You are not logged in.
Pages: 1
Hello,
I have created a service that allows you to use Arch Linux in a web browser. The URL to the service is https://instantworkstation.com.
This is how the OS selection page looks:
https://instantworkstation.com:35000/Main_Page.png
This is what it looks like when remote controlling a virtual machine:
https://instantworkstation.com:35000/Vi … achine.png
The operating systems available on Instant Workstation are currently:
Android
Arch Linux
Bodhi Linux
Debian
Endeavour OS
Fedora
FreeBSD
GhostBSD
Haiku
Netrunner
TempleOS
Ubuntu
Current features of the service:
VNC view
SSH view
File/folder upload/download
Only x86 virtual machines are currently available
Registered and logged in user's virtual machines are permanently stored in persistent storage
Most of the virtual machines are passwordless
Planned features for the service:
Internet connectivity
ARM virtual machines
RISC-V virtual machines
More OSes and more OS versions
Better support for mobile devices
Hope the service may be useful to you. Please let me know if you have any suggestions for feedback.
Thanks
moderator edit -- replaced oversized image with link.
Pasting pictures and code
Please read the General Guidelines and post only thumbnails or links to images.
Last edited by 2ManyDogs (2024-01-22 00:18:11)
Offline
Hello, thanks for contributing! Being able to easily test stuff is always useful.
However, there are some important things:
Forgive me being mundane, but what’s the plan for funding? The question comes from two concerns. First: running any service costs money and these are a fully-fledged virtual machines with graphics. Not something one can handle from hobby budget, not beyond sharing them with a dozen trusted friends. Which leads to the second concern: that this is going to turn into bait-and-switch.
How are you willing to deal with abuse? In particular if network connection is going to be provided. There are billions people on this planet and many of them do not share our/your values. They will see it as yet another item to use and won’t hesitate to benefit from its availability.
I’ve noticed you posted this to many communities. Unlike many other operating systems, Arch Linux is not defined as any particular configuration. It’s a rolling release too, with daily changes. That makes “Arch Linux” as an option pretty poorly defined.
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
@2ManyDogs
Thanks for editing the post to comply with the community guidelines. I had missed the large image rule.
Forgive me being mundane, but what’s the plan for funding?
Currently I am paying for the dedicated server to host these virtual machines out of my own pocket. However this may not be sustainable permanently so a funding model may need to be established.
Which leads to the second concern: that this is going to turn into bait-and-switch.
No. Even if in future the virtual machines cost money to use it is always planned to keep a free version. The free version would be almost the same as currently. With the free version you don't get an internet connection and no persistent storage. With the paid version you would get both of these. Note that currently even in the free version you get persistent storage (when logged in).
How are you willing to deal with abuse?
Internet connectivity is currently disabled for exactly this reason. In the future I hope the below is enough to deter abuse of the service:
- Charge a fee for internet connectivity
- Require users to accept terms & conditions when using the service (banning any illegal activities and crypto mining etc.)
That makes “Arch Linux” as an option pretty poorly defined.
The plan is to every now and then take an ISO from the Arch Linux website and add it to Instant Workstation. It will be labelled with the timestamp when the ISO was downloaded. With the current version of Arch Linux on Instant Workstation the timestamp is 2023.11.01. Note that this ISO does not come with a desktop environment. So I manually installed Gnome as the desktop environment for the Arch Linux on Instant Workstation.
Offline
There is some cert ssl error when going to site (Firefox).
Offline
There is some cert ssl error when going to site (Firefox).
Not for me, also with firefox.
Offline
See:
https://www.sslshopper.com/ssl-checker. … tation.com
https://www.ssllabs.com/ssltest/analyze … tation.com :
"This server's certificate chain is incomplete. Grade capped to B."
Last edited by xerxes_ (2024-02-27 20:55:31)
Offline
“There is some cert ssl error” wasn’t useful information, in particular if others can’t reproduce it. I don’t see any error either and likely OP can’t see it too.
Getting B grade from Qualys or their reasoning behind the score aren’t the problem either. The tool is evaluating TLS deployment according to a set of best practices. Not following them isn’t a technical issue. In fact Qualys was able to properly verify the chain with no errors. Same will be true for most Firefox users.
The important part here is the hint given in the warning.
$ openssl s_client -connect instantworkstation.com:443
Connecting to 95.217.109.125
CONNECTED(00000003)
depth=0 CN=instantworkstation.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN=instantworkstation.com
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 CN=instantworkstation.com
verify return:1
---
Certificate chain
0 s:CN=instantworkstation.com
i:C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Dec 6 00:00:00 2023 GMT; NotAfter: Dec 6 23:59:59 2024 GMT
---
(…)
The problem is, that the issuer is itself not a trusted CA in Mozilla’s certificates pack. Unless Firefox obtained needed certificates from other sources, establishing a TLS connection is doomed to fail.
This is why it’s best deployment practice to offer the complete certificate chain. This way:
The client always gets all the needed certificates.
The client may store these (and Firefox does) for later use.
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
Thanks for bringing up the TLS certificate issues. This issue should now be resolved. The server now includes the whole TLS chain.
In other news ARM virtual machines are now available. Currently there are only Debian, Fedora and Ubuntu ARM virtual machines available but in future this will be expanded (to also include Arch Linux). The ARM virtual machines run on real ARM hardware with QEMU in KVM mode, i.e. they are not emulated. Work on adding RISC-V virtual machines still continues.
Furthermore internet access in the virtual machines is now available for a fee of €0.25 per hour. The service remains free to use without internet connectivity in the virtual machines.
Offline
Pages: 1