How to redirect Pulse-audio over SSH and open up a socket file reverse tunnelled to the local Pulse-audio server on the client.

[ziomario]

Hello.​

I've installed TurboVNC + VirtualGL on Debian 10 virtualized with Bhyve on FreeBSD 13,but the audio does not work. From this post :

https://www.reddit.com/r/freebsd/comments/ow0f7f/i_have_installed_turbovnc_virtualgl_on_debian_10/

I've got the following suggestion :

The gist of my configuration is as follows:

• on the server I set export PULSE_SERVER=unix:~/.vnc/audio.socket in the .zshenv file for the user (you use whichever shell environment file is appropriate for your setup). This should probably be set by some server side VNC script but I haven’t got to that yet.

• on the client I start pulseaudio first, and then add the following to my SSH tunnel commandline -R /home/$user/.vnc/audio.socket:localhost:4713. You’ll need to make sure whatever you use for $user is correct from the server’s perspective.

There’s a config to allow permission in the pulseaudio default.pa file which I think needs to be added as load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 auth-anonymous=1.
Note that since you’re using FreeBSD as the client you’ll probably want to configure pulseaudio as a service rather than launching it with VNC as I do on Windows. You’ll need to check if there’s any special configuration for that.
The PULSE_SERVER setting should be on debian. The default.pa file should probably be in /usr/local/etc` somewhere on FreeBSD. Check the man page. You’ll need to ensure the .vnc directory exists on debian (I think TurboVNC should create it). Check if sshd_config on debian needs some setting changed to allow socket forwarding.

I need to better understand what to do. I'm not sure if I have understood well,because it doesn't work well. So,this is what I did :

1) on the Debian file called /home/mariuccio/.bashrc and also in /root/.bashrc I've added :

export PULSE_SERVER=unix:/home/mariuccio/.vnc/audio.socket

(file audio.socket is present only on /home/mariuccio/.vnc,it is not present in /root/.vnc)

2) on FreeBSD,inside the file /usr/local/etc/default.pa I've added this line :

2) module-native-protocol-tcp auth-ip-acl=127.0.0.1 auth-anonymous=1

3) This is the file /etc/ssh/sshd_config that I have created on Debian and on FreeBSD : (actually they have the same content inside)

PermitRootLogin yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
PasswordAuthentication yes
UsePAM yes
AllowAgentForwarding yes
AllowTcpForwarding yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server

This is what happens when I try to redirect Pulse-audio over SSH to open up a socket file reverse tunnelled from the local Pulse-audio server to the client.


From FreeBSD I write :

root@marietto:~ # ssh -L 5901:localhost:5901 192.168.1.8 -R /home/mariuccio/.vnc/audio.socket:localhost:4713 firefox

root@192.168.1.8's password:
Warning: remote port forwarding failed for listen path /home/mariuccio/.vnc/audio.socket
Error: no DISPLAY environment variable specified

Instead,if I do this as normal user :

marietto@marietto:~ $ ssh -L 5901:localhost:5901 192.168.1.8 -R /home/mariuccio/.vnc/audio.socket:localhost:4713 firefox

Password:
Password:
Password:
Password:
password is never accepted. I tried to change it several times.

Something is wrong in this kind of configuration and I don't know what it is. Inside Debian I tried to do ssh with the IP of Debian itself and it worked.

But it doesn't if I do this from FreeBSD :

marietto@marietto:~ $ ssh -L 5901:localhost:5901 192.168.1.8

Password:
Password:

 

[sko]

Did network sound even work (synchronously and without artifacts) at any time with pulseaudio? I remember this being an issue for years...

My suggestion: use sndio - its much cleaner, is well maintained and supported and has built-in network support that actually works (so no need for all the ssh tunnel shenanigans). It also behaves like a proper service, i.e. is started via rc.conf and does not spawn randomly in the background even if you've never enabled it...

 

[ziomario]

Did network sound even work (synchronously and without artifacts) at any time with pulseaudio? I remember this being an issue for years...

