Hi List, Our "X2Go: The Gathering 2019" participant Martti Pitkanen tried something out that I sadly couldn't try on my last flight with Finnair, due to some technical difficulties with the satellite uplink:
Starting an X2Go Desktop Session with a server on the ground while in mid-flight! And he even managed to record a video of it! Watch this: <https://www.youtube.com/watch?v=TlqVS60DNgQ&feature=youtu.be> The really impressive feat is that Martti is using the "browsing" internet package Finnair offers - which is marketed as "only good for Web browsing and E-Mail", rather than the more expensive "streaming" package. Finnair says they block streaming and VPN access on the "browsing" package, but - SSH works, and thus X2Go works as well. As you can see in Martti's video, the speed with which the screen gets updated is totally okay, too (especially considering that he is using Chrome Browser in the remote session, which isn't exactly fast over X2Go, even on a wired connection). This is a big advantage for Linux and X2Go compared to an RDP connection to a Windows machine - we don't need a separate VPN connection to make things safe (we can simply use 2FA via PAM, or an SSH keyfile + passphrase), so we're - allow me the pun - flying under Finnair's radar for VPN connections, and the small internet package is sufficient for X2Go. By the way, should Finnair choose to block SSH in the future, there are probably some ways around that as well. The easiest one is to switch the SSH port from 22 to 443 - if they're only blacklisting/whitelisting ports. 443 is https, and cheap firewall/proxy settings usually allow direct connections to that port without further inspection or MitM-proxying. The more complicated one would be running a web proxy on your remote machine that listens to outside connections on Port 443, but only allows CONNECT type requests to localhost on port 22 (and blocks everything else). Then you'd set up X2GoClient to use that web proxy in the session configuration. That way, the traffic should look like http/https traffic to any packet-inspecting firewall. Kind Regards, Stefan Baur -- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 _______________________________________________ x2go-project mailing list x2go-project@lists.x2go.org https://lists.x2go.org/listinfo/x2go-project
