Persistent Terminals For a Dedicated Computing Box?

Theovon writes "I just built a high-end quad-core Linux PC dedicated to number-crunching. Its job is to sit in the corner with no keyboard, mouse, or monitor and do nothing but compute (genetic algorithms, neural nets, and other research). My issue is that I would like to have something like persistent terminal sessions. I've considered using Xvnc in a completely headless configuration (some useful documentation here, here, here, and here). However, for most of my uses, this is overkill. Total waste of memory and compute time. However, if I decided to run FPGA synthesis software under WINE, this will become necessary. Unfortunately, I can't quite figure out how to get persistent X11 session where I'm automatically logged in (or can stay logged in), while maintaining enough security that I don't mind opening the VNC port on my firewall (with a changed port number, of course). I'm also going to check out Xpra, but I've only just heard about it and have no idea how to use it. For the short term, the main need is just terminals. I'd like to be able to connect and see how something is going. One option is to just run things with nohup and then login and 'tail -f' to watch the log file. I've also heard of screen, but I'm unfamiliar with it. Have other Slashdot users encountered this situation? What did you use? What's hard, what's easy, and what works well?"

Screen works welll

[Miros (734652)]

For your standard persistent terminals, SCREEN is really your best bet

Re:Screen works welll

[Lord Apathy (584315)]

Agreed. I built something like that a few years ago. It had a vt100 sitting on top of it and I used screen to keep up with the data. Screen is easy to use. The only real command that you will need is screen -R. The -R will tell it to resume the screen session in the background and if there isn't one to create it.

Re:Screen works welll

[ckthorp (1255134)]

I prefer screen -R -D to detach any other screen connections which I might have forgotten about.

Re:Screen works welll

[FMZ (1178473)]

Throw this in your .bashrc: alias s="screen -RAad" . This makes multiple screen session management really easy. When I want to IRC, I just type "s irc". When I'm checking out how my torrent is going, "s tor". The beauty is, you don't have to do anything different for a new session. If you forget which sessions you have going, just type "s" and you'll be provided with a list of existing screen sessions.

Re:Screen works welll

[Dr. Winston O'Boogie (196360)]

Nothing new to add, but did want to emphasize that if a text-only terminal is all you need, 'screen' is the way to go. It is one of the lesser known unix goodies, and a true "wonder tool": a tool you cannot live without once you use it.

The quick primer:

First time:
    ssh mymachine
    screen
    <do some work>
    CTRL-a-c <create another login session>
    <do some more work in diff dir>
    CTRL-a-1 <back to first login session>
    CRTL-a-d <disconnect>
    exit

Future times:

    ssh mymachine
    screen -r <resume screen>
    CTRL-a-2 <back to second login session>
    <do some work>
    CTRL-a-d <disconnect>
    exit

You can create many login sessions inside one screen instance or launch multiple instances of screen on the same box by giving them a name. See the man page for all the goodness.

Re:

[LeafOnTheWind (1066228)]

If all you are doing is establishing a persistent ssh connection, you may want to think about using dtach [sourceforge.net]. It's the equivalent of vi to emacs. Why use an operating system when all you need is a text editor?

Re:Screen works welll...read this link SUBBY

[xSauronx (608805)]

so is google. im not against people looking for help, but i would think ask slashdot could limit itself to unusual problems. ssh/x forwarding/screen is pretty elementary stuff.

what a ridiculous thing to put on the front page. any number of forums or HOWTOs probably provide all the information the submitter is looking for, so id like him to read this.it looks long, but its a quick read.

How to ask questions the smart way [linuxmafia.com]

/ill take the karma hit, if the subby will do his own research from now on

Re:Screen works welll...read this link SUBBY

[Two9A (866100)]

Easy; plug in the Ethernet, boot a Gentoo LiveCD, and a minute after the disc access has stopped, type the following (carefully) at the assumed # prompt:

# ifconfig eth0 [a known IP]
# /etc/init.d/ssh start
# passwd
[enter a password for root, twice]

SSH in from another box, and you're done! Worked fine for me, installing Gentoo on a Kanga with a broken screen from three timezones away.