My suggestion: use sndio - its much cleaner, is well maintained and supported and has built-in network support that actually works (so no need for all the ssh tunnel shenanigans). It also behaves like a proper service, i.e. is started via rc.conf and does not spawn randomly in the background even if you've never enabled it...

In freeBSD sound works well here. But inside the Debian VM it does not detect any input or output source.

 

[SirDice]

Please understand that VNC does not support audio, at all. All the tricks you found are basically kludges to somehow transport audio over the network to the client.

 

[ziomario]

Help me to understand. Using sndio can I hear sounds inside the Debian VM,too ? Do u have a tutorial that explains how to configure it ?

 

[ziomario]

Please understand that VNC does not support audio, at all. All the tricks you found are basically kludges to somehow transport audio over the network to the client.

Are u sure of this ? On my jetson nano I did the same configuration (turbovnc + virtual GL + x11vnc and using an usb key sound card I can hear sounds very well)

 

[SirDice]

Are u sure of this

Quite sure.

On my jetson nano I did the same configuration (turbovnc + virtual GL + x11vnc and using an usb key I can hear sounds very well)

The pulse-audio trick you posted uses a separate network connection to connect the pulse-audio from the VM to the pulse-audio running on the host. This does not use the VNC connection.

 

[sko]

remote audio is not a standard VNC feature! you either have to use a VNC server/client combination that has a common implementation of redirecting sound or you have to redirect all sound output from the debian VM to the sndio network listener (e.g. via sndiod -L 0.0.0.0) on the FreeBSD host.

I haven't touched linux or debian for quite a while (at least nothing desktop related), so I'm not sure how you configure a default sound device on linux nowadays, but it should redirect to snd@<hostip>/0

 

[ziomario]

Where should be configured sndiod? on Debian or on FreeBSD? I've installed the package sndiod in Debian with apt-get but I didn't find any of equivalent on FreeBSD :

marietto@marietto:~ # pkg install sndiod
Updating FreeBSD repository catalogue...
Fetching packagesite.txz: 100%    6 MiB   1.7MB/s    00:04   
Processing entries: 100%
FreeBSD repository update completed. 30735 packages processed.
All repositories are up to date.
pkg: No packages available to install matching 'sndiod' have been found in the repositories
marietto@marietto:~ # find / -name sndiod
nothing

Keeping in consideration that the sound server is on FreeBSD,the sound should start from there and go to Debian,right ? so sndiod should be configured on Freebsd ?

 

[SirDice]

I didn't find any of equivalent on FreeBSD

audio/sndio

 

[ziomario]

I found this website and I tried : https://not.just-paranoid.net/network-audio-and-sndio/

"He has Ubuntu on the local machine, and FreeBSD on the remote side with the speakers"

I have FreeBSD on the local machine and Debian on the VM. So:

On FreeBSD :

root@marietto:~ # echo $DISPLAY
:0.0

root@marietto:~ # sndiod -dd -L 0.0.0.0

snd0.default: rec=0:1 play=0:1 vol=32768 dup

On Debian :

mariuccio@marietto:~ # echo $DISPLAY 
nothing

mariuccio@debian:~$ AUDIODEVICE="snd@192.168.1.6" vlc

VLC media player 3.0.12 Vetinari (revision 3.0.12-1-0-gd147bb5e7e)
[000055c16cd30fa0] vlcpulse audio output error: PulseAudio server connection failure: Connessione rifiutata
[000055c16cd95770] dbus interface error: Failed to connect to the D-Bus session daemon: Unable to autolaunch a dbus-daemon without a $DISPLAY for X11
[000055c16cd95770] main interface error: no suitable interface module
[000055c16cc74570] main libvlc error: interface "dbus,none" initialization failed
[000055c16cd93150] main interface error: no suitable interface module
[000055c16cc74570] main libvlc error: interface "globalhotkeys,none" initialization failed
[000055c16cc74570] main libvlc: Esecuzione di vlc con l'interfaccia predefinita. Usa 'cvlc' per utilizzare vlc senza interfaccia.
error: XDG_RUNTIME_DIR not set in the environment.
[000055c16cd93150] skins2 interface error: cannot initialize OSFactory
[000055c16cc784e0] main playlist: playlist is empty
[000055c16cd93150] [cli] lua interface: Listening on host "*console".

