[root tip] [How To] Remote Desktop with Plasma Wayland

Contributions Tutorials
, , ,
1

Plasma Wayland and Remote Desktop

What is Wayland

Wayland is a communication protocol that specifies the communication between a display server and its clients, as well as a C library implementation of that protocol. A display server using the Wayland protocol is called a Wayland compositor because it additionally performs the task of a compositing window manager.

Wikipedia - Wayland (protocol)

Plasma Wayland

With Plasma 6.4, KDE changed their default from x11 to wayland protocol.

In layman’s terms: Wayland protocol prioritise security over convenience.

This affects many things from keyboard and mouse input to grabbing the entire screen for sharing it over the network.

Because of this priority - well known methods used to access and control remote systems will not work on systems using the Wayland protocol.

Remote Desktop

During my research I have learnt of two methods to remotely control a Plasma system using Wayland. Actually there is three but rustdesk is barely doable, I am sure some very capable developers is working on it.

Prerequisites

Ensure the vulkan driver is installed for your gpu e.g. vulkan-intel for Intel based systems.

Both methods uses SSH as transport tunnel and therefore the remote host need an active SSH daemon which is properly secured, preferably to accept only key-based connections.

:warning: NEVER allow root login using password

Please see the topic Set up your own SSH service for a HowTo guide on setting up the remote system properly configured with key-file access.

Method 1 - unattended - waypipe

waypipe is a proxy for Wayland[0] clients. It forwards Wayland messages and serializes changes to shared memory buffers over a single socket.

GitHub - neonkore/waypipe: waypipe is a proxy for Wayland[0] clients

Install waypipe on both systems.

Creating a remote desktop session is as simple as

waypipe --unlink-socket ssh -i ~/.ssh/<identity> <user>@<host> startplasma-wayland

Make sure you don’t leave without saving your work because the --unlink-socket argument will close the remote session.

If you omit --unlink-socket the session will continue - but you will not be able to reconnect. Perhaps there is a way around this, I have not found it yet. If you know how you can reconnect to the existing socket - please let me know.

Method 2 - attended - RDP

See KDE/krdp repo at github

Plasma provides a package krdpserver which makes it possible to create a sock-puppet connection to an active user’s session.

It can not be stressed enough that you can only create a Remote Desktop IF the remote session has a signed-in user.

If you have SSH access to a remote system - you can use the above waypipe method to create the user session (if you know username and password) - from there you can configure the client to accept RDP connection.

Configure the remote system’s named user account by navigating to System SettingsRemote Desktop.

You will see a section, Additional Users. Click the Add New… and enter a username and password. These credentials will be used when connecting to session.

If you are on LAN then the only thing left is to click the Enable RDP server.

You can use any client that suits your workflow to connect the desktop, remember - you can only connect if the named user’s session is active.

RDP connection using SSH loopback

If the system is far away it will be wise only access the remote system by means of a tunnel. Which type of tunnel depends on your requirements.

The obvious choice is to use SSH as transport tunnel and Remmina is a well-established RDP client.

To configure a Remmina client to connect to an active Plasma Wayland session,

  • Configure a new rdp
  • Enter remote address or hostname in Server field
  • Enter the rdp username in Username field
  • Click on the SSH tunnel tab, click Enable SSH tunnel and select the Tunnel via loopback address
  • Scroll down to Authencation
  • Enter the username for the tunnel (it must be done for the profile as you are only allowed to input the passphrase)
  • Select authentication type, each of which will require different prerequsites
  • If you created a keyfile - point the profile to the SSH private keyfile

Finally Click the Save and Connect button.

Conclusion

The options each has their pros and cons but used with respect to their limitations, they can be effective tools for remote administration, troubleshooting or user support.

Questions or Improvments

Please create a new topic and link to this guide.

https://forum.manjaro.org/t/184566

See also

4 Likes