – Jakub Holan Jul 07 '23 at 22:19
  • As far as I know, there is nothing in Ubuntu that gives the Windows RDP features you want. – user68186 Jul 07 '23 at 23:21
  • Probably, you'll find this workaround helpful. – Raffa Jul 08 '23 at 08:51
  • @Raffa: Yes, it is partially helpful, thank you. It solves the third disadvantage of GRD, and I have added it into the question. It does not, however, solve the first and second disadvantage because the remote access by GRD is still in a "screen mirror" mode and not in a "virtual machine" mode. I am looking for a solution closer to XRDP (i.e. solution with a "virtual machine" mode). – Jakub Holan Jul 08 '23 at 13:57
  • @Raffa Won't your workaround need the **Allow locked Remote Desktop^^ GNOME Shell extension? This crucial item is missing in your answer. Without this the Gnome remote desktop will not unlock the locked screen, as far as I can tell. – user68186 Jul 08 '23 at 14:50
  • @user68186 Probably, yes although I haven't tested it ... However, that workaround isn't particularly about how to remotely connect per-se, but rather about how to automatically get your computer into the screen-locked situation after each boot (sort of initiate a user display server session and then protect it) without a user having to login and lock it manually ... As that question was about how to workaround starting a user session. – Raffa Jul 08 '23 at 15:51
  • @Raffa I understand your point. My point is, once you set lock screen to turn on automatically after auto login, the remote user will be locked out if the gnome shell extension is not installed. What I don't know is, once the gnome shell extension is installed, and the remote user connects, whether the screen will be visible and the computer accessible by a local intruder. – user68186 Jul 08 '23 at 16:51
  • @user68186 Good point, but unfortunately, I don't know that either. – Raffa Jul 08 '23 at 17:30
  • @Raffa I did some experiments. Indeed the local screen is unlocked and accessible when the Allow locked Remote Desktop is installed and used with Gnome Remote Desktop sharing. – user68186 Jul 09 '23 at 16:53
  • @user68186 Interesting ... Thanks for sharing :) ... I, however, wonder whether this can provide any kind of mouse/keyboard input protection or not. – Raffa Jul 09 '23 at 18:03
  • I use VNC to connect to a headless server every day. (headless = no monitor connected) – Organic Marble Jul 09 '23 at 19:01
  • @OrganicMarble: And do you always connect to the same session or is it each time a new session? – Jakub Holan Jul 09 '23 at 19:40
  • It's always the same session. That server never gets shut down except to reboot for kernel updates, and then it logs into the desktop session automatically. – Organic Marble Jul 09 '23 at 20:41
  • @OrganicMarble: Would you be so kind and explained it further in an answer? I am not sure how VNC works and what I need to set up on my Ubuntu remote machine. – Jakub Holan Jul 10 '23 at 08:02
  • 1
    I'm away from home for 2 weeks so can't write a proper answer. But big picture, install vino on the remote system, set vino-server to autostart using the facility in your desktop of choice, configure its settings with dconf-editor, connect with remmina. Search this site for q&a about vino. – Organic Marble Jul 11 '23 at 03:20

4 Answers4

3

In a word "No"

When you use Remmina in Ubuntu to connect to a Windows desktop using the RDP protocol, the remote Windows computer acts as a RDP server. It behaves in a specific way, that you describe as "satisfactory".

When you use Remmina in Ubuntu to connect to another Ubuntu desktop using the RDP protocol, the remote Ubuntu computer acts as a xRDP server or the new Gnome Remote Desktop (GRD) server. The xRDP and the GRD servers are not designed to mimic Windows functionality. Even though both Windows and Ubuntu uses the same RDP protocol, the differences in the behavior you have described is due to the differences between the operating systems.

The display systems used in Ubuntu, either XORG or Wayland, are very different from the Windows display system. Because of fundamental differences between Windows and Ubuntu, what you are asking for is not possible.

You have two choices, either use xRDP or use GRD and live with the respective disadvantages. You may also try other closed source desktop sharing apps like Anydesk, but the local visibility and security problem will remain.

Hope this helps

user68186
  • 33,360
  • This is what I suspected and was afraid of :/ Thank you for confirming that Ubuntu remote server really works this way. – Jakub Holan Jul 09 '23 at 19:41
1

Try x2go in the standard repositories. You can set up many parameters including desktop sharing xfce etc so you can go in remotely without being seen or affecting the current user. Also can go in as any user. very nice system.

Carol McAnulty
  • 149
  • 3
  • Thank you for the input but this seems to be very different from what I want. I want to affect the current local user. I want to lock him out and take over his session. Also, I want to connect to the standard local desktop environment (GNOME) and not use the xfce. – Jakub Holan Aug 05 '23 at 09:20
1

X2go does what you want,, install it and then for any connection go to session preferences and you can connect as the logged in user shared desktop or in any user or stealth mode in desktop your desktop environment type kde, xfce etc email me if you need additional clarification

Carol McAnulty
  • 149
  • 3
0

Note: This answer does not satisfy my question completely as it does not satisfy the "preferably not by a 'screen mirror' method" part. However, it is the best solution to the problem I have found, and the answer might help others with the same problem.

The only way for a semi-secure and semi-seamless remote connection to an existing user session on a remote Ubuntu desktop is the following.

I use the NoMachine remote access software. It is "screen-share" remote access (same as Anydesk) and not a virtual session (such as Windows RDP) so the remote work is not as seamless as Windows RDP; however, for short time work, the seamlessness is sufficient. The software has an option to blank the screen for local user and block local inputs when remote connection is established, which solves the "local physical intrusion" problem of screen-share remote access. Since it is a screen-share remote access, monitor must be connected to the remote desktop and must be turned on. The issue of power-consumption and screen flashes during start and end of remote session (which might annoy people close to the local machine) can be partially solved by setting brightness, contrast, and RGB values to 0 on the local monitor. Thus, the minotor is (almost) black, but still on.

Setup steps:

  1. Install NoMachine server on the remote desktop.
  2. Set the settings to "Blank the physical screen when somebody connects."
  3. Set the local monitor brightness, contrast, and RGB values to 0.
  4. Connect to the desktop using the remote access.
  5. Work.
  6. Lock the local user session (so that none can use the session locally after you disconnect).
  7. Close the remote session.
Jakub Holan
  • 191