same result with :

mariuccio@debian:~$ AUDIODEVICE="snd@0.0.0.0" vlc

 

[kpedersen]

Is the VirtualGL worthwhile in a Bhyve VM? VirtualGL is intended to run on the host's (i.e the one running the vncserver) GPU and then funnel back the image. If the host is running virtualized all it has is LLVMpipe anyway?

 

[ziomario]

This is how I have installed TurboVNC + VirtualGL on the Debian VM :

Reddit - Dive into anything

www.reddit.com

 

[ziomario]

Is the VirtualGL worthwhile in a Bhyve VM? VirtualGL is intended to run on the host's (i.e the one running the vncserver) GPU and then funnel back the image. If the host is running virtualized all it has is LLVMpipe anyway?

help me to understand what to do. Im not so experienced like you.

 

[ziomario]

Quite sure.

The pulse-audio trick you posted uses a separate network connection to connect the pulse-audio from the VM to the pulse-audio running on the host. This does not use the VNC connection.

but on the jetson nano I don't use tricks. I suspect that on that board there are installed a lot of mesa libraries and LLVMpipe...so should I do the same in debian virtualized with bhyve ?

 

[SirDice]

I suspect that on that board there are installed a lot of mesa libraries and LLVMpipe

Those have nothing to do with audio.

 

[ziomario]

Those have nothing to do with audio.

ok,but I still don't understand why on the jetson nano I can hear sounds when I connect vncviewer to turbovnc + virtual-gl installed to the board,while in the debian + bhyve it does not work. And I don't keep any monitor attached to the board. It is in headless mode. And I don't use any ssh tunnelling or forwarding.

 

[kpedersen]

Hmm. What vncviewer are you using? VNC usually only deals with graphics unless someone has hacked in the audio feature.

When you are logged in via vncviewer, can you open up a terminal and list environment variables (type env) and post them here? Then we can perhaps see if there is any pulse audio going on. I am inclined to believe that is the only thing making this possible but it still shouldn't work via the viewer.

And you are *sure* that the Jetson Nano's HDMI isn't plugged into a monitor and playing through the speakers there?

 

[Geezer]

Maybe use rdp instead of vnc. rdp is a windowsee thing, but there is a client, xfreerdp in the ports that you could use on the host, and try and find some rdp server for debian.

I use rdp with a bhyve running windows 10, and the sound works seamlessly.

 

[Geezer]

ziomario One big question I have got is why?

The various desktops and programs that run on debian, are pretty much the same as those that run on Freebsd. Why do you want a full working desktop on debian, virtualised and displayed on a Freebsd desktop?

 

[kpedersen]

ziomario One big question I have got is why?

I think he is trying to run it on the Jetson Nano (which FreeBSD doesn't support). That said, I thought the Jetson Nano only supported Ubuntu, not Debian. It doesn't seem very clear.

 

[ziomario]

ziomario One big question I have got is why?

The various desktops and programs that run on debian, are pretty much the same as those that run on Freebsd. Why do you want a full working desktop on debian, virtualised and displayed on a Freebsd desktop?

because usually I use rambox on Debian (it's a multi social network tool. It means that it includes a lot of social networks in one only graphical interface),but it does not work on FreeBSD,but only on Debian. The problem is that the audio does not work on Debian,so it makes no sense to use it if I can't hear any voice messages sent by my friends.

 

[eternal_noob]

I use rambox on Debian ... but it does not work on FreeBSD

Can't you just use the linuxulator? Maybe bhyve isn't the right tool?