Of course, it assumes that the Ethernet card is working, and that the kernel picks it up as eth0. If the network lights up but you get no joy, try a LAN-wide ping sweep; I've had to do that a coupla times when this kinda thing's cropped up.

Re:Screen works welll

[by Anonymous Coward]

Screen is a most excellent utility for persistent terminals, but (as far as I know) it will not let you keep persistent X11 information.

Re:Screen works welll

[JamesTRexx (675890)]

I use screen in combination with X11vnc to keep a desktop open to the media server.
If for whatever reason I lose the connection, I can start ssvnc again and get the desktop back.

Re:Screen works welll

[maverickbna (578984)]

Try NX. It's free edition will do what you need just fine, and provides persistent X11 connections. www.nomachine.com [nomachine.com]

Re:Screen works welll

[alta (1263)]

The article seemed to mention 2 stages, first needing persistant terminals, which screen is PERFECT for... The second stage will require wine, which means X, which means VNC...

The guy has answered his own questions.

Re:Screen works welll

[Al Dimond (792444)]

My understanding, which might be wrong, is that you can't do this with just screen and an ssh-forwarded X server.

In X, for those that don't know, applications are clients and the display is the server. So when you run apps from your server box and display them on your laptop, the app on the server box is the client and your laptop display is the server.

An X client needs to be connected to an X server. I think it would be possible to write ones that could handle dropping and resuming their server connections, but I don't think any programs actually act this way in practice. So to have clients running persistently while you're not connected you need a locally-running X server that those clients remain connected to. The traditional thing to do, then, is to use VNC to let other computers access that local X session. Compared to what you were doing, forwarding the actual X connection over SSH, this has the advantage that a smart VNC client/server can adjust for slow network connections by combining messages to be sent, remembering the display state on the client side so window redraws (as a result of overlapping windows) don't require any network activity, and image compression (for some kinds of windows sending an X11 command stream is more efficient than sending compressed image data, but for others it's the other way).

The VNC protocol, however, doesn't have many security features built in, and there are lots of different client-server combinations that use non-standard or semi-standard compression techniques. The standard answer to VNC's lack of built-in security features is to forward VNC connections through SSH. That, plus any modern VNC client-server combo, generally gets the job done. But there's a relatively new program that essentially is a better VNC. It's called NoMachine. Google it. For some uses it's free-as-in-beer, and I think they release some source code, but they are a for-profit company and generally use a proprietary model IIRC. If that doesn't bother you, their product is good as far as I've seen. If you want to stay with Free Software, you'll probably want VNC+SSH.

Re:Screen works welll

[by Anonymous Coward]

Why not just run it on the console, and connect a KVM with network access to that sucker?

Long term != poor comprehension

[tepples (727027)]

From the article: For the short term, the main need is just terminals.

(my strong emphasis)

I would guess mrmeval was looking at "However, if I decided to run FPGA synthesis software under WINE, [some system that supports graphics] will become necessary." in the article. I don't think this FPGA synthesis software can be operated completely from the command prompt.

How about NX/nomachine.com?

[vlad_petric (94134)]

Yeah, it's not free as in speech, but otherwise beats the crap out of vnc.

Captain Obviousman.

Re:How about NX/nomachine.com?

[agoliveira (188870)]

Yeah, it's not free as in speech, but otherwise beats the crap out of vnc.

Captain Obviousman.

FreeNX is free and works to what he wants as well.

Re:

[billcopc (196330)]

From my experience, everything keeps running. All the "suspend" does is leave your X-session open, so you can reconnect to it later.

"Terminate" kills any open apps and logs out of that X-session.

ssh + vnc

[Destrius (956)]

You could use VNC, but set it up so the vnc server is only accessible via localhost, and then use ssh to create a secure tunnel back to your client. Alternatively I sometimes use vnc and ssh with X11 forwarding, i.e. the actual graphical data being sent over the network is over X11 as opposed to VNC's protocol.

screen is cool and pretty easy to use, RTFM. But its command-line only, so not applicable if you need GUI as well.

Re:

[Curtman (556920)]

Or just forward the VNC port. Should be 5900 for screen :0. It'll be faster than raw X11 forwarding.

