X Display Manager Control Protocol (XDMCP)

XDMCP is a #202206151238 protocol that used by #202205051624 that allow local or remote access to the X server. The server itself will run on the user side whereas the client will run remotely if it isn’t a local machine.

We can choose the so-called 202205182153#, formally XDMCP server, by changing the variable DISPLAYMANAGER defined in the directory /etc/sysconfig or the SysV, Upstart or Systemd script (Debian and Arch). Depending on the Linux distro, this variable could be found and/or defined in the file desktop (Fedora) or displaymanager (openSUSE). The variable can be either the executable file that start up the server (Fedora) or the name of that server (openSUSE). These servers are listed below:

Upon local access, the server will run the X server directly in the local machine. For remote access, it will instead use the XDMCP protocol to deliver to GUI session to the client following the permission configured in the server system. We need to run the command xhost +{client} on the server in order to connect the specified client which later we will export the variable DISPLAY to the client’s shell as {server}:0.0 to direct the GUI of program to the server. Closing such connection can be done by running xhost -{client}.

Since XDMCP doesn’t primarily concern with encryption of its protocol, this could be a security risk. Therefore, instead of using xhost, one can utilise the 202203221227# for XDMCP by using the option -X or -Y (-X is arguably more secure except for Debian) or setting options in 202205191924#. When using this method, it is not necessary to change the setting on the 202205182153#.

The alternative to XDMCP model is 202205201001# where not only #windows or #macos computer is able to connect to 202204081225 computer, but the reverse is also true.

Links to this page
  • startx

    If there is trouble on remotely connecting to an X client using #202205182136, remove the option -nolisten tcp from the script file.

  • openSUSE

    To avoid problem upon connection to 202205182136 client, set the variable DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN to yes in the file /etc/sysconfig/displaymanager.

  • X Window System

    For remote access to the X server, it implements 202205182136# which listen to port 177. Usually, #202204081225 distro will provide a 202205182153# for login. You can run programs in GUI even in remote by using the protocol.

  • X Display Manager (XDM)

    The example configuration above indicates that the domain social.linux.pizza can connect to the XDM and request a chooser (a display of local systems that accept #202205182136). littleclover.com otherwise can only connect to the XDM.

    XDM is a #202205182153 available in 202204081225. All configuration files can be found in the directory /etc/X11/xdm. xdm-config is the main configuration file where the variable DisplayManager.requestPort could be set to 0 to disable remote access or 177 which is the port to listen for connection. The file Xaccess is used to restrict the access to the #202205182136 server. The following shows the example:

  • Virtual Network Computing (VNC)

    VNC is a graphical desktop-sharing system that could be used cross-platform (202204081225, #windows, #macos). It uses the protocol Remote Frame Buffer protocol (RFB) for the connection. The server reside on the computer that the user want to access where the user is sat on the client side. The role is reversed in contrast to #202205182136 model.

  • SSH Tunnelling

    -X or -Y could be used to tunnel the #X Display Manager Control Protocol (XDMCP). The first is usually the more secure option than the latter except in case of Debian. You can change the default behaviour of SSH by modifying SSH Configuration where you can omit the option.

  • SSH Configuration

    To allow #202205182136 #202203221227 by default, set ForwardX11 or ForwardX11Trusted (less secure) to yes in the config file on the client side and X11Forwarding to yes on the server side. This is corresponded to the -X and -Y option.

  • KDE Display Manager (KDM)

    To enable remote access to the #202205182136 server, set Enable to true in the section [Xdmcp]. If there is an error upon remote connection to the client, try to find a line of command that contains -nolisten tcp and remove it.

  • GNOME Display Manager (GDM)

    To enable remote access to the #202205182136, set the option enable to yes in the section [xdmcp] in the configuration file. If it appears to have errors upon connecting to the client, change DisallowTCP from true to false for older version or add in the line DisallowTCP=false under the section [security].

  • Display Manager

    Display manager is a #202205182136 server that deliver GUI login session to the user. The following shows several display managers available in 202204081225:

  • Application Layer
#linux #networking #windows #macos