 

[ziomario]

At the moment I haven't tried the linux emulator,but I read that it is pretty limited. why using it instead of bhyve,that can offer to me a complete linux emulation ? I've just configured xrdp server on debian :

root@debian:~/Scrivania/tmp/mesa/build# ifconfig

enp0s5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.8  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::5a9c:fcff:fe03:3360  prefixlen 64  scopeid 0x20<link>
        ether 58:9c:fc:03:33:60  txqueuelen 1000  (Ethernet)
        RX packets 12730807  bytes 2108501513 (1.9 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 23326444  bytes 34132082669 (31.7 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

root@debian:~/Scrivania/tmp/mesa/build# apt install xrdp

Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze    
Lettura informazioni sullo stato... Fatto
I seguenti pacchetti aggiuntivi saranno inoltre installati:
  xorgxrdp
Pacchetti suggeriti:
  guacamole xrdp-pulseaudio-installer
I seguenti pacchetti NUOVI saranno installati:
  xorgxrdp xrdp
0 aggiornati, 2 installati, 0 da rimuovere e 2 non aggiornati.
È necessario scaricare 607 kB di archivi.
Dopo quest'operazione, verranno occupati 3.941 kB di spazio su disco.
Continuare? [S/n] s
Scaricamento di:1 http://deb.debian.org/debian buster/main amd64 xorgxrdp amd64 1:0.2.9-1 [172 kB]
Scaricamento di:2 http://deb.debian.org/debian buster/main amd64 xrdp amd64 0.9.9-1+deb10u1 [435 kB]
Recuperati 607 kB in 0s (2.843 kB/s)
Selezionato il pacchetto xorgxrdp non precedentemente selezionato.
(Lettura del database... 367925 file e directory attualmente installati.)
Preparativi per estrarre .../xorgxrdp_1%3a0.2.9-1_amd64.deb...
Estrazione di xorgxrdp (1:0.2.9-1)...
Selezionato il pacchetto xrdp non precedentemente selezionato.
Preparativi per estrarre .../xrdp_0.9.9-1+deb10u1_amd64.deb...
Estrazione di xrdp (0.9.9-1+deb10u1)...
Configurazione di xrdp (0.9.9-1+deb10u1)...

Generating 2048 bit rsa key...

ssl_gen_key_xrdp1 ok

saving to /etc/xrdp/rsakeys.ini

Created symlink /etc/systemd/system/multi-user.target.wants/xrdp-sesman.service → /lib/systemd/system/xrdp-sesman.service.
Created symlink /etc/systemd/system/multi-user.target.wants/xrdp.service → /lib/systemd/system/xrdp.service.
Configurazione di xorgxrdp (1:0.2.9-1)...
Elaborazione dei trigger per systemd (241-7~deb10u8)...
Elaborazione dei trigger per man-db (2.8.5-2)...
Elaborazione dei trigger per libc-bin (2.28-10)...
root@debian:~/Scrivania/tmp/mesa/build# sudo systemctl status xrdp
● xrdp.service - xrdp daemon
   Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2021-08-05 00:28:54 CEST; 23s ago
     Docs: man:xrdp(8)
           man:xrdp.ini(5)
 Main PID: 31040 (xrdp)
    Tasks: 1 (limit: 4915)
   Memory: 1.6M
   CGroup: /system.slice/xrdp.service
           └─31040 /usr/sbin/xrdp