Re:

[Scherpbier (470856)]

If you use xtightvncviewer, it has the "-via" option which sets up a tunnel (ssh is the default) for the connection. Only ssh needs to be exposed through the firewall that way.

Alternatively, set up OpenVPN (either through a dedicated firewall or on your linux box) or other VPN so you can access the VNC server as if you were local to your network.

screen

[vengeful (734172)]

The usefulness of screen cannot be overstated.

Re:screen

[Lord Apathy (584315)]

Screen is one of the greatest and useful commands ever envisioned.

Re:screen

[SuperQ (431)]

And of course my favorite thing in my .screenrc:

# turn sending of screen messages to hardstatus off
hardstatus on
# Set the hardstatus prop on gui terms to set the titlebar/icon title
termcapinfo xterm*|rxvt*|kterm*|Eterm* hs:ts=\E]0;:fs=\007:ds=\E]0;\007
# use this for the hard status string
hardstatus alwayslastline
#hardstatus string "%h%? users: %u%?"
hardstatus string "%{.bW}%-w%{.rW}%n %t%{-}%+w %=%{..G} %H %{..Y} %m/%d %C%a "

Re:

[pathological liar (659969)]

I'm a zsh user, I've got this in my .zshrc ... I've never tried to post a code snippet to Slashdot, hopefully it doesn't mangle it too badly...

case $TERM in
xterm*|screen*)
preexec () {
export CURRENTCMD="$1"
if [ x$WINDOW != x ]; then
print -Pn "\ek$1\e\\"
else
print -Pn "\e]0;[$USER@$HOST] $1\a"
fi
}
precmd () {
if [[ ! -z $CURRENTCMD ]]; then
if [ x$WINDOW != x ]; then

Simple answers.

[crazyvas (853396)]

Use screen for terminals. x11vnc for GUI. x11vnc can be run over encryption. Look at http://www.karlrunge.com/x11vnc/ [karlrunge.com] for more info.

freenx / nxserver

[mikey573 (137933)]

For persistent GUI sessions, I generally use nx/nxserver/freenx:
http://freenx.berlios.de/ [berlios.de]

For console sessions, nothing beats "screen". I use the command "screen -m -R" to create and/or reconnect to an existing session.

I used to like VNC, but I got tired of how difficult it was to set up. On Windows boxes, I stick to Remote Desktop Connection.

nx* = PITA

[Nicolas MONNET (4727)]

You think VNC is difficult to set up? Well NX is just absurdly complicated. That one time I managed to get it working, it was indeed vastly superior to VNC, but I just can't fucking understand why they have to install their own damn SSH server and keys. Why? WHY???
How come it's not been picked up by any major distribution? Probably because installing it by following the megabyte-long HOWTOs feels like an exercise in computer masochism.

Re:nx* = PITA

[Burz (138833)]

Not seperate ssh server... unless you're on Windows?

Separate key is needed because nx must do session/login management from root. Simple as that. Once I grasped that, the rest came easy (I will admit to being familiar with ssh configuration though).

FWIW, nxserver works great

[Burz (138833)]

...I've always had more luck getting it to work right than with freenx. But the latter has a KDE session integration now so the auther may want to look into that.

The session handling and preservation of nxserver is very good.

Persistent X and others

[mrmeval (662166)]

http://www.icsi.berkeley.edu/~wooters/persistentX.html [berkeley.edu]

I've not tried this but it looks good.

Some for vnc
http://www.novell.com/coolsolutions/feature/16011.html [novell.com]

With xinetd?
http://newsgroups.derkeiler.com/Archive/Uk/uk.comp.os.linux/2006-02/msg00109.html [derkeiler.com]

SSH Tunnel to protect VNC

[brownsteve (673529)]

This is what I do every morning to get into work.

Start up a VNC server on the remote box and leave it running. No need to open holes in your firewall except for SSH, which is pretty safe to do.

To tunnel through the firewall and log in, type these commands on your local machine:

ssh -f -N -L 5901:localhost:5901 -X username@remotebox.example.com
vncviewer localhost:5901

Voila: VNC connection, secured by SSH. When you are done just

killall ssh

.
Note that 5901 means the :1 VNC session, 5902 means :2, etc.

