How to start a Chrome Remote Desktop session on Linux

From UConn PAN
Jump to navigation Jump to search

Google's chrome browser has a pretty good remote desktop application for chromebooks called "Chrome Remote Desktop" (CRD). CRD supports persistent sessions to Windows and Mac hosts, but for Linux hosts it has to be reconfigured on a per-connection basis. To set up a CRD session on Linux, you first need to have a remote desktop session already open (eg. VNC) in order to open a chrome browser and start the CRD host session. It then gives you a 12 digit access code to type into the CRD client (eg. on the chromebook) to complete the connection. That access code only lasts for the duration of a single connection; any interruption and you are back to square one. This frequently provokes a chicken-and-egg situation, where one needs to have a remote connection to start one.

Here I provide a work-around that should make it easy and safe. It works by requiring the user to connect first to the host using ssh and run a script called chromote.sh (provided below). The chromote.sh script automatically opens a chrome browser in the user's (still invisible) X11 display on the Linux host, starts the CRD service, and prints the access code to the ssh terminal. One swipe of the mouse and a paste into the CRD client access code field, and the connection is complete. This is really no more work that what we used to do with Windows laptops, first creating a secure tunnel over ssh and then connecting the vnc client over the tunnel. In the case of CRD, one is relying on the secure sockets layer (https) to provide the same level of security of the session data as was provided by the ssh tunnel.

WARNING - that access code is pretty much a key to your system, especially if you have sudo privs, so do not run this script over an unprotected connection, eg. telnet.

The chromote.sh script

Download link: chromote.sh

Feedback: Richard Jones

Synopsis:

$ chromote.sh [--calibrate] <X11_display>
where <X11_display> is the value of the DISPLAY environment variable that you would use to route X11 windows to the desired display.
The script should work out-of-the-box for most users. The --calibrate option offers an interactive procedure to recompute all of the offsets to various form elements within the chrome browser window that must be automatically entered in order to set up the remote session. If google changes the layout of the CRD startup page, then a recalibration will be required.

Installation:

Download the above script, rename it to chromote.sh, and place it somewhere in your path, eg. ~/bin. Give it execute privs with a command like "chmod +x ~/bin/chromote.sh". The script assumes that the following standard tools are already installed on your system. If not, there are rpms (or install scripts in the case of chrome) available for a wide variety of linux flavours.
  1. chrome (tested with v. 28.0.1500.71)
  2. xdotool (tested with v. 20090815-1.fc12.x86_64)
  3. xclip (tested with v. 0.12-1)
Development and testing were carried out on a Centos 6.4 host.

Bugs:

  1. So far, no work-around for the problem of users with automatic screen locking configured. When the session locks up, there is no way to get in and start the remote session until the lock is released. Suggestions are welcome. Having the users enter their password and then passing it to the lockscreen gui through a command line tool like xdotool seems indefensible security-wise. Better to turn off screen locking.