x
This website is using cookies. We use cookies to ensure that we give you the best experience on our website. More info. That's Fine
HPC:Factor Logo 
 
Latest Forum Activity

Surf Firefox on Jornada720 with Duvian/ssh/X11 via RaspberryPi

1 2 3
joval Page Icon Posted 2021-03-01 4:35 PM
#
Avatar image of joval
Subscribers
H/PC Philosopher

Posts:
420
Location:
Northern California
Status:
ntware: very impressed with the speed gain with your VNC X shortcut. MyPaint installed on RasPi renders fast, etc... will look at Dolphin and LXterminal. Youtube videos much improved...almost smooth motion.

Only problem is RasPi uses/loads RealVNC server which has proprietary authentification so my only way to connect is to place J720 tigervnc viewer in -listen mode and then go to RasPi and connect from VNC server to "listening viewer"which bypasses authentification. Will install TigerVNC-standalone-server and see if I can connect to it without this problem. Amazing speed difference bypassing X-fowarding!

Joval
 Top of the page
joval Page Icon Posted 2021-03-04 5:37 PM
#
Avatar image of joval
Subscribers
H/PC Philosopher

Posts:
420
Location:
Northern California
Status:
In a different thread ntware found that installing a VNC viewer on the J720 and connecting to a VNC Server on his Linux server via standard vnc port 590x yielded much higher refresh rates. I tried it on my J720/ethernet/RasPi hybrid and yes it was much snappier scrolling and rendering smoother youtube videos,etc. This approach bypasses X-forwarding which really slows down the J720 because its cpu has to do more of the heavy lifting rendering the display. Further,logging into the RasPi/Server
via SSH isn't required... saving a couple of steps including a password.

Well,on further reading turns out VNC connections are not secure and ssh is recommended to avoid packet-sniffing your connection...esp if using wifi or on a multi-user lan. If you use a (solo) tethered ethernet to say a RasPi then ssh probably/possibly isn't an issue.

Right now, I'm using tethered ethernet to Raspi with ssh and X-forwarding to my Jornada and Firefox... so all my words of wisdom should be secure (ie., the FBI can't hack my emails/posts ... such as Mr Clinesmith seems prone to/likes to do).

If I'm just surfing different websites to download tutorials, or watching youtube videos, etc I will follow ntware's idea/approach of bypassing both SSH and X-forwarding for the speed gain. If I need the extra security there is a modified VNC command (argument) that employs SSH.

Anyone out there want to weigh on this one??? Am I trapped in my own echo chamber once again??

Joval

C:Amie: is there some way to correct this thread's title because some doofus misspelled Devian as "Duvean" and I don't want anyone to think it was me!!!

Edited by joval 2021-03-04 5:41 PM
 Top of the page
ntware Page Icon Posted 2021-03-04 6:45 PM
#
Avatar image of ntware
Subscribers
H/PC Elite

Posts:
554
Location:
Florida, US
Status:
It is true that vnc is way less secure than ssh, unless you encrypt your vnc traffic (you can make vnc go through ssh as well, just like X forwarding). But, the lack of encryption is also one of the main reasons why vnc is so much faster. Putting the little StrongARM CPU to encrypt/decrypt packets all the time is burdensome. With proper configuration, you can make unencrypted vnc still secure.

The lack of security on vnc doesn't mean that people on the internet will be able to read what you type. The packets can only be sniffed from inside your local network. There is no way someone can capture your LAN packets from outside of your WiFi network, unless your home network is compromised. In that case, I would be much more concerned about my private information than about my vnc server. So unless you're worried about your wife/kids/mom reading your darkest secrets typed on your Jornada, I wouldn't be concerned about running unencrypted vnc at home. In fact, a weak WEP access point is a much bigger concern in my opinion than an unencrypted vnc server.

If you're still concerned about this, a perfectly secure scenario would be to connect your Jornada to the Raspberry Pi over Ethernet cable. This would restrict the communication only between the two devices. In that case, the lack of encryption is pointless because no one else can listen to the direct communication anyway. To make this even bullet proof, you can configure your vnc server to listen only at the cabled Ethernet interface. This means that only your physically plugged Jornada would be able to connect to your vnc server.

Edited by ntware 2021-03-04 6:46 PM
 Top of the page
joval Page Icon Posted 2021-03-05 2:55 AM
#
Avatar image of joval
Subscribers
H/PC Philosopher

Posts:
420
Location:
Northern California
Status:
Quote
ntware - 2021-03-04 10:45 AM
But, the lack of encryption is also one of the main reasons why vnc is so much faster. Putting the little StrongARM CPU to encrypt/decrypt packets all the time is burdensome. With proper configuration, you can make unencrypted vnc still secure.


ntware: Many thanks... Great detailed response! I appreciate your insights and knowledge base... cleared up many of my concerns. As I was riding my electric bike up over the steep hills surrounding our lake I remembered that VNC does have an encryption mode and thought I was mistaken about VNC security. You point out there will be a performance deficit using it, which is good to know.

Quote
The lack of security on vnc doesn't mean that people on the internet will be able to read what you type. The packets can only be sniffed from inside your local network.


That is reassuring. (My darkest secret is I'm the doofus who misspelled Devian as "Duvean" on this threads title).

Quote
If you're still concerned about this, a perfectly secure scenario would be to connect your Jornada to the Raspberry Pi over Ethernet cable. To make this even bullet proof, you can configure your vnc server to listen only at the cabled Ethernet interface. .


This is basically what I'm doing. Thanks to your explanation, I now know ssh can be optional. My present problem is the stock RealVNC server on RasPi doesn't accept tigervnc connections...and the RealVNC client on connect locks out Fluxbox workspaces, so I've more to learn so I can change to the tigerVNC-standalone-server or something similar.

Hey, don't get me wrong...
you are truly blazing some great trails here with VNC. Exciting... and now many/most of my recent posts are via my Jornada720 + RasPi "hybrid". That is something I thought would never happen. I still have to work on the WPA_supplicant wifi set up... but ethernet tether with a the tiny Raspi is really very portable as is... and battery lasts many hours.
Thanks again!

Joval

Edited by joval 2021-03-05 3:01 AM
 Top of the page
hpc:factor« View previous thread · H/PC Linux / Unix · View next thread »
1 2 3
Jump to forum:
Seconds to generate: 0.125 - Cached queries : 43 - Executed queries : 27
Server Time now is: Sunday, 18 April 2021 - 0:37