XLiveCD: Cygwin and X For Windows On A Live CD

mallumax writes "OSnews is running a story on XliveCD which runs an X server (from X.org) from the CD using Cygwin. Also included are awk, sed, perl, vim, bash, grep, other text utilities, and most importantly an OpenSSH client. XliveCD is being developed by University Technology Services of Indiana University. Now you can carry Cygwin with you! I have been looking for something like this for a long time. Torrent link."

The point?

[Random+Data]

I was going to ask what the point was, given the number of Live CDs such as Knoppix, etc. Then I actually RTFA and they suggest it's for use in public access Windows boxes, where a reboot may not be available but running stuff from the CD is.

I still suspect VNC on a USB key or CD might be easier, and the difference between forwarding X and using VNC isn't that much in my experience.

Re:The point?

[fearlezz]

they suggest it's for use in public access Windows boxes

Great idea. There's only one problem with public access Windows boxes: they cannot be trusted. Public access machines may have keyloggers, backdoors and stuff. I don't want anyone to see my password because I login from a windows box. Don't trust internet cafe's... So, personally, I was thinking more of using this when I'm visiting family and friends.

Re:The point?

[Dr.+Descartes]

I guess it all depends on what you're using it for. If I have to forward X, it follows that the application I am using is either not my current host or is not available to be done from a vanilla SSH session. Instances of usage include using StarOffice, Mozilla, and even XMMS. There were very legitimate reasons for using each of these applications at the time (well, except XMMS). It is noted that VNC requires fewer roundtrips than X, hence high bandwidth applications appear faster when using VNC despite having to account for an entire desktop environment.

So, no, I'm not kidding. Here's a quote from this article I found while looking for evidence to support my stance, "When using X, I always make sure to turn compression on with the -C option (Compression yes in the config file), as X is bandwidth intensive, to put it politely. With compression on and a fast cipher such as blowfish (the default for recent versions of OpenSSH), Netscape is just about usable over a ten-megabit network. Without compression, it is rather painful, and I would certainly recommend against running any complex X application over less then ten megabits."

This has been my experience.

Re:The point?

[Minna+Kirai]

Are you kidding? I used to run xterm and Emacs over 2400 baud and it was tolerable,

Your example is inconclusive. Network speed has two independent components: bandwidth and latency. Just because your modem had poor bandwidth doesn't mean the latency was also bad.

And indeed, many aspects of the X11 protocol involve almost gratuitous round-trip queries that can make high latency a killer. Often it's aspects of the GUI toolkits that create this problem- a pretty effect that seems cool & fast on a localbox can be sluggish on the network.

Specific real-life example: in Evolution, you move an email from one folder to another, and the application draws a little translucent icon flying from origin to destination as a feedback indicator. It covers about 200 pixels distance, and for each step, the applcation downloads the remote image of the workspace under that position, alpha-blends a pixmap ontop of it, and sends the pixmap back to the viewer.

On a long-haul link, this can take MINUTES, during which you can't interact with any X11 programs. If you were running the program under VNC, however, the whole animation would be over before a screen update is even transmitted. While the user has missed-out on some eye-candy, this is far better than waiting through all the bidirectional traffic.

On the other hand, TightVNC is not usable for serious work even over a cable modem.

For truely serious work, it's not usable even on a loopback interface to localhost.

Even if everything else was the same, VNC has to refresh the whole screen,

False. VNC is an extensible protocol, so it can support arbitrarily intelligent update mechanisms. But even the original generation of VNC clients were smart enough only to update the screen regions that were actually changing.

(If your VNC experience has primarily been with the Windows server, you might not have noticed this, but that's because it was difficult for them to interface with the server without full screen-scraping and mouse-yanking, as Windows wasn't designed to allow concurrent users)

Re:The point?

[Minna+Kirai]

So, configure ssh to use S/Key, generate some one time pass phrases, and carry this live CD with you. Login remotely to your system, be careful not to do anything which is security sensitive, and you are set.

No you're not. If the client machine is compromised, one-time logins cannot protect you. The local SSH client could do evil things in a hidden side-channel to your actual work.

I've seen proof-of-concept modifed SSH clients which secretly download files from the remote homedir whenever anyone connects to anyplace (and that's in addition to logging all the activities of the session, of course).

With work, the operating system could be modified to recognize known popular SSH clients (such as putty.exe on your USB drive, or this X LiveCD thing), and secretly replace it with a compromised version when you attempt to run from your supposedly-trusted removable media.

to do anything which is security sensitive,

Um... if the activity was genuinely insensitive to security, you could run naked telnet. It's true that attacks like I described are probably rare enough that many people would be willing to run the risk, but they should still be aware of the threats and make that choice on their own. Elaborate multi-part attacks will only become more common as time goes by.

Re:I don't get it.

[BrynM]

What is the point?

