Remote Desktop Support


     Being a Linux fan and of course spreading the Linux love, I end up switching people from other os’s to Linux. The problem with this has always been remote support–Other os’s have a remote support solution.  It is not easy telling a new person using Linux how to open port 22 on their “Linksys” firewall, or to have them tell me what their external ip is.  After tons of frustration I decided their had to be a better way.  Enter open source: with a little python and xvnc, Linux users can rejoice with easy remote desktop support. This is by no means the “end all be all solution”, in fact the code needs some work. So use with caution and enjoy.*some assembly required.

I built this package and all it’s dependencies on Ubuntu 6.06. If you would like to have support for older versions of Linux you will need to build the packages on older distros like Debian Sarge to accommodate the library differences. Here is a partial list of software you should have installed:

Make two new directories on your desktop (or wherever you like) to hold the packages you build, call one helpdesk_server/ and the other helpdesk/. You are going to need two packages to build and distribute with your application, this will make it easy for portability. The first is x11vnc, x11vnc allows you to view remotely and interact with real X displays. It will work with any vnc viewer you choose. Go ahead and download the source, at this time the stable version is x11vnc-0.9.2.tar.gz.(check resources for address) and untar it. For older Linux support I would recommend using x11vnc-0.8.3.
Enter the directory from the command line and type:

After the build is finished, go into the x11vnc subdirectory and copy x11vnc binary to the helpdesk/ directory.
The next package you need to download is stunnel. Stunnel is a program that allows you to encrypt TCP connections inside SSL on a computer that does not have SSL installed. The current version is stunnel-4.20.tar.gz, download it, untar it. Enter the stunnel directory and from the command line type:

After that is finished, change directory’s into the stunnel src/ subdirectory. Copy the stunnel binary to the helpdesk_server/ and helpdesk/ directory’s that you created on your desktop.

You now need to make a server SSL cert and key. When an SSL client connects to an SSL server, the server presents a certificate which is proof that machine is who it claims to be. Create the cert from the command line:(NOTE: “” denotes one line)

openssl req -new -newkey rsa:1024 -days 365
-nodes -x509 -keyout helpdesk.pem
-out helpdesk.pem

Answer all the questions, or choose all the defaults, and it will create the ssl cert in the current directory. Please make sure helpdesk.pem is only readable by root. Copy the newly created helpdesk.pem to the helpdesk_server/ directory and the helpdesk/ directory.

You need to create two config files for stunnel, one for the server and one for the client. The one for the server should look like this:

foreground = yes
cert = /wherever/helpdesk_server/helpdesk.pem

accept = 5501
connect = localhost:5500

Save it and name the file stunnel.cfg, copy it into the helpdesk_server/ directory.
Now make the client side stunnel config file:

foreground = yes
pid =
client = yes
debug = 6
CAfile = /wherever/helpdesk.pem
# verify = 2

accept = localhost:5500
connect = your-server-ip:5501

Save this file and name it stunnel.conf, copy it to the helpdesk/ directory.
Lets take inventory of the two directory’s. The helpdesk_server/ directory should have these files in it.

helpdesk server

stunnel #binary executable
stunnel.cfg #the stunnel server config file
helpdesk.pem #the ssl cert key

The helpdesk/ directory should contain these file:
stunnel #binary executable
x11vnc #binary executable
stunnel.conf #the stunnel client config file
helpdesk.pem #the ssl cert key

Now that you have two directories filled with your files, you must now create the ui(user interface) for the client side. I chose to do this in python and wxWidgets. You can create it in any language you like, and make it look anyway you want, but for the purpose of this article, I made a simple ui with wxglade. Fire up wxglade and make a simple ui . After you have the way you want it, generate the code and save it as If you have never used wxGlade, there are plenty of tutorials to assist you; just do a little googling. Now you have the python file you need to edit it and add some events to the buttons.