Re:SSH Tunnel to protect VNC

[ink (4325)]

You can also just end the SSH session (don't background it with '-f') to cut the tunnel. This also works with PuTTY for Windows machines. I've setup PuTTY shortcuts for some of my coworkers and they just double-click on them, enter their passoword, and they're using VNC just fine. When they want to stop using it, they just close PuTTY. Easy as pi.

Re:SSH Tunnel to protect VNC

[LeafOnTheWind (1066228)]

No need to open holes in your firewall except for SSH, which is pretty safe to do.

I would strongly disagree with this statement. Because ssh has the ability to do so much, it deserves special attention to security. The default implementation should be tweaked more than a little bit, including disabling password login, changing the port and, please don't forget, disabling ssh1. There are other, more subtle, cryptographic attacks, but even those few changes should make it more secure.

Terminals mainly?

[LinuxGeek (6139)]

Try conspy [freshmeat.net], very handy utility.

Quick primer

[Nicodemus (19510)]

Here's a quick primer. These are the commands I use all the time. There are a ton more in the man pages or online help.

"screen" to start a new shell under screen

All commands start with CTRL-A, then another key for the command itself. If you really want to send a CTRL-A to your application (Like to go to the beginning of the current line in bash for example, hit CTRL-A twice.)

CTRL-A CTRL-D Detach your current session

"screen -rd" to get back to it

CTRL-A CTRL-C create another "window"
CTRL-A CTRL-N next window
CTRL-A CTRL-P previous window
CTRL-A " see list of current windows
CTRL-A [ Copy mode... you can see the scrollback buffer with this. Esc to exit
CTRL-A ? Help for further stuff.

I run just one instance of screen with multiple "windows." Works beautifully. When you start running more than one screen process under the same user it can make it difficult to re-attach because you have to tell it which pty to attach to.

Nicodemus

Re:Quick primer

[bucky0 (229117)]

the day that my grandmother is leaving persistent terminal sessions around is the day I pick up cross-stitching.

It's an advanced thing to do, why would it influence "linux on the desktop (tm)"

fpga tools

[scatterbrained (144748)]

The xilinx fpga tools run just fine (perhaps better) from the command line, and have native ports to linux. I believe the same is true for Altera. If you run the xilinx gui tool with the command line log file turned on, it will give you a look at what's required.

IIRC, screen has a pretty detailed man page and has been around a very long time, so should be pretty easy to find examples of setting it up.

For X, usually the real pig is the display server. If you have to run X read up on using the DISPLAY environment variable and just run the X clients on the box and run the server somewhere else - that's what it was made for ;-)

What I read

[krappie (172561)]

"I really want this feature. I've heard of this program that's made for exactly the feature that I want, but I'm unfamiliar with it. HELP ME SLASHDOT YOU'RE MY ONLY HOPE!!1!"

NX

[Bert64 (520050)]

Try NX, http://www.nomachine.com/ [nomachine.com]
It's orders of magnitude faster than VNC or native X11, and supports persistent sessions as you describe...
It also runs over SSH, so it benefits from the inherent security of SSH.

I would never even consider using VNC, entirely pointless... slower than native X11.

Sun Rays

[Paul Jakma (2677)]

Sun make pretty neat thin-client terminals called Sun Ray [sun.com]. Can work with either Linux or Solaris servers.

NB: I'm biased, as I work for Sun.

Xvfb

[kreuzotter (13645)]

I use Xvfb to make a virtual screen on the number cruncher (comes with xorg). I don't need to see the display, it just has to be there for wine. If something goes wrong (error box pops up) and there is no progress I take a screen dump of the vortual screen to see it. This eliminates traffic on the network too.

Here is where microsoft nailed it - remote desktop

[by Anonymous Coward]

Microsoft's remote desktop simply works better than anything in the unix world. Screen is wonderful, but if you want to maintain an entire work session state across several locations, nothing beats RDP.

Why hasn't someone made an X server that uses RDP as the graphics device? Xnest is already 99% of the way there. I'd log in, and if I don't have a session it would create one, if I do have one it would reattach to that one, or maybe give me the option to create a new one.

