| technology | system admin - Jon Welling
Linux Remote Desktop Protocols: Compared
Remote systems administration is a requirement for any IT administrator. Servers are rarely sitting next to an IT admins desk. Even if they were, most people can't fit that many keyboards, mice, and monitors in their cubicle. So, they need a way to perform administrative tasks on these systems remotely. That’s why remote desktop protocols are essential to learn and master.
Windows systems are easy to remotely manage. Windows has RDP (remote desktop protocol) built-in. Linux systems, however, can be more complicated to manage remotely – especially if you need a GUI interface. So, let's discuss various Linux remote desktop protocols, what the difference is between them, and which one works best for different use cases.
Protocols vs Clients: A Disclaimer
Before we dive into the rest of this article, let's define something. We are going to be discussing protocols themselves. These are things like SSH and RDP. Though clients will be mentioned, they will not be discussed in detail. They are only mentioned as methods to use the protocols discussed below.
Secure Shell Protocol (SSH)
SSH stands for secure shell protocol. It's most used with administering Unix-like systems. That includes Linux. Windows 10 natively supports SSH now, too.
SSH is a replacement remote connection tool for Telnet and Rlogin. Both Telnet and Rlogin were widely used before the mid-'90s (when SSH-1 was first created), but both suffered a severe flaw. Both protocols sent information in plain text including passwords. Obviously, this isn't the most secure means of communication. So, in 1995, Tatu TLonen created SSH-1, a remote encrypted communication method, after his university suffered a password-sniffing attack.
Later, in 2006, the IETF adopted SSH2 as a standard. SSH2 included new features and better security over SSH1 like Diffie-Helman key exchange for encryption and stronger integrity checking. SSH2 is not compatible with SSH1 though both use port 22 for communication.
Because SSH is an encrypted connection, it can use either a password authentication scheme or public and private keys. SSH also supports tunneling as well.
SSH is typically used via the command line for remote administration. This is especially true for cloud services. SSH is the preferred method of communication and administration for remote, virtualized environments in the cloud. SSH does support X11 GUI environments (common with Linux) as well, though extra steps are required to make GUI connections work properly.
SSH is a versatile protocol, so it has lots of clients that can use it. Both Linux, Mac OS, and Windows 10 have SSH clients built-in, but other clients are available, too:
- Remmina (Supports SSH, RDP, VNC, and more) – Linux
- Termius – Linux, Windows, Mac OS
- PuTTY – Linux, Windows, Mac OS
Virtual Network Computing (VNC)
VNC stands for virtual network computing. It's a protocol built on top of the remote frame buffer protocol used for remote administration and computer control with a graphical environment. One of the best features of VNC is that it is platform-independent despite it not being included with any OS by default.
VNC was originally created by a group of developers at the Olivetti and Oracle Research Lab, though the research arm of the lab was shut down in 2002 after AT&T purchased it. Several members of that research lab went on to create RealVNC, though. Both open-source and commercial variants of VNC have since been developed under the RealVNC business name since its inception.
VNC is a widely forked protocol, though RealVNC is considered VNC proper (the original and true version). Each variant of VNC is compatible with each other due to how extensible the remote frame buffer protocol is. Clients and servers negotiate which features are compatible with each other during the connection handshake when a new connection is established. If a client or server doesn't support a feature of a specific VNC variant, that feature is simply not used. Additional features can include things like file transfers or hardware graphics acceleration.
VNC clients include:
- RealVNC – (server and client) Linux, Windows, Mac OS
- TightVNC – (server and client) Linux, Windows
- UltraVNC – (server and client) Windows
- Remmina – (client only) Linux
2 More Linux Remote Desktop Protocols
The two protocols already discussed in this article (SSH and VNC) are the primary Linux remote desktop protocols used. That doesn't mean there aren't others, though. So, with that said, here are two more commercial tools that work great for remote desktop protocols for Linux.
TeamViewer is a well-known remote desktop application. Though TeamViewer uses protocols like VNC, they also implement their own secret sauce, too.
TeamViewer is free for personal use. Using TeamViewer in a commercial environment does require a paid license, though. TeamViewer is available for Linux, Windows, and Mac OS.
Parsec is a new remote desktop protocol. It's not very well known outside some media creation companies and gamers. Parsec gained more attention during the 2020 COVID-19 pandemic, though. As more companies were looking for work-at-home solutions, they needed a way for employees to access high-performance computers from home. Parsec offers exactly that.
Parsec is a remote desktop protocol that uses a computer's GPU to accelerate the remote connection. The remote connection is fast with a low enough latency that Parsec can be used for cloud gaming. In a commercial environment, it's more commonly used with workstations for things like video editing and 3D modeling. Other remote desktop protocols do not have the same graphical acceleration abilities that Parsec offers.
Parsec is available for Linux, Windows, and Mac OS.
Which Linux Remote Desktop Protocol to Use?
Each of the Linux remote desktop protocols mentioned in this post (SSH, VNC, TeamViewer, and Parsec) are best suited for different use case scenarios.
If you are working with a lot of Linux servers, whether they are local or in the cloud, SSH is going to be your go-to Linux remote desktop protocol. SSH is a very light but powerful remote administration tool. Though it can support remote GUI connections, it's commonly used with the command line. That makes SSH very fast to work with.
On the other hand, if you need that graphical environment, VNC might be the way to go. VNC is still a lightweight remote desktop protocol, but it does support streaming graphical interfaces. This isn't going to work so well in environments that are more network constrained, but it is the best choice when the GUI is needed. Likewise, if you are supporting a multi-OS environment, it may just be easier to use VNC because of VNC's ability to stream the GUI through a remote connection – something particularly useful for Windows and Mac OS.
SSH and VNC can be a pain to use as a tool when supporting end-users, though. VNC can be configured to work in a password-protected environment, but it requires some additional configuration. This is where TeamViewer shines. TeamViewer can be used to connect to multiple types of computer systems both locally and remotely. Likewise, it is very easy to use. Ease-of-use is a must for end-users. So, for organizations that need to support multi-OS environments and support end-users, TeamViewer is the best bet.
One word of caution with TeamViewer. A few years ago, TeamViewer suffered a major flaw where computer systems could be accessed without credentials. Though TeamViewer has since fixed this issue, it's worth noting. When properly configured, TeamViewer shouldn't pose any more security risks when compared to SSH or VNC.
Finally, Parsec is the perfect tool when you need to access a high-performance computer remotely. There simply isn't another viable choice. Some other businesses offer similar products, but they do not work as well. If you need to access a computer that needs graphical acceleration, Parsec is the way to go.