The Code:


import wx
import commands
import os
import time
import subprocess
class MyFrame(wx.Frame):
def __init__(self, *args, **kwds):
# begin wxGlade: MyFrame.__init__
kwds[“style”] = wx.DEFAULT_FRAME_STYLE
wx.Frame.__init__(self, *args, **kwds)
wx.EVT_CLOSE(self, self.OnClose)
self.label_1 = wx.StaticText(self, -1, “HelpDesk”)
self.button_1 = wx.Button(self, -1, “Connect”)
self.button_2 = wx.Button(self, -1, “Exit”)
self.frame_1_statusbar = self.CreateStatusBar(1, 0)

# end wxGlade
# Button events
###add this line##################################
self.Bind(wx.EVT_BUTTON,self.OnConn,self.button_1 )
###add this line##################################
self.Bind(wx.EVT_BUTTON,self.OnExit,self.button_2 )
####add this function###############################
def OnConn(self,event): #connect function#
#get your home directory and join app
#directory to the end of that
homedir = os.environ.get(‘HOME’)
appdir = os.path.join(homedir, ‘helpdesk’)
self.homedir = appdir
#start stunnel
child1 = subprocess.Popen([“./stunnel”,
“stunnel.conf”], cwd=self.homedir)
self.Child1 = child1

#now connect to x11vnc server through ssl tunnel
child2 = subprocess.Popen([“./x11vnc”,
“–connect”,”localhost:5500″], cwd=self.homedir)
self.Child2 = child2
#check to see if stunnel is running
if os.path.exists(“/proc/%d” %
and os.path.exists(“/proc/%d” %
(“Remote Connected”)
dlg = wx.MessageBox(“There was an error
with the connection,either x11vnc or stunnel
did not start. Please let the technician
know.”,”SSL Not Connected”, style=wx.OK)
###add this function###########################
def OnExit(self,event): #exit function#
d = wx.MessageBox(“Do you want to Disconnect?”,
“Disconnect”, style = wx.YES_NO)
if d == wx.YES:
###add this function##########################
def OnClose(self,event): #window close event#
#extra precaution to make sure all gets cleaned up
os.system(“%s/bin/x11vnc -R stop”% self.homedir)
os.system(“killall stunnel stunnel.conf”)

def __set_properties(self):
# begin wxGlade: MyFrame.__set_properties
self.label_1.SetFont(wx.Font(14, wx.DEFAULT,
wx.NORMAL, wx.BOLD, 0, “”))
# statusbar fields
frame_1_statusbar_fields = [“”]
for i in range(len(frame_1_statusbar_fields)):
(frame_1_statusbar_fields[i], i)
# end wxGlade

def __do_layout(self):
# begin wxGlade: MyFrame.__do_layout
sizer_1 = wx.BoxSizer(wx.VERTICAL)
sizer_2 = wx.BoxSizer(wx.VERTICAL)
sizer_3 = wx.BoxSizer(wx.HORIZONTAL)
sizer_2.Add(self.label_1, 0,
sizer_2.Add((20, 30), 0, wx.ADJUST_MINSIZE, 0)
sizer_3.Add(self.button_1, 0,
sizer_3.Add((20, 20), 0, wx.ADJUST_MINSIZE, 0)
sizer_3.Add(self.button_2, 0,
sizer_2.Add(sizer_3, 1, wx.EXPAND, 0)
sizer_1.Add(sizer_2, 1, wx.EXPAND, 0)
# end wxGlade

# end of class MyFrame

class MyApp(wx.App):
def OnInit(self):
frame_1 = MyFrame(None, -1, “”)
return 1

# end of class MyApp

if __name__ == “__main__”:
app = MyApp(0)

##End Code


There is a lot to go over in this code, but due to the nature of the article I will only touch on a couple of highlights. Make sure you add the lines and functions that are commented in the code. The biggest part of this code is calling the executables you just created. As you can see, you used the subprocess module to spawn these processes. This allows you to connect to their input/output error pipes and obtain their return codes. The subprocess calls the executables in a specific directory, /home/$user/helpdesk. The client application must be installed in their home directory for this to work properly. You will use a installer to accomplish this, but I will get to this later.
Now that your python script is all finished, let’s copy it to the helpdesk/ directory. Then you are going to add a shortcut icon to the application for the client. You may pick anything you like, just make sure it is somewhat reasonable in size. Move the shortcut icon into the helpdesk/ directory. While you are still in the helpdesk/ directory, make sure all files are executable. You now have all the key ingredients, so on to the installer.

