X display manager

Last updated

In the X Window System, an X display manager is a graphical login manager which starts a login session on an X server from the same or another computer.

Contents

A login screen shown by the SDDM display manager. Simple-desktop-display-manager.jpg
A login screen shown by the SDDM display manager.

A display manager presents the user with a login screen. A session starts when a user successfully enters a valid combination of username and password.

When the display manager runs on the user's computer, it starts the X server before presenting the user the login screen, optionally repeating when the user logs out. In this condition, the DM realizes in the X Window System the functionality of getty and login on character-mode terminals. When the display manager runs on a remote computer, it acts like a telnet server, requesting username and password and starting a remote session.

X11 Release 3 introduced display managers in October 1988 with the aim of supporting the standalone X terminals, just coming onto the market. Various display managers continue in routine use to provide a graphical login prompt on standalone computer workstations running X. X11R4 introduced the X Display Manager Control Protocol (XDMCP) in December 1989 to fix problems in the X11R3 implementation.

History

XDM (the X Window Display Manager) originated in X11R3. This first version, written by Keith Packard of the MIT X Consortium, had several limitations, the most notable of which was that it could not detect when users switched X terminals off and on. In X11R3, XDM only knew about an X terminal from its entry in the Xservers file, but XDM only consulted this file when it started. Thus every time a user switched a terminal off and on, the system administrator had to send a SIGHUP signal to XDM to instruct it to rescan Xservers.

XDMCP arrived with the introduction of X11R4 (December 1989). With XDMCP, the X server must actively request a display manager connection from the host. An X server using XDMCP therefore no longer requires an entry in Xservers.

Local and remote display management

A display manager can run on the same computer where the user sits—starting one or more X servers, displaying the login screen at the beginning and (optionally) every time the user logs out—or on a remote one, working according to the XDMCP protocol.

In the X Window System, the X server runs on the computer in front of the user. The X server may connect to a display manager running on another computer, starting a session which may comprise a variety of programs running on that other computer. Relative to X server the XDM is a client. See client-server separation in X11. Xserver and display manager.svg
In the X Window System, the X server runs on the computer in front of the user. The X server may connect to a display manager running on another computer, starting a session which may comprise a variety of programs running on that other computer. Relative to X server the XDM is a client. See client–server separation in X11.

The XDMCP protocol mandates that the X server starts autonomously and connects to the display manager. In the X Window System paradigm, the server runs on the computer providing the display and input devices. A server can connect, using the XDMCP protocol, to a display manager running on another computer, requesting it to start the session. In this case, the X server acts as a graphical telnet client while the display manager acts like a telnet server: users start programs from the computer running the display manager, while their input and output take place on the computer where the server (and the user) sits.

An administrator can typically configure an XDMCP Chooser program running on the local computer or X terminal to connect to a specific host's X display manager or to display a list of suitable hosts that the user can choose from. Most implementations enable such a list to contain:

  1. a predefined set of hosts and their respective network addresses, and/or
  2. a set of hosts (on the local TCP/IP subnet) that the XDMCP Chooser determines by a network broadcast to the available display managers.

When the user selects a host from the list, the XDMCP Chooser running on the local machine will send a message to the selected remote computer's display manager and instruct it to connect the X server on the local computer or terminal.

X Display Manager Control Protocol

The X Display Manager Control Protocol (XDMCP) uses UDP port 177. An X server requests that a display manager start a session by sending a Query packet. If the display manager allows access for that X server, it responds by sending a Willing packet back to the X server. (The X server can also send BroadcastQuery or IndirectQuery packets to start a session - this mechanism for requesting a session resembles using DHCP to request an IP address.)

The display manager must authenticate itself to the server. To do this the X server sends a Request packet to the display manager, which returns an Accept packet. If the Accept packet contains the response the X server expects, the display manager is authenticated. Producing the correct response might require the display manager to have access to a secret key, for example. If authentication succeeds, the X server sends a Manage packet to inform the display manager. Then the display manager displays its login screen by connecting to the X server as a regular X client.

During the session, the server can send KeepAlive packets to the display manager at intervals. If the display manager fails to respond with an Alive packet within a certain time, the X server presumes that the display manager has ceased running, and can terminate the connection.

Security

One problem with XDMCP is that, similarly to telnet, the authentication takes place unencrypted. If snooping is possible, this leaves the system vulnerable to attack. It is more secure to use an ssh tunnel for X traffic. [1]

Implementations

The X Window System supplies XDM as its standard display manager.

Programmers have developed other X display managers, both commercial and free, offering additional functionality over the basic display management:

Active

Inactive

On some Unix distributions, the default display manager is selected in file $PREFIX/etc/X11/default-display-manager.

See also

Sources

Related Research Articles

The Secure Shell (SSH) Protocol is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

Telnet is a client/server application protocol that provides access to virtual terminals of remote systems on local area networks or the Internet. It is a protocol for bidirectional 8-bit communications. Its main goal was to connect terminal devices and terminal-oriented processes.

