Running Ubuntu 12.04 Desktop on EC2

To say it upfront: Usually there is no need to run an Ubuntu server with a desktop in the cloud. Whatever you do on the desktop you can do in a terminal too (assuming you dont want to use GIMP in the cloud). Here a little summary to get you started with a Precise Pangolin desktop running in the cloud.

Security: We will not use VNC, but NX. VNC is not secure (though can be tunnelled through SSH) and it works by sending compressed bitmaps of the screen, which is slower and less accurate than a NX server (X Server calls, Unix/Linux only)

Requirements: Amazon AWS account

Step-by-Step

  • Log into your AWS account
  • Optional: Create a security group with port 22 inbound only
    Security Group

    Security Group

    Port 22 only

    Port 22 only

  • Optional: Create a new key pair and download it

    Keypair

    Keypair

  • Find an AMI for your region (EBS recommended) at http://cloud-images.ubuntu.com/desktop/precise/current/
    I select an EBS 64 bit version for Singapore datacentre (ami-4695d614)

    Ubuntu AMI

    Ubuntu AMI

  • Create an instance
    Using the AMI we looked up and the security group and key pair we created. I recommend to choose a type at least m1.small, the micro instance not sufficient memory to run GNOME and other applications.

    New instance

    New instance

    Instance Type

    Instance Type

    Key Pair

    Key Pair

    Security Group

    Security Group

  • When instance is running connect with SSH
    eg. ssh -i desktopserver.pem ubuntu@ec2-xx-yy-zz.ap-southeast-1.compute.amazonaws.com
    (Dont forget to set the pem file permission to 400 !)
    I recommend to use an elastic IP and a dyndns entry if you want to use the instance long term.

    Running Instances

    Running Instances

    SSH session

    SSH session

  • Change to root user and install this package (NX server)
    sudo -i
    add-apt-repository ppa:freenx-team
    apt-get update
    aptitude install -y freenx
    

    The desktop package is already installed in this AMI, otherwise

    export DEBIAN_FRONTEND=noninteractive
    apt-get update
    apt-get install -y ubuntu-desktop
    

    Download the install script from https://launchpad.net/freenx-server with

    cd /var/lib/nxserver
    wget https://bugs.launchpad.net/freenx-server/+bug/576359/+attachment/1378450/+files/nxsetup.tar.gz
    gunzip *gz
    tar -xvf *tar
    

    Execute the script, I recommend to create a private key (not to share the key with the whole planet, even claimed to be secure)
    ./nxsetup –install

    root@ip-10-00-2-00:/var/lib/nxserver# ./nxsetup --install
    ------> It is recommended that you use the NoMachine key for
    easier setup. If you answer "y", FreeNX creates a custom
    KeyPair and expects you to setup your clients manually.
    "N" is default and uses the NoMachine key for installation.
    
    Do you want to use your own custom KeyPair? [y/N] y
    Setting up /etc/nxserver ...done
    Generating public/private dsa key pair.
    Your identification has been saved in /etc/nxserver/users.id_dsa.
    Your public key has been saved in /etc/nxserver/users.id_dsa.pub.
    The key fingerprint is:
    9b:0c:11:64:00:00:00:00:00:00:13:43:3a:61:fc:1b root@ip-10-148-2-238
    The key's randomart image is:
    +--[ DSA 1024]----+
    |   . +=+         |
    |    +.*.         |
    |      =o o       |
    |       .+        |
    |                 |
    |                 |
    +-----------------+
    Setting up /var/lib/nxserver/db ...done
    Setting up /var/log/nxserver.log ...done
    Adding user "nx" to group "utmp" ...done
    Setting up known_hosts and authorized_keys2 ...Unique key generated; your users must install
    
    /var/lib/nxserver/home/.ssh/client.id_dsa.key
    
    on their computers.
    done
    Setting up permissions ...done
    Setting up cups nxipp backend ...cp: `/usr/lib/cups/backend/ipp' and `/usr/lib/cups/backend/ipp' are the same file
    
  • Copy the created key file to your local desktop
    cat /var/lib/nxserver/home/.ssh/client.id_dsa.key 
    root@ip-10-00-2-00:/var/lib/nxserver# cat /var/lib/nxserver/home/.ssh/client.id_dsa.key
    -----BEGIN DSA PRIVATE KEY-----
    MIIBuwIBAAKBgQClwGVwNjZophIgelkOtUIcZsuzvvmHEkGql27ctHj21/sb33BG
    ECHMJ/pwKkRlS4Xq9f9PvXj3QVW8yGOImM6oHHgKQze49JmSYDGfZ6o8UkNNQniL
    ....
    W6SJuJK2yX1OHZAY1AtRpaPkQcl3EtZqSdYzPf83Zz26zsbJ63QgFuhns/UahId2
    ...
    S2VvyiMh6rbJ0yoBwFxqi6Qc/NmgvIVT/6U6NTuMdLNMeE73EmvimwIVAJJVPYog
    c839CAl7vfZgpdZOSzZf
    -----END DSA PRIVATE KEY-----
    
  • Important: NX cant handle the Gnome 3D desktop, you need to update with this, otherwise you get a Failed to load session “gnome-fallback”
    echo -e "\nCOMMAND_START_GNOME='gnome-session --session=ubuntu-2d'"|sudo tee -a /etc/nxserver/node.conf
    
  • All Ubuntu AMI come with the user ubuntu and disabled password login, we need to change this:
    vi  /etc/ssh/sshd_config
    
    Change to yes
    # Change to no to disable tunnelled clear text passwords
    PasswordAuthentication yes
    
    and restart
    /etc/init.d/ssh restart
    
    set password
    passwd ubuntu
    
  • Download and install a NX client from www.nomachine.com
    NX Client

    NX Client

     

  • Run and Configure the client
    NX Client Config

    NX Client Config

    Key

    Key

     

  • Connect to the instance et Voila !
    Connecting

    Connecting

    Desktop Session

    Desktop Session

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s