Consider these ideas:

• Take a CD to work and use X on any machine with a CD drive
• Use this as a framework to add more applications like dev tools, auditing tools or desktop apps (probably forking the project, but interesting)
• Use it to prove to the ill tempered that *Nix is not all bad and quite usable
• Find a way to port it to Flash drives and such
• Another valid use of BitTorrent :D (the download of this iso that is)

Remember that this is an early version. The best uses are to come probably.

Perhaps a misnomer

[spagetti_code]

A liveCD to me is one that is bootable - and for a moment I got pretty excited. A bootable minimalist CD that pops up an XServer ready to go. Pretty cool - like a lite X terminal you can carry around on a CD.

The reality is a little less exciting - just a program you can run from a CD. (yawn).

Re:Wait...

[ahg]

I'm sorry if I appear to be to be knit-picking but...

You have the client-server relationship wrong, a common mistake when talking about X windows.

The application running on Unix is the client to the X-server running, in this case, off a Windows machines.

Client examples: xterm, konqueror, Kmail, Evolution running on *nix

Server: X.org running on _Windows_ via Cygwin

Re:I don't get it.

[UnderScan]

> What is the point?
The point is easy interoperability between *nix and Windows OSs. See my post at OSNews.com http://www.osnews.com/comment.php?news_id=9163#313 438 of it's ease of use.

You can also find more info from from a paper published for the SIGUCCS of the ACM titled: Easy access to remote graphical UNIX applications for windows users Listed below is the publicly available abstract:
ABSTRACT
A barrier deters Windows users from evaluating graphical scientific software that runs only on remote UNIX systems. Graphical UNIX applications are based on X Windows. To make use of X applications, Windows users must install an X server, install communications software for connecting to remote UNIX systems, and configure their systems to display graphics from remote systems. This barrier can be removed by making use of an X server and communications software that run live from CD-ROM. This poster presents such a CD-ROM known as XLiveCD.

XLiveCD appears to users as an application that provides a command-prompt that allows them to log in to remote computers. Windows XP/NT/ 2000 users insert the CD into a drive and click twice in response to a wizard. A terminal window appears on the screen and provides a command prompt. From the command prompt users run the secure shell (ssh) to connect to a remote computer and launch applications. X graphics windows are forwarded automatically.

XLiveCD is based entirely on open source software and is available free for download. It is a Cygwin environment (from Red Hat, Inc.), including the X.org X server and openssh installed and modified to be run from CD-ROM. The home page is http://xlivecd.indiana.edu/.

Re:Wait...

[steveha]

I really, really wish the X guys hadn't used this terminology. But they did, so we need to keep it straight.

Just think of it this way:

A file server provides files to its clients. A print server provides printing to its clients. An X Window server provides graphical windows to its clients.

Thus, when you run any X application, it is a client to the X Window server. It asks the server for a window to display stuff in.

So, if you buy an expensive rack-mount server machine, and you hook up a thin client that lets you use a GUI, that thin client has an X server on it, and the X server talks to X clients that run on the server.

The neat thing is that in the other universe (the one where Spock has a beard), they call "clients" "servers" and "servers" "clients", but the X guys still did it backwards there so this confusion still applies.

Hope this helps.

steveha

Cygwin RULES

[BrookHarty]

I use cygwin in a few different places. One our file server is running NT, put cygwin on there and it like a real server ;)

Also, Since I'm booted into XP most of the time, cygwin fills the nitch of having sshd to copy files back too, perl for running some reports, X for those server admin applications, even vi when I need to do some text work. (Ya, I said vi)

I was running Linux with VMware for XP, but the resources wasted, and no VPN software that worked with our nortel vpn connection, decided to just use cygwin, perfect choice.

Couple things, You can have real RXVT term's without X they run stand alone, and you can customize with normal black backgrounds, right side bars, etc. It also supports Rootless for seemless looking with windows. (Like OSX.) Comes with links, super quick to read heavy text sites, no popup banners, and color/frame support. I use it to read slashdot, and if someone looks over my shoulder, they just see text.

KDE under cygwin runs ok, few bugs, but since I just needed a manager, I went with windowmaker (Or rootless). Save the resources. (Old habits..) Konsole is nice, with tab's, I just with there was a tabbed RXVT then life would be truly sweet. (No tabbed putty yet, come on!)

Cygwin is the first software I install on a new windows system, just makes the whole thing usable. I recommend it to anyone doing work. I dont know how it compares to ActivePerl or others, since I've been using cygwin's for years, havn't had a need to switch.

BTW, a native port of nethack would be nice in the default install... And since I'm making requests, (hint to any Cygwin developers) how about real native selectable for download, icewm, screen and irssi(with ssl). Maybe VNC also. So I can remotely run X software off a Windows box over an ssh tunnel. (Production networks, security, makes an admin work harder..)
-
Halliburton, they get no bid contracts, they hire columbian mercs to watch the oil pipelines, and have more armored vechicals than the US Army in IRAQ. Don't join the Army, Join Halliburton!

Re:I don't get it.