ago 05 00:28:53 debian xrdp[31038]: (31038)(139680190314304)[DEBUG] Testing if xrdp can listen on 0.0.0.0 port 3389.
ago 05 00:28:53 debian xrdp[31038]: (31038)(139680190314304)[DEBUG] Closed socket 7 (AF_INET6 :: port 3389)
ago 05 00:28:53 debian systemd[1]: xrdp.service: Can't open PID file /run/xrdp/xrdp.pid (yet?) after start: No such file or directory
ago 05 00:28:54 debian systemd[1]: Started xrdp daemon.
ago 05 00:28:54 debian systemd[1]: /lib/systemd/system/xrdp.service:8: PIDFile= references path below legacy directory /var/run/, upda
ago 05 00:28:54 debian systemd[1]: /lib/systemd/system/xrdp.service:8: PIDFile= references path below legacy directory /var/run/, upda
ago 05 00:28:54 debian systemd[1]: /lib/systemd/system/xrdp.service:8: PIDFile= references path below legacy directory /var/run/, upda
ago 05 00:28:55 debian systemd[1]: /lib/systemd/system/xrdp.service:8: PIDFile= references path below legacy directory /var/run/, upda
ago 05 00:28:55 debian xrdp[31040]: (31040)(139680190314304)[INFO ] starting xrdp with pid 31040
ago 05 00:28:55 debian xrdp[31040]: (31040)(139680190314304)[INFO ] listening to port 3389 on 0.0.0.0
root@debian:~/Scrivania/tmp/mesa/build# sudo adduser xrdp ssl-cert
Aggiunta dell'utente «xrdp» al gruppo «ssl-cert» ...
Aggiunta dell'utente xrdp al gruppo ssl-cert

and I tried to connect the xfreerdp client to the debian IP 192.168.1.8 and this is what happened :

root@marietto:~ # xfreerdp 192.168.1.8

[00:38:03:412] [6115:02212000] [WARN][com.freerdp.client.common.cmdline] - Using deprecated command-line interface!
[00:38:03:426] [6115:02212000] [WARN][com.freerdp.client.common.compatibility] - 192.168.1.8 -> /v:192.168.1.8
[00:38:03:426] [6115:02212000] [WARN][com.freerdp.client.common.compatibility] -
[00:38:03:426] [6115:02212500] [INFO][com.freerdp.core] - freerdp_connect:freerdp_set_last_error_ex resetting error state
[00:38:03:430] [6115:02212500] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpdr
[00:38:03:438] [6115:02212500] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpsnd
[00:38:03:438] [6115:02212500] [INFO][com.freerdp.client.common.cmdline] - loading channelEx cliprdr
[00:38:03:438] [6115:02212500] [INFO][com.freerdp.client.x11] - No user name set. - Using login name: root
[00:38:03:793] [6115:02212500] [INFO][com.freerdp.primitives] - primitives autodetect, using optimized
[00:38:04:865] [6115:02212500] [INFO][com.freerdp.core] - freerdp_tcp_is_hostname_resolvable:freerdp_set_last_error_ex resetting error state
[00:38:04:865] [6115:02212500] [INFO][com.freerdp.core] - freerdp_tcp_connect:freerdp_set_last_error_ex resetting error state
[00:38:05:074] [6115:02212500] [INFO][com.freerdp.gdi] - Local framebuffer format  PIXEL_FORMAT_BGRX32
[00:38:05:074] [6115:02212500] [INFO][com.freerdp.gdi] - Remote framebuffer format PIXEL_FORMAT_RGB16
[00:38:05:146] [6115:02212500] [INFO][com.winpr.clipboard] - initialized POSIX local file subsystem
[00:38:05:148] [6115:02212500] [INFO][com.freerdp.channels.rdpsnd.client] - [static] Loaded fake backend for rdpsnd
[00:38:05:150] [6115:02212500] [ERROR][com.freerdp.core.update] - [0x03] Cache Glyph - SERVER BUG: The support for this feature was not announced! Use /relax-order-checks to ignore
[00:38:05:150] [6115:02212500] [ERROR][com.freerdp.core.update] - order flags 03 failed
[00:38:05:150] [6115:02212500] [ERROR][com.freerdp.core.fastpath] - Fastpath update Orders [0] failed, status 0
[00:38:05:150] [6115:02212500] [ERROR][com.freerdp.core.fastpath] - fastpath_recv_update() - -1
[00:38:05:150] [6115:02212500] [ERROR][com.freerdp.core.fastpath] - fastpath_recv_update_data() fail
[00:38:05:203] [6115:02212500] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -3
[00:38:05:203] [6115:02212500] [ERROR][com.freerdp.core] - freerdp_check_fds() failed - 0
[00:38:05:203] [6115:02212500] [INFO][com.freerdp.client.common] - Network disconnect!
[00:38:05:203] [6115:02212500] [ERROR][com.freerdp.client.x11] - Failed to check FreeRDP file descriptor

