3

I was reading https://security.stackexchange.com/questions/120612/x-windows-security-vnc-and-x-server-vs-xpra. In the following scenarios, what protocols are encapsulated i.e. above what protocols?

  1. When using ssh -X, is X protocol right above SSH protocol (which is then right above TCP protocol)? Does x client run on remote host and x server run on local host?

  2. When using VNC without SSH, is X protocol right above VNC (i.e. RFB) protocol, which is then right above TCP protocol? Or do both x client and x server run on the remote host, and VNC protocol only transfer the snapshot of the remote desktop to the local host?

    When using VNC with SSH, is X protocol right above VNC (i.e. RFB) protocol, which is then right above SSH protocol (which is then right above TCP protocol)?

  3. When using xpra without SSH, is X protocol right above TCP protocol? Does x client run on remote host and x server run on local host?

    xpra can also forward the whole desktop, does it work like VNC protocol in that both X client and X server run on the remote host?

    When using xpra with SSH, is X protocol right above SSH protocol (which is then right above TCP protocol)?

  4. Is the difference between xpra and VNC just that xpra implements exactly X protocol, while VNC implements exactly VNC protocol and needs to work with external X protocol? What is really the benefit of having VNC protocol then?

Thanks.

Tim
  • 98,580
  • 191
  • 570
  • 977

1 Answers1

5

  1. Pretty much, yes; the X11 protocol is encapsulated in SSH. The client runs on the remote system, the server runs on the local system.

  2. With VNC, only VNC traffic goes over the network (optionally encapsulated, e.g. using SSH). The X server runs remotely, and the VNC client connects to the VNC server which connects to the X server (or is the X server). X clients can run anywhere as long as they can connect to the X server; typically they’re on the same, remote, system.

  3. Xpra implements its own protocol, it doesn’t forward X11. The situation is identical to VNC. (Xpra can also export a display using HTML5.)

  4. See above. The differences between Xpra and VNC include that Xpra supports rootless windows (i.e. it can export a single window), provides more control over the display... VNC has been around for longer than Xpra (1998 v. 2008), is supported natively by tools such as QEMU, and has clients available for more platforms than Xpra. Both can export displays from a variety of systems (X11, Windows, macOS).

Stephen Kitt
  • 411,918
  • 54
  • 1,065
  • 1,164
  • Thanks. I remember xpra is a X server (https://en.wikipedia.org/wiki/Xpra). so does it implement X protocol besides its own protocol? How doess its own implementation of X protocol work and shouldn't x client run on remote and X server (i.e. xpra) run on local? Any difference between xpra used for forwarding the entire desktop and used only for starting a remote X client? – Tim Mar 11 '19 at 19:33
  • 1
    Yes, it implements both protocols: it’s an X11 server for X11 clients (the applications which you want to see), and an Xpra server for Xpra clients. The Xpra protocol isn’t an implementation of X11. The Xpra server typically runs remotely, but it doesn’t have to; however all the X clients have to be able to connect to it (potentially encapsulated). There’s not much difference between forwarding a complete desktop and a single window; could you be more specific? – Stephen Kitt Mar 11 '19 at 19:43
  • 1
    The above isn’t quite right, Xpra doesn’t implement X11 itself, it uses Xvfb as X11 server. – Stephen Kitt Mar 11 '19 at 19:50
  • Thanks. I have some trouble picturing a diagram of x clients, x server, xpra, and protocols between them, which I guess is the reason that I don't know why my xpra command fails (https://unix.stackexchange.com/questions/505699/problem-of-starting-a-gui-application-on-a-remote-linux-computer-using-xpra)? – Tim Mar 11 '19 at 19:52
  • I was wondering if I am too slow to figure out https://unix.stackexchange.com/questions/505699/problem-of-starting-a-gui-application-on-a-remote-linux-computer-using-xpra, and just give up – Tim Mar 12 '19 at 12:30
  • @Tim the relationship is basically the same as Xrpa client to Xrpa server. Only when Xrpa server sees a plain old X client connects, the Xrpa server will handle that seemlessly (by using Xvfb instead under the hood). So it can connect from anywhere that X clients can and it can be served anywhere X servers can. – That Realtor Programmer Guy Aug 20 '22 at 08:20