[dario_moreno]

I see the point for portables computers with WiFi or GPRS Internet access, which can be a pain (or simply impossible) to setup under Linux. Imagine that you can borrow a laptop from time to time at work to go on the road, and cannot afford to take hours to install cygwin, but with this solution instead you can in seconds connect to your remote Unix server.

Re:I don't get it.

[MoneyMan]

The point is that you can sit at any windows machine, which may not necessarily be your own, and have a decent set of utilities to use.

I personaly work on many machines on any given day. The majority of which I do not own. I'm not "allowed" by my customer to go and just start throwing applications onto their system willy-nilly.

With this, I can work on any machine, using a shell I know, (bash), have a functional Xserver available, and access to a bajillion other GNU utilities without ever installing a single app.

Ever needed to tail a file in windows? It's there. Yes, there is a tail app for windows, and it's free. The point here is that this doesn't need to be installed. Grep? same thing.

Just boot to a LiveCD distro, you say? But I need to see what's happening on this Virii / Spyware ridden hunk o' junk while it's running windows.

Could I build my own suite? Yeah... but why would I? This has what I need.

Kudos and my thanks to the Cygwin team.

Re:I don't get it.

[BrynM]

It's a crufty layer on top of Windows

Exactly! You don't have to RTFA to know that this means you don't have to even re-boot your machine to use it. This is an advantake to those of us on W32 boxen at work that are refused a *nix dev machine. If you think it sucks, don't use it. I happen to see some usefulness for me. To each their own.

Great!

[fearlezz]

Just downloaded it. This CD is great! The "insert and go" character of the CD makes it very useful.

Only one comment: the .ssh directory should not be placed on the desktop! :)

Re:Wait...

[steveha]

The terminology makes sense, but is it sensible?

When you run the server on your thin client, and the clients all run on your rackmount server, and the newbies are all confused, and we need to write posts explaining why the seemingly backwards terminology is in fact correct... in some sense, it's sensible, but if you take a poll of a bunch of newbies, the consensus would be that it's confusing. (I'll stop now before someone beats me senseless.)

If some terminology makes arguable sense but confuses everyone but hard-core computer geeks, is it really the best terminology? I say no.

steveha

Re:Neither do i.

[ebooher]

techefnet wrote:
Who needs a livecd containing cygwin anyway? Why dont you just install cygwin locally? Someone explain to me.

I currently work for an organization that has very strict (and government controlled) policies in place for the installation and use of software packages. It's called bureaucracy. To install PuTTy on my XP workstation I must submit a ticket via our Management System interface. That ticket must then be assigned to my manager for an approval for the request of the software. Once my manager approves (could be a week or more) the ticket is then assigned to a senior manager for approval. Once that senior manager approves the installation of the software the ticket is assigned to an auditor to evaluate the financial impact on the company, the auditor must then write up a RFP (Request for Purchase) and submit approval to the ticket. The ticket is then assigned to the final approver (who is usually the CIO or another officer just below) who evaluates the ticket, verifies the approvals, verifies the finanical impact, approves the ticket, then assigns it to the Desktop Admin. The Desktop Admin then assigns the ticket to a Support Technician to be implemented. (ie. installed) (Oh, and I'm a member of IT and a Support Analyst, by the way.)

At any point in that process, if there is a denial. The whole thing must be reviewed, reentered, and start all over again.

This, I drop it in the CD-ROM, install nothing, run the X apps I need to run on the UNIX gear I monitor. Remove the CD, reboot, and no impact to the installed system that requires red tape.

Does that help?

Re:Neither do i.

[Chanc_Gorkon]

DSL, Damn Small Linux embedded will let you run Linux in a window with X Server, SSH, VNC, Mozilla Firefox, Dillo, a texteditor, vi.....you name it. It all fits nicely on a 128 MB USB key. Oh and it's based on everyone's favorite live CD, Knoppix.

This is news?

[triskaidekaphile]

I made just such a CD for myself nearly 3 years ago so that I could have cygwin (particularly SSH), emacs, CVS, Java, and Mozilla with me wherever I happened to be, such as in the classroom. The fun part was getting the autorun feature to properly set up the paths. I also made use of the TMP variable as the directory where I could write to the local disk when needed. I suppose what I really should do is establish a RAM disk.

I have recently even been considering migrating to a DVD so I can install the full cygwin installation along with Firefox and plugins; music and video players and rippers; some USB device drivers for my camera, MP3 players, voice recorder, and smart media scanner; and if I can figure it out also the synchronization software for my phone and PDA so I am not tied to a single machine!

I suppose you could add games, too., as if I had time for such things. Hm... the CD emulator with the CD images... I could perhaps include a few of my favorite classics!

Re:I don't get it.

[halivar]

Yes, but use X to do WHAT exactly? Click on pretty buttons over and over again? If I can't have cygwin on disk, able to manipulate files, save scripts, etc, what's the use, really? The few Unix apps that are worth the trouble of running in an X11 window on a Windows box, already have native ports.

The debugger that came with our version HP/UX server did not have a console interface; it was GUI only. That means we had to have X to log in an do any debugging work on our apps.

I could have used something like this.