X display manager (program type)

Last updated May 22, 2019

In the X Window System, an X display manager is a graphical login manager which starts a session on an X server from the same or another computer.

X Window System windowing system for bitmap displays on UNIX-like systems

The X Window System is a windowing system for bitmap displays, common on Unix-like operating systems.

A login manager is a login system for Unix and Unix-like operating systems. It comprises a login daemon, a login user interface, and a system for tracking login sessions. When a user tries to log in, the login manager passes the user's credentials to an authentication system.

In computing, a login session is the period of activity between a user logging in and logging out of a (multi-user) system.

A password, sometimes called a passcode, is a memorized secret used to confirm the identity of a user. Using the terminology of the NIST Digital Identity Guidelines, the secret is memorized by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol, the verifier is able to infer the claimant’s identity.

When the display manager runs on the user's computer, it starts the X server before presenting the user the login screen, optionally repeating when the user logs out. In this condition, the DM realizes in the X Window System the functionality of getty and login on character-mode terminals. When the display manager runs on a remote computer, it acts like a telnet server, requesting username and password and starting a remote session.

getty, short for "get tty", is a Unix program running on a host computer that manages physical or virtual terminals (TTYs). When it detects a connection, it prompts for a username and runs the 'login' program to authenticate the user.

A computer terminal is an electronic or electromechanical hardware device that is used for entering data into, and displaying or printing data from, a computer or a computing system. The teletype was an example of an early day hardcopy terminal, and predated the use of a computer screen by decades.

Telnet is a protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. User data is interspersed in-band with Telnet control information in an 8-bit byte oriented data connection over the Transmission Control Protocol (TCP).

X11 Release 3 introduced display managers in October 1988 with the aim of supporting the standalone X terminals, just coming onto the market. Various display managers continue in routine use to provide a graphical login prompt on standalone computer workstations running X. X11R4 introduced the X Display Manager Control Protocol (XDMCP) in December 1989 to fix problems in the X11R3 implementation.

In computing, an X terminal is a display/input terminal for X Window System client applications. X terminals enjoyed a period of popularity in the early 1990s when they offered a lower total cost of ownership alternative to a full Unix workstation.

Local and remote display management

A display manager can run on the same computer where the user sits—starting one or more X servers, displaying the login screen at the beginning and (optionally) every time the user logs out—or on a remote one, working according to the XDMCP protocol.

The XDMCP protocol mandates that the X server starts autonomously and connects to the display manager. In the X Window System paradigm, the server runs on the computer providing the display and input devices. A server can connect, using the XDMCP protocol, to a display manager running on another computer, requesting it to start the session. In this case, the X server acts as a graphical telnet client while the display manager acts like a telnet server: users start programs from the computer running the display manager, while their input and output take place on the computer where the server (and the user) sits.

An administrator can typically configure an XDMCP Chooser program running on the local computer or X terminal to connect to a specific host's X display manager or to display a list of suitable hosts that the user can choose from. Most implementations enable such a list to contain:

a predefined set of hosts and their respective network addresses, and/or
a set of hosts (on the local TCP/IP subnet) that the XDMCP Chooser determines by a network broadcast to the available display managers.

When the user selects a host from the list, the XDMCP Chooser running on the local machine will send a message to the selected remote computer's display manager and instruct it to connect the X server on the local computer or terminal.

X Display Manager Control Protocol

The X Display Manager Control Protocol uses UDP port 177. An X server requests that a display manager start a session by sending a Query packet. If the display manager allows access for that X server, it responds by sending a Willing packet back to the X server. (The X server can also send BroadcastQuery or IndirectQuery packets to start a session - this mechanism for requesting a session resembles using DHCP to request an IP address.)

In computer networking, the User Datagram Protocol (UDP) is one of the core members of the Internet protocol suite. The protocol was designed by David P. Reed in 1980 and formally defined in RFC 768. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network. Prior communications are not required in order to set up communication channels or data paths.