I chose to use InstallJammer as the install method. InstallJammer is a multi-platform GUI installer designed to be completely cross-platform and function on most all versions of UNIX and Windows. You can use deb or rpm to install your newly created application, but I like the familiar look of InstallJammer for new Linux users. Download InstallJammer-1.2.13b4-Linux-x86-Install (this is the current release as of this writing). You will have to make sure it is executable, double click InstallJammer-1.2.13b4-Linux-x86-Install and follow the install instructions.installjammer

Now that InstallJammer is installed, you must create a new project. InstallJammer comes with a new project wizard.

install wizard

When you get to step 3 ,


make sure you use in Unix Application executable entry. You need to point the installer to the desktop shortcut icon. Under “Install User Interface” there is a section called “Install Panes and Actions” and click on it. There is a expandable section called “Action Groups” in the right view pane. Click on the plus sign and expand it. Now you will have a few other expandable sections. Expand “Finish Actions”, goto “Install Desktop Shortcut”. Insert the name of the icon you chose in the Icon Path entry [insert icon_entry.png].
Save your work and rebuild the application. Go ahead and test your install; a wizard should pop up to install helpdesk. When the wizard finishes, you should have the icon you chose on your desktop. Double click the icon and make sure the application loads. If nothing happens, check the permissions on the files. Also try launching the application from the command line to view any possible errors. If it loads fine from the command line but not the desktop shortcut, check to see if the /home/you/Desktop/helpdesk.desktop file is pointing to /home/you/helpdesk/ Ok, now you have a working install package ready to distribute to your clients. The executable binary is located under /home/you/InstallJammerProjects/helpdesk/output. Copy the file to a ftp or web server for easy download.

There is but one more thing to do, that is test it. We are going to call our test subjects client and server. You will have the test client install the newly created install package. After that is finished go into the helpdesk_server/ directory. At the command line you will type:
./stunnel stunnel.cfg &
Then type:
xvncviewer -listen
Now the server has started stunnel and is listening for any reverse vnc connections. You can now tell the client user to double click the shortcut on their desktop, and then push the connect button on the application. On the server side you will see a lot of output start scrolling down in the terminal, this is from x11vnc. A Xvnc window will pop up with the client’s desktop in it and now you have full control over the client’s computer. You can now give them full support while in the comfort of your own home. When you are done, you can close the connection by clicking on the exit on the helpdesk application on the clients desktop. This will ensure that there is not any stunnel or x11vnc processes left running.

Possible Problems:
If the clients machine has desktop wallpaper that has extravagant images, you can add some options to x11vnc to boost performance. One is to set the desktop wallpaper of the client to a solid color. X11vnc has the -solid [color] option that will speed up performance. The [color] flag is optional, the default color it will use if none is given is cyan4. You can read more of these option at x11vnc’s website. If for some reason there is no connection, try looking in the output of x11vnc on the server side terminal for any clues. Check the ip address you entered in the stunnel.conf file and make sure you have the ports correct for stunnel to make a connection. Also, make sure your client is not blocking outgoing ports; I spent a lot of wasted time before checking that they had custom outgoing firewall rules blocking everything. If you run into a problem just drop me an email and I will do my best to help you.

I hope that this brief(kind of)  solution will make your job easier when lending your expertise to the newly converted. If you run into any problems, please drop me an email.

Good luck