 

[ziomario]

root@marietto:~ # xfreerdp 0.0.0.0:3389

[00:48:25:110] [6130:02212000] [WARN][com.freerdp.client.common.cmdline] - Using deprecated command-line interface!
[00:48:25:111] [6130:02212000] [WARN][com.freerdp.client.common.compatibility] - 0.0.0.0 -> /v:0.0.0.0
[00:48:25:111] [6130:02212000] [WARN][com.freerdp.client.common.compatibility] -
[00:48:25:111] [6130:02212500] [INFO][com.freerdp.core] - freerdp_connect:freerdp_set_last_error_ex resetting error state
[00:48:25:111] [6130:02212500] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpdr
[00:48:25:111] [6130:02212500] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpsnd
[00:48:25:111] [6130:02212500] [INFO][com.freerdp.client.common.cmdline] - loading channelEx cliprdr
[00:48:25:111] [6130:02212500] [INFO][com.freerdp.client.x11] - No user name set. - Using login name: root
[00:48:25:418] [6130:02212500] [INFO][com.freerdp.primitives] - primitives autodetect, using optimized
[00:48:25:420] [6130:02212500] [INFO][com.freerdp.core] - freerdp_tcp_is_hostname_resolvable:freerdp_set_last_error_ex resetting error state
[00:48:25:420] [6130:02212500] [INFO][com.freerdp.core] - freerdp_tcp_connect:freerdp_set_last_error_ex resetting error state
[00:48:25:420] [6130:02212500] [ERROR][com.freerdp.core] - unable to set TCP_NODELAY
[00:48:25:420] [6130:02212500] [WARN][com.freerdp.core] - setsockopt() IPPROTO_TCP, TCP_KEEPIDLE
[00:48:25:420] [6130:02212500] [WARN][com.freerdp.core] - setsockopt() SOL_TCP, TCP_KEEPCNT
[00:48:25:420] [6130:02212500] [WARN][com.freerdp.core] - setsockopt() SOL_TCP, TCP_KEEPINTVL
[00:48:25:420] [6130:02212500] [ERROR][com.freerdp.core.transport] - BIO_should_retry returned a system error 32: Broken pipe
[00:48:25:420] [6130:02212500] [ERROR][com.freerdp.core] - transport_write:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[00:48:25:424] [6130:02212500] [INFO][com.freerdp.core] - freerdp_tcp_is_hostname_resolvable:freerdp_set_last_error_ex resetting error state
[00:48:25:424] [6130:02212500] [INFO][com.freerdp.core] - freerdp_tcp_connect:freerdp_set_last_error_ex resetting error state
[00:48:25:424] [6130:02212500] [ERROR][com.freerdp.core] - unable to set TCP_NODELAY
[00:48:25:424] [6130:02212500] [WARN][com.freerdp.core] - setsockopt() IPPROTO_TCP, TCP_KEEPIDLE
[00:48:25:424] [6130:02212500] [WARN][com.freerdp.core] - setsockopt() SOL_TCP, TCP_KEEPCNT
[00:48:25:424] [6130:02212500] [WARN][com.freerdp.core] - setsockopt() SOL_TCP, TCP_KEEPINTVL
[00:48:25:424] [6130:02212500] [ERROR][com.freerdp.core.transport] - BIO_should_retry returned a system error 32: Broken pipe
[00:48:25:424] [6130:02212500] [ERROR][com.freerdp.core] - transport_write:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[00:48:25:424] [6130:02212500] [ERROR][com.freerdp.core] - freerdp_post_connect failed