For a few weeks I've been beta testing remote shell, the latest addition to Raspberry Pi Connect. Just a couple hours ago I was on a flