Since I have found some issues with my previous LXQT setup in real-life work I decided to fall back to standard Lubuntu for my cloud desktop. As part of this I also switched to TightVNC which seems a lot easier to configure.
Add local user account
adduser USERNAME sudo
Install Lubuntu Desktop
sudo apt-get install --no-install-recommends lubuntu-desktop tightvncserver
sudo vim /etc/lightdm/lightdm.conf
# VNC Server configuration
# enabled = True if VNC connections should be allowed
# port = TCP/IP port to listen for connections on
sudo /etc/init.d/lightdm restart
Connect to the remote system
ssh -L 5900:localhost:5900 -i /path/to/your/aws/keyfile.pem YOUR.EC2.IP.ADDRESS
If you are using a Chromebook then this article might help.
One of the main reasons for setting up a cloud desktop is that I tend to use a lot of different devices some of which are not very powerful.
One of my favorite devices of late has been a HP 11 Chromebook. I originally bought it for a new employee and wanted to check myself how this thing stacks up to do day-to-day computing tasks more efficiently than a standard laptop without all the headaches of running Windows (viruses, endless driver installs, bloatware, malware, …). We already have several people at work working exclusively from Chromebooks and they absolutely love them. Long story short – I ended up keeping the Chromebook for myself as it’s an absolutely great secondary device for me. I can carry it with me everywhere (doesn’t weigh much more than a tablet, roughly the same size as a tablet & has a keyboard and is so much more useful than a tablet).
Initially I was using it more as a secondary device, but lately I have been thinking that I will not even take my main notebook at all for travels. The problem with this is that I do (sometimes – very infrequently) need access to software not available on such a limited device.
Accessing your Cloud Desktop via SSH (I know there seem to be people allowing direct VNC access – but that is just asking for trouble) is highly recommended. I also use RSA keys instead of password authentication.
Copy SSH Private Key (generated on desktop and public key added to authorized_keys on the cloud-server) to the Chromebook,
Unfortunately (unless you want to set you Chromebook into developer mode which has all sorts of other downsides) the inbuilt CROSH shell is very limited. However it gives you enough to securely connect to a cloud-server and you can use the whole tool-set from there
ssh> host example.com
ssh> user <username>
ssh> key <rsa_key_filename>
ssh> forward 8000:localhost:5901
You can now use the RealVNC Chrome App to connect to your cloud desktop.
EDIT (2014-11-10): Found a better Chrome Extension which can handle the port forwarding and RSA certificate authentication which will save the config without having to type the commands each time.
Chrome Secure Shell
For roaming mobile clients PPTP (Point-to-Point Tunneling Protocol) is still the quickest way to get VPN connections to tunnel traffic over a secure link.
I always prefer installation via a yum repository as this will ensure patches are applied during regular system updates
sudo rpm --import http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP
sudo rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
sudo yum install ppp pptpd -y
Note: replace $USERNAME and $PASSWORD with actual values
echo "localip 192.168.0.1" >> /etc/pptpd.conf
echo "remoteip 192.168.0.100-199" >> /etc/pptpd.conf
echo "ms-dns 22.214.171.124" >> /etc/ppp/options.pptpd
echo "ms-dns 126.96.36.199" >> /etc/ppp/options.pptpd
echo "$USERNAME pptpd $PASSWORD *" >> /etc/ppp/chap-secrets
service iptables start
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" >> /etc/rc.local
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
service iptables restart
service iptables save
chkconfig iptables on
chkconfig pptpd on
service pptpd start