The display manager must authenticate itself to the server. To do this the X server sends a Request packet to the display manager, which returns an Accept packet. If the Accept packet contains the response the X server expects, the display manager is authenticated. Producing the correct response might require the display manager to have access to a secret key, for example. If authentication succeeds, the X server sends a Manage packet to inform the display manager. Then the display manager displays its login screen by connecting to the X server as a regular X client.

During the session, the server can send KeepAlive packets to the display manager at intervals. If the display manager fails to respond with an Alive packet within a certain time, the X server presumes that the display manager has ceased running, and can terminate the connection.

One problem with XDMCP is that, similarly to telnet, the authentication takes place unencrypted. If snooping is possible, this leaves the system vulnerable to attack. It is more secure to use an ssh tunnel for X traffic.^[1]

History

XDM (the X Window Display Manager) originated in X11R3. This first version, written by Keith Packard of the MIT X Consortium, had several limitations, the most notable of which was that it could not detect when users switched X terminals off and on. In X11R3, XDM only knew about an X terminal from its entry in the Xservers file, but XDM only consulted this file when it started. Thus every time a user switched a terminal off and on, the system administrator had to send a SIGHUP signal to XDM to instruct it to rescan Xservers.

XDMCP arrived with the introduction of X11R4 (December 1989). With XDMCP, the X server must actively request a display manager connection from the host. An X server using XDMCP therefore no longer requires an entry in Xservers.

Some implementations

The X Window System supplies XDM as its standard display manager. Programmers have developed other X display managers, both commercial and free, offering additional functionality over the basic display management:

Active

SDDM, the successor of the KDM, written in C++11, theming via QML
GDM (part of GNOME)
LightDM, a lightweight, modular, cross-desktop, fully themeable desktop display manager by Canonical Ltd.

Inactive

KDM (part of KDE) allows the user to graphically select a window manager or desktop environment in the login screen
Qingy ultralight and very configurable graphical login independent on X Window (uses DirectFB)
XDM-OPTIONS for XDM. Easy full install, Xhost Phonebook, X Login, X Desktop Chooser, menu-reconfig, repair utils.
LDM, the (remote) Display Manager of the Linux Terminal Server Project
MDM, a graphical display manager developed for Linux Mint.
dtlogin (shipped with CDE)
scologin (provided by SCO Open Desktop) also checks for expired passwords and performs some administrative tasks
WINGs Display Manager (using the WINGs widget-set used in Window Maker)
entranced/entrance (employs the architecture used in Enlightenment v.17, on hiatus since 2005)
LXDM, a lightweight display manager, part of LXDE, cross-desktop, fully themeable
SLiM, an independent login manager.
CDM, an ultralight Console Display Manager for Unix
xlogin, X Window login with separate XDMCP server
Enter, a lightweight graphical login manager
Orthos, another lightweight solution with very configurable animated themes that use OpenGL only
nodm, auto-login display manager for systems like kiosks, appliances and mobile phones

On some Unix distributions, the default display manager is selected in file $PREFIX/etc/X11/default-display-manager.

Sources

XDMCP specification, from the X.Org release documentation
XDM manual page (XFree86.org)
Linda Mui and Eric Pearce, X Window System Volume 8: X Window System Administrator's Guide for X11 Release 4 and Release 5, 3rd edition (O'Reilly and Associates, July 1993; softcover ISBN 0-937175-83-8)

Related Research Articles

The File Transfer Protocol (FTP) is a standard network protocol used for the transfer of computer files between a client and server on a computer network.

XDM is the default display manager for the X Window System. It is a bare-bones X display manager. It was introduced with X11 Release 3 in October 1988, to support the standalone X terminals that were just coming onto the market. It was written by Keith Packard.

GNOME Display Manager (GDM) is a display manager for the windowing systems X11 and Wayland.

In computing, Virtual Network Computing (VNC) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse events from one computer to another, relaying the graphical-screen updates back in the other direction, over a network.

Fast user switching is a feature, i.e. a term for some rather loosely specified functionality, of a multi-user operating system. It allows users to switch between user accounts on a single computer without quitting applications and logging out.

