No announcement yet.

General Howto: Tunnel PulseAudio and Synergy over SSH as well as share connections.

  • Filter
  • Time
  • Show
Clear All
new posts

  • General Howto: Tunnel PulseAudio and Synergy over SSH as well as share connections.

    Now probably most people here have gotten to the point were they have more then one system at home or at work. Like they need Linux for development, but corporation makes them use Windows desktops for various reasons. Or they own a laptop or netbook in addition to their main desktop at home.

    Something like that.

    For those people they are probably aware of 'Synergy', which is a program designed to share keyboard and mice between multiple machines. Also if your using Desktop Linux you are probably using PulseAudio, which allows you to share a single output/input device between multiple machines.

    Now Synergy has a major problem.... It just uses the network in plain text. That is everything you send between the machines you are using synergy on there is no encryption or anything like that. It assumes that you are using the machines on a secure network... which in reality sucks because there is very few secure networks that are commonly used.

    I've been using Synergy with SSH for a while now. At work and at home. The idea of typing out all my passwords and such on a keyboard and mouse that is connected directly to the network with no encryption or anything is just too irritating to put up with.

    Recently I've started using my laptop more as a desktop accessory for 2 extra displays and whatnot. So I want to play videos on the laptop, but the speakers are tiny and worn out. I don't want to get yet another stereo system on my desk when I already have one that works and sounds fine. So I now tunnel PA over SSH. That way I can use my desktop Microphone and output just naturally on my laptop.

    I like it and it's not terribly easy to find documentation, so I figure I'd put it here and let Google sniff it up for anybody looking for this in the future.

  • #2
    Configure Synergy:

    First thing... Configure The 'synergys' server on your main system.

    Say the main system is 'spaceshipone' and the secondary is 'whitenight'.

    # location: ~/.synergy.conf
    # spaceshipone is right to whitenight
    section: screens
    section: links
    		left = whitenight
    		right = spaceshipone
    section: options
        screenSaverSync = true
        switchCorners = none -left
        switchCornerSize = 20

    That's a basic synergys configuration. The hostnames are provided by the machines themselves.

    See here for details:

    Now start up synergys so it only listens to localhost:
    synergys -a localhost --restart


    • #3
      Configure PulseAudio

      Second thing to do is get PulseAudio's TCP support turned on. By default it listens to regular Unix Sockets. This is fast, but not something easily networkable. Other solutions I've seen use 'socat' to make the unix socket networkable-ish, but that stuff is irritating.

      So on your main system ('spaceshipone') you want to turn on PA's TCP support, but configure it to just use localhost so people not on your computer cannot access your audio streams.

      In "/etc/pulse/" look for the following lines:
      ### Network access (may be configured with paprefs, so leave this commented
      ### here if you plan to use paprefs)
      #load-module module-esound-protocol-tcp
      #load-module module-native-protocol-tcp
      #load-module module-zeroconf-publish
      Now change it to:
      ### Network access (may be configured with paprefs, so leave this commented
      ### here if you plan to use paprefs)
      #load-module module-esound-protocol-tcp
      load-module module-native-protocol-tcp listen= auth-ip-acl=
      #load-module module-zeroconf-publish

      So what that does is that it causes pulseaudio to listen on localhost and then disables authentication for anybody connecting on localhost. For single user machines this will be fine. Now go ahead and kill pulseaudio so it restarts with the new config:

      $ killall pulseaudio
      Go ahead and confirm that it's now listening:
      $ netstat -lpntu|grep pulseaudio
      (Not all processes could be identified, non-owned process info
       will not be shown, you would have to be root to see it all.)
      tcp        0      0    *                   LISTEN      7928/pulseaudio

      On the secondary system (whitenight) go ahead and configure the pulseaudio clients to try to attach to localhost instead of starting a new pulseaudio daemon...

      Create a new file "~/.pulse/client.conf"
      $ echo 'default-server = > ~/.pulse/client.conf
      Now kill pulseaudio:
      $ pulseaudio -k


      • #4
        Configure SSH

        Ok, now we configure SSH to enable to connections between the systems.

        Now you can specify on a command line remote port forwarding and such, but it's fairly painful to type out. The easy way is just to take advantage of your ssh client configuration files and setup pre-configured connections.

        I will also take advantage of 'ControlMaster' feature of OpenSSH. This allows you to share the same SSH connection between multiple sessions. That is if you 'ssh' into the machine multiple times it will not create a new SSH connection... it will just re-use the old one. ControlMaster is optional, but I find it convenient.

        There are quite a few articles and blog posts here and there. here is a example:

        It's useful for things like; Speeding up remote command execution, making remote edit capabilities of Vim or Emacs work better, make a sort of Single-Sign on, and quite a few other things. Making new SSH connections has a lot of overhead and thus ControlMaster can speed up lots of operations, even if your using shared keys or something like that.

        The bad things include... If ssh client dies unexpectedly then you will need to remove the socket file manually to get it working again. You cannot reconfigure a connection once it is established, so if you want to do things like enable X11-over-SSH you can only do that when you first make a connection. Large file transfers may cause blocking on the connection... since your using the same TCP connection for multiple things it may be a bottleneck for long operations.

        See 'man ssh_config' for details, but a sample configuration would be:
        host startit
            hostname whitenight.local
            # default port for synergy
            RemoteForward localhost:24800 localhost:24800 
            # default port for pulseaudio
            RemoteForward localhost:4713 localhost:4713
            ForwardX11 yes
            ForwardX11Trusted yes
        host * 
            hostname %h.local
            user myusername
            Compression no
            ControlMaster auto
            ControlPersist yes
            ControlPath ~/.ssh/ControlPath/%[email protected]%h:%p
        The .local DNS names will be created automatically if your using Avahi/Bonjuor network configuration stuff. This is the default for Ubuntu, I think. For Fedora you have to install avahi and open up the network ports in your firewall to get it to work. Otherwise you can substitute your IP addresses or whatever. Just as long as everything is consistent so that ControlPath will always find the right files.

        Now go ahead and create the connection and start synergyc on the remote system:

        $ ssh -fN startit
        $ ssh whitenight synergyc localhost


        • #5
          Here is how you can restart all the connections if something goofs up:

          shut everything down:
          $ ssh whitenight killall synergyc
          $ killall ssh
          $ killall synergys

          start it back up:
          $ synergys -a localhost --restart
          $ ssh -fN startit
          $ ssh whitenight synergyc localhost
          And that should be it.

          Sometimes getting synergys configured can be a bit difficult..
          synergys -f -d DEBUG

          can be helpful in getting the configuration done.

          Of course X11 works, now with audio...
          $ ssh -X whitenight totem some_file.mp4
          Last edited by drag; 08-24-2011, 04:30 AM.