On 2016-01-16, Daniel Frey <djqf...@gmail.com> wrote: > I would use VPN + an X server that can spawn sessions on demand. This > way it all stays internal on the work network.
One caveat: the way X11 was intended to work in this situation is that you run the X11 clients on the secure machine in the office, and run the X11 server on the remote machine in the worker's home. But, in my experience, it's been decades since remote X sessions could be used for anything other than xterms and emacs. All the "modern" GUI toolkits (GTK, Qt, etc.) have been designed with the assumption that the X11 server and client are co-resident on the same machine. Even the most trivial operations in those toolkits involve so many round-trips between server and client that there's an intolerable multi-second latency over a WAN connection (these days it barely works though a 100M LAN). It's a shame, because that used to be one of the big wins in the X11 architecture. OTOH, there are other remote desktop options that work much better. > I do something similar at work for our Windows clients, it was > simple to set up there. > > I've set up my home server to act as a Windows-type terminal server > using X and tigervnc. OK, there you're running the X server and client on the same machine, but the server is using VNC to display remotely. That works. Just don't try to do it the "right" way -- the way X was intended to work. > It actually works well, but I never got into multiuser and dealing > with logon scripts and the like (you may or may not need this to > deal with user documents and the like.) -- Grant
