Graphical remote login sessions can be valuable tools for cross-platform server administration. This article is an overview of the best applications for cross-platform GUI remote login in a mixed network of Windows, Mac OS X, and Unix computers.
To connect to a Windows computer remotely, use Windows Remote Desktop (aka Terminal Services). While VNC server also runs just fine on Windows, this is one area where the Microsoft solution outshines the open source counterparts–Windows Remote Desktop is faster, more secure, and more full-featured than VNC. In addition to remote screen, keyboard and mouse control, Windows Remote Desktop provides drive mapping between client and server, sound and printer redirection, and encryption of the entire remote session. While I’ve never found much use for printing to a remote computer’s printer via Remote Desktop, the ability to temporarily auto-mount drives between the two computers often comes in handy.
All Windows Remote Desktop traffic is encrypted and sent over a single TCP port (3389 by default). So, like VNC, it’s easy to route/NAT through firewalls. While there are licensing restrictions to deal with, the level of access allowed is generally sufficient for administration purposes. The Remote Desktop server piece is included in Windows XP Pro and in Windows NT 4.0 Terminal Server Edition and all later server versions. XP allows one remote client to connect at a time, whereas Windows Servers allow two concurrent inbound remote administration sessions.
To connect from Unix/Linux to Windows, use rdesktop and tsclient. rdesktop is a Remote Desktop client that speaks the Windows Remote Desktop Protocol (RDP). tsclient is a Gnome-based graphical front-end for rdesktop that looks very much like the Windows Remote Desktop client. tsclient also works for connecting to VNC and X servers. Both rdesktop and tsclient are released under the GPL.
To connect from Mac OS X to a Windows computer, use Microsoft’s Remote Desktop Connection Client for Mac, a free download from Microsoft. Unlike the Remote Desktop clients for Windows and Unix, the Remote Desktop Connection Client for Mac only allows one remote session at a time.
To connect to a Mac remotely, run a VNC server on the Mac. There are two good options for free VNC server software on Mac OS X. The easiest to get started with is the VNC server built in to the Apple Remote Desktop (ARD) client (version 2.1 and later). ARD client is included in Tiger 10.4, and is a free download for earlier OS X versions. While designed to work with ARD server, the ARD client can also be accessed from other OS’s like any other VNC server. The ARD client VNC server is a bit slow when used in this way, but can be sufficient for remote access over high bandwidth LAN connections. Unlike most VNC servers, it also supports sharing multiple-monitor systems.
The best Mac OS VNC server option is OSXvnc, a GPL’d VNC server developed by Redstone software. It’s the fastest and most full-featured free VNC server for Mac OS. Nice features include an option to only accept local VNC connections, good for forcing ssh-tunneled VNC connections. OSXvnc also supports concurrent user sessions when users are logged in locally with fast-user switching enabled.
An optional simplified front-end for OSXvnc is Mike Bombich’s Share My Desktop. Its simple installation and one-button interface make it nice for end-user support. It’s easy to walk someone through its setup over the phone, and, like regular OSXvnc, is faster than the ARD client VNC server.
To connect from Windows to a Mac, use a VNC client (aka VNC viewer). RealVNC and TightVNC are both free VNC packages that have Windows VNC clients. Download just the client/viewer, since the server side won’t be used on Windows. To run it, launch the viewer executable–no installation is necessary.
To connect from Unix to a Mac, use a VNC client. A VNC client and server are included with most every Unix/Linux distribution. Launch the VNC client (vncviewer) from a shell, or use the tsclient GUI front-end.
To connect to a Unix server remotely, run a VNC server on it (xvnc). By default, Unix handles concurrent VNC sessions differently from Mac OS and Windows. On Unix, if you log in remotely as a user who is also logged in locally, a separate user session is started for the remote user. The locally logged on user doesn’t necessarily see the remote user session. When you remotely login to a VNC server running on Mac OS as a user who is actively logged in locally, you essentially take over the desktop of the local user–the local user sees the mouse moving around the screen. On Windows XP, the local session is locked when a Remote Desktop session is started. On Windows Server, you have the option to login as the local console user or establish a separate login session.
To connect from Windows to Unix, use a VNC client, just as when connecting to a Mac.
To connect from Mac OS to Unix, use a VNC client (OSXvnc is server only—it does not include a VNC client). For the Mac OS VNC client, try Chicken of the VNC. It’s fast, lightweight, and has a funny name.
VNC login information is encrypted, but the VNC session itself is not. For remote server administration, VNC sessions should always be tunneled over ssh. On Windows, use PuTTY to establish an ssh session that forwards the VNC traffic to the VNC server over ssh.
Text-mode logins remain valuable tools for remote administration, but applications that allow graphical remote logins are a great addition to any cross-platform network administrator’s toolbelt.