I could use this in a 100% linux environment using rdesktop to connect to the server (instead of using xdm and Xnest, for instance). It would also work really well in a mixed windows/linux environment because I could use the windows remote desktop client to connect to a linux server and use X programs. Lastly, it would be great for POS applications because 99% of thin client systems already use RDP.

lets get cracking!

Re:Here is where microsoft nailed it - remote desk

[florin (2243)]

[quote]Microsoft's remote desktop simply works better than anything in the unix world[/quote]

Sadly, you're not wrong, even though many will refuse to admit it. There's a bit of NIH syndrome going on here and also a general lack of understanding why neither X nor VNC are as functional as Remote Desktop.

Sun's Secure Global Desktop (previously known as SCO Tarantella) actually compares really well in the Unix world, but it's payware even if you need just 1 or 2 seats - functionality that is included with the OS with Remote Desktop. Sun, do all of us, Unix and yourself a favor, and give this product away. Sell licenses to compete with Terminal Server and Citrix, not with Remote Desktop. Pretty please :)

modify your bash profile

[vlm (69642)]

Once you're comfortable with screen, which only took me a couple days, back in the mid 90s, add this as the last line of your .bash_profile

exec /usr/bin/screen -xRR

Upon ssh'ing into the box, that'll set up a screen session, or if one currently exists, reattach to it.

Also, if you log in multiple times, from different PCs or whatever, all your logins see the same screen session, which can be convenient if you're "sharing" logins.

To disconnect from the session, just "C-a z" and your ssh connection will drop.

You'll probably want to customize your .screenrc file also. I advise setting

vbell off
escape ^zz
nonblock on
deflogin off
startup_message off
screen -t procinfo 0 watch -n 60 procinfo
screen -t bash 1
bindkey -k k1 select 1
bindkey -k k2 select 2 .... you get the idea .....
bindkey -k k; select 110
bindkey -k F1 select 11
bindkey -k F2 select 12 ... etc ...
Oh and set a useful caption line too.

VNC is a "waste"???

[5pp000 (873881)]

I've used VNC routinely for this kind of purpose for years -- in fact, I do almost all my programming work using it. I have not found it to be a resource hog by any means. Just checking some of my VNC sessions now, resident memory use by the Xvnc process seems to stay between 20 and 60MB. At current memory prices, this is pretty much negligible (and I would assume you have plenty of DRAM on your compute box -- 8GB at least, yes?).

Others have mentioned SSH tunnelling -- I can assure you this is reliable; I've used it day in and day out for years.

Use Screen if you want, but personally I wouldn't even think twice about using VNC.

Yeah it makes sense

[Nicolas MONNET (4727)]

All code except system calls runs natively, and therefore just as fast as native code.

Re:

[bucky0 (229117)]

That's true, but if he's talking about graphics things, there is a LOT that is emulated. Google "DIB engine wine" for a look.

Basically, unless you're using DirectX/OpenGL, windows makes assumptions about the graphics layer that can't be directly done in X. AFAIK (it's hard to understand), many of the earlier windows libraries give the program direct shared access to where they are rendering, but X11 has the program and the actualy framebuffer divided by the X11 layer. Emulating that blows in terms of perfor

Re:

[Ice Wewe (936718)]

Gentoo distro:

emerge -av screen

Mac OS X:
fink install screen

Re:screen

[Yogiz (1123127)]

Slackware distro:
cd /usr/src/tar
wget ftp://ftp.gnu.org/gnu/screen/screen-4.0.2.tar.gz [gnu.org]
cd ..
tar -xzf tar/screen-4.0.2.tar.gz
cd screen-4.0.2
CFLAGS=" -O2 -march=pentium-m -pipe -fomit-frame-pointer"./configure --prefix=/usr
make
mkdir /tmp/screen_install
make DESTDIR=/tmp/screen_install install
cd /tmp/screen_install
mkdir install
vim install/slack-desc
makepkg screen-4.0.2-i686-1.tgz
installpkg screen-4.0.2-i686-1.tgz
cp screen-4.0.2-i686-1.tgz /usr/src/packages
cd ..
rm -r screen_install

What? Difficult? What are you talking about, that's the only good way.