Whitney Krape

Category: OS

  • Ubuntu 25.10 Remote Desktop Auto-Setup

    Warning: Potentially Insecure Scripts Below

    Following up on a previous post trying to get the x11-less Ubuntu 25.10 set up with GUI management it looks like it’s possible to get Remote Desktop working. (Spice, unfortunately, has not been updated much in a long time and the install command seems to not work.)

    This doesn’t work fully yet, still running into keychain issues, but it’s close. On Reddit, user LarkinZero has a script that resets the password on boot. (Below.) Now, this is a keychain change which doesn’t unlock on boot. Trying another script from jdonohoo on GitHub almost works but still getting an error, auto-login on or off.

    With both scripts there are potential security issues such as having a password in plaintext and auto keyring unlocking (besides it still not working fully.) Will keep following up on this.

    Now I will say, this does seem to unlock via just a couple CLI commands so this might be good enough. Will revisit soon.

    Warning: Unorganized below, currently reworking.

    Remote Credentials Update.

    Keyring unlock script.

    ```
sudo apt-get install -y gnome-keyring libsecret-tools dbus-x11 vim
```

1. Place your unlock script here:
```
nano ~/.config/unlock-keyring.sh
```
```
#!/bin/bash

export DISPLAY=:0
export XDG_RUNTIME_DIR=/run/user/$(id -u)

password=$(<"$HOME/.keyring_pass")
/usr/bin/gnome-keyring-daemon --unlock <<< "$password"
```

```
chmod +x ~/.config/unlock-keyring.sh
```
2. Create keyring password file
```
vim ~/.keyring_pass
```
```
chmod 600 ~/.keyring_pass
```

3. Create the systemd unit:

```
nano ~/.config/systemd/user/unlock-keyring.service
```

```
[Unit]
Description=Unlock GNOME Keyring
After=graphical-session.target

[Service]
Type=oneshot
ExecStart=%h/.config/unlock-keyring.sh
RemainAfterExit=true
Environment=DISPLAY=:0
Environment=XDG_RUNTIME_DIR=/run/user/%U

[Install]
WantedBy=default.target
```

4. Enable the service:
```
systemctl --user daemon-reload
systemctl --user enable unlock-keyring.service
```
5. Ditch login keyring to make new one on next boot
```
rm ~/.local/share/keyrings/login.keyring
```
Set login passphrase to same as default / what you have in ~/.keyring_pass

Optional test:

```
systemctl --user start unlock-keyring.service
```

    Put in rc.local

    #!/bin/bash

SCHEMA="org.gnome.RemoteDesktop.RdpCredentials"
LABEL="GNOME Remote Desktop RDP credentials"
USERNAME="abc"
PASSWORD="123456"
EXPECTED_VALUE="{'username': <'$USERNAME'>, 'password': <'$PASSWORD'>}"

echo "Step 1: Clearing old credentials..."
secret-tool clear xdg:schema "$SCHEMA"

echo "Step 2: Storing new credentials..."
echo -n "$EXPECTED_VALUE" | secret-tool store --label="$LABEL" xdg:schema "$SCHEMA"

echo "Step 3: Verifying stored credentials..."
RESULT=$(secret-tool lookup xdg:schema "$SCHEMA")

if [ "$RESULT" == "$EXPECTED_VALUE" ]; then
    echo "Success: Stored credentials match the expected value."
    exit 0
else
    echo "Error: Stored credentials do not match the expected value."
    exit 1
fi

    Updated and Retried on 25.10 11/14/25

  • No x11 in Ubuntu 25.10 means no (easy) VNC

    No x11 in Ubuntu 25.10 means no (easy) VNC

    While my 2-3 local Ubuntu servers are mostly managed via SSH CLI, it is helpful to have visual access particularly for programs that need mouse interaction. With Ubuntu 25.10, Canonical is moving away from x11 (for a variety of reasons.)

    Now Ubuntu can use the RDP (Remote Desktop Protocol) but the password rotates on reboot which, makes things difficult.

    Maybe Spice would work?

    (To be followed up on.)

    Updated and Retried on 25.10 10/29/25

  • Avoid MacOS Time Machine issues with Ubuntu SMB by Separating Users

    Avoid MacOS Time Machine issues with Ubuntu SMB by Separating Users

    Warning: Manage SMB users carefully.

    Using Time Machine along with SMB shares seems to cause an issue when the backup runs the other SMB shares stop working. What is likely happening is MacOS is locking the files as it starts the backup to avoid read write problems.

    Separating the users, as in having one SMB user for files sharing and a second for Time Machine seems to solve the issues.

    Fortunately, setting up an SMB share for Time Machine is pretty straightforward and developer Marinus Klasen has a great guide. I’ve simplified what is needed an added it below at the bottom. General steps.

    1. First, create the users and set up the disks on Ubuntu. Add 2 SMB users (guide on that below.)
    2. Update the Ubuntu’s SMB settings.
    3. Set up Time Machine on MacOS before connecting to SMB shares. The share you’re looking to use should show in the list.
    4. Connect to your other SMB shares and go!

    There’s a great quick guide on ask Ubuntu about adding a CLI only SMB user on Ask Ubuntu.

    ## For TimeMachine Config ##
# Fruit global config
  fruit:aapl = yes
  fruit:nfs_aces = no
  fruit:copyfile = no
  fruit:model = MacSamba

[timemachine]
   # Load in modules (order is critical!)
   vfs objects = catia fruit streams_xattr
   fruit:time machine = yes
   fruit:time machine max size = 1.5T
   comment = Time Machine Backup
   path = /TimeMachine (CHANGE THIS)
   available = yes
   valid users = timemachine (Maybe don't permit other SMB users.)
   browseable = yes
   guest ok = no
   writable = yes

    Ask Ubuntu

    Updated and Retried with Ubuntu 25.04 and MacOS Tahoe 26.0.1: 11/19/25