Cygwin/X X server for Windows and the namesake Unix subsystem

Cygwin/X is an implementation of the X Window System that runs under Microsoft Windows. It is part of the Cygwin project, and is installed using Cygwin's standard setup system. Cygwin/X is free software, licensed under the X11 License.

The Berkeley r-commands are a suite of computer programs designed to enable users of one Unix system to log in or issue commands to another Unix computer via TCP/IP computer network. The r-commands were developed in 1982 by the Computer Systems Research Group at the University of California, Berkeley, based on an early implementation of TCP/IP.

Linux Terminal Server Project (LTSP) is a free and open source terminal server for Linux that allows many people to simultaneously use the same computer. Applications run on the server with a terminal known as a thin client handling input and output. Generally, terminals are low-powered, lack a hard disk and are quieter and more reliable than desktop computers because they do not have any moving parts.

NX technology, commonly known as NX, is a proprietary suite of products for desktop virtualization and application delivery for servers and client software, developed by the Luxembourg-based company NoMachine.

In computing, the X Window System is a network-transparent windowing system for bitmap displays. This article details the protocols and technical structure of X11.

Remote administration refers to any method of controlling a computer from a remote location.

Thinstation is a free and open source Linux implementation of a thin client operating system. It only requires standard 32-bit x86 PC hardware and can boot directly from the network via PXE or Etherboot from a TFTP server, or from local devices such as Hard disks, CompactFlash drives, USB keyrings and CD/DVDs. The minimum requirement is an i686 class CPU and RAM dependent on the intended use, typically 64–256 MB.

This page is a comparison of remote desktop software available for various platforms.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to take control of a remote computer or virtual machine over a network connection. RDS is Microsoft's implementation of thin client, where Windows software, and the entire desktop of the computer running RDS, are made accessible to a remote client machine that supports Remote Desktop Protocol (RDP). With RDS, only software user interfaces are transferred to the client system. All input from the client system is transmitted to the server, where software execution takes place. This is in contrast to application streaming systems, like Microsoft App-V, in which computer programs are streamed to the client on-demand and executed on the client machine.

GraphOn GO-Global is remote access/application publishing software that allows users to access and run Windows, Linux, and UNIX applications installed on a central server. GO-Global displays the application's user interface on personal computers and other client devices running a variety of operating systems, including UNIX, Linux, Mac OS X, Windows, Windows Mobile, and Pocket PC. GO-Global can be used to Web-enable existing applications without the need to modify existing code. Applications appear on the client device either in a Web browser or within a loose window on the desktop.

In computing, SPICE is a remote-display system built for virtual environments which allows users to view a computing "desktop" environment – not only on its computer-server machine, but also from anywhere on the Internet – using a wide variety of machine architectures.

The Linux console is a system console internal to the Linux kernel. The Linux console provides a way for the kernel and other processes to send text output to the user, and to receive text input from the user. The user typically enters text with a computer keyboard and reads the output text on a computer monitor. The Linux kernel supports virtual consoles - consoles that are logically separate, but which access the same physical keyboard and display. The Linux console are implemented by the VT subsystem of the Linux kernel, and do not rely on any user space software. This is in contrast to a terminal emulator, which is a user space process that emulates a terminal, and is typically used in a graphical display environment.

A terminal multiplexer is a software application that can be used to multiplex several separate pseudoterminal-based login sessions inside a single terminal display, terminal emulator window, PC/workstation system console, or remote login session, or to detach and reattach sessions from a terminal. It is useful for dealing with multiple programs from a command line interface, and for separating programs from the session of the Unix shell that started the program, particularly so a remote process continues running even when the user is disconnected.

References

↑ http://www.gnome.org/projects/gdm/docs/2.14/security.html

External links

Linux XDMCP HOWTO
Taming The X Display Manager
The X Display Manager, from the FreeBSD Handbook
Linux login with a Windows box and XDMCP A guide to logging into linux using windows.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] ttp://www.gnome.org/projects/gdm/docs/2.14/security.html