Originally Posted by vrmartin2
You can make XDMCP as secure as VNC if you work at it through ssh, but your point is well made: this can open a security hole. I have always used XDMCP in local environments behind firewalls. And I never really cared much for VNC. X seemed much more natural and easier to get going.
I thought that XDMCP worked pretty well when I used it. There was a period of which I didn't really need it, then when the need arose a few years ago, I started using VNC at that point. VNC can have some quirks, I suppose. The graphics can be slow and choppy, but for most of the stuff I do on the servers I maintain, that's not much of a big deal for the most part.
I just removed TightVNC from my Ubuntu system and replaced it with the RealVNC client. That one seems to perform better for me. As I mentioned, increasing the compression improved performance considerably, too. Using '-Zliblevel -7' seems to work the best thus far for me. I can leave sessions running for long periods of time without any problems.
Any Win XP user is likely to have used RDP which from Linux to Windows is a snap. That's what I use more than anything ("rdp") at home on the LAN behind all sorts of firewalls.
I also use SUSE which has other security systems built in, but security can never be too tight if you're going to sit outside of any firewall.
I used RDP for Windows when I worked on those systems, and that's probably the easiest route to go there, I agree.
I've found if you have a fairly stable internet connection, VPN tunnels, both IPSEC and OpenVPN can make life much better. I'll do basic things on ssh, but like to set up VPN if I'm going to be doing a considerable amount of work. If IPSEC/OpenVPN isn't an option, ssh is great to have available.