<span class="mw-page-title-main">Terminal emulator</span> Program that emulates a video terminal

A terminal emulator, or terminal application, is a computer program that emulates a video terminal within some other display architecture. Though typically synonymous with a shell or text terminal, the term terminal covers all remote terminals, including graphical interfaces. A terminal emulator inside a graphical user interface is often called a terminal window.

<span class="mw-page-title-main">Windowing system</span> Software that manages separately different parts of display screens

In computing, a windowing system is a software suite that manages separately different parts of display screens. It is a type of graphical user interface (GUI) which implements the WIMP paradigm for a user interface.

<span class="mw-page-title-main">XDM (display manager)</span> Linux display manager

The X Display Manager (XDM) is the default display manager for the X Window System. It is a bare-bones X display manager. It was introduced with X11 Release 3 in October 1988, to support the standalone X terminals that were just coming onto the market. It was written by Keith Packard.

<span class="mw-page-title-main">GNOME Display Manager</span> Display manager for the windowing systems X11 and Wayland

GNOME Display Manager (GDM) is a display manager for the windowing systems X11 and Wayland.

Terminal Access Controller Access-Control System refers to a family of related protocols handling remote authentication and related services for network access control through a centralized server. The original TACACS protocol, which dates back to 1984, was used for communicating with an authentication server, common in older UNIX networks including but not limited to the ARPANET, MILNET and BBNNET. It spawned related protocols:

<span class="mw-page-title-main">VNC</span> Graphical desktop-sharing system

VNC is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse input from one computer to another, relaying the graphical-screen updates, over a network. Popular uses for this technology include remote technical support and accessing files on one's work computer from one's home computer, or vice versa.

freedesktop.org (fd.o), formerly X Desktop Group (XDG), is a project to work on interoperability and shared base technology for free-software desktop environments for the X Window System (X11) and Wayland on Linux and other Unix-like operating systems. Although freedesktop.org produces specifications for interoperability, it is not a formal standards body.

Cygwin/X is an implementation of the X Window System that runs under Microsoft Windows. It is part of the Cygwin project, and is installed using Cygwin's standard setup system. Cygwin/X is free software, licensed under the X11 License.

In computer science and networking in particular, a session is a time-delimited two-way link, a practical layer in the TCP/IP protocol enabling interactive expression and information exchange between two or more communication devices or ends – be they computers, automated systems, or live active users. A session is established at a certain point in time, and then ‘torn down’ - brought to an end - at some later point. An established communication session may involve more than one message in each direction. A session is typically stateful, meaning that at least one of the communicating parties needs to hold current state information and save information about the session history to be able to communicate, as opposed to stateless communication, where the communication consists of independent requests with responses.

Linux Terminal Server Project (LTSP) is a free and open-source terminal server for Linux that allows many people to simultaneously use the same computer. Applications run on the server with a terminal known as a thin client handling input and output. Generally, terminals are low-powered, lack a hard disk and are quieter and more reliable than desktop computers because they do not have any moving parts.

x11vnc is a Virtual Network Computing (VNC) server program. It allows remote access from a remote client to a computer hosting an X Window session and the x11vnc software, continuously polling the X server's frame buffer for changes. This allows the user to control their X11 desktop from a remote computer either on the user's own network, or from over the Internet as if the user were sitting in front of it. x11vnc can also poll non-X11 frame buffer devices, such as webcams or TV tuner cards, iPAQ, Neuros OSD, the Linux console, and the Mac OS X graphics display. x11vnc is part of the LibVNCServer project and is free software available under the GNU General Public License. x11vnc was written by Karl Runge.

NX technology, commonly known as NX or NoMachine, is a remote access and remote control computer software allowing remote desktop access and maintenance of computers. It is developed by the Luxembourg-based company NoMachine S.à r.l. NoMachine is proprietary software and is free-of-charge for non-commercial use.

In computing, the X Window System is a network-transparent windowing system for bitmap displays. This article details the protocols and technical structure of X11.

In the X Window System, programs run as X clients, and as such they connect to the X display server, possibly via a computer network. Since the network may be accessible to other users, a method for forbidding access to programs run by users different from the one who is logged in is necessary.

<span class="mw-page-title-main">Multiseat configuration</span> Single computer that supports multiple local users at the same time

A multiseat, multi-station or multiterminal system is a single computer which supports multiple independent local users at the same time.

This page is a comparison of notable remote desktop software available for various platforms.

Adaptive Internet Protocol (AIP) is a multi-channel protocol that allows an application running on any of multiple platforms to be displayed on any of a wide range of client systems. It supports rich remote display and input services with a number of display options to deliver the presentation of the remote applications onto the local display either as a standalone window, or within a contained remote environment delivered full-screen or in a standalone window. The protocol also supports audio, printing, and other device mapping services.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection. RDS was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition, a stand-alone edition of Windows NT 4.0 Server that allowed users to log in remotely. Starting with Windows 2000, it was integrated under the name of Terminal Services as an optional component in the server editions of the Windows NT family of operating systems, receiving updates and improvements with each version of Windows. Terminal Services were then renamed to Remote Desktop Services with Windows Server 2008 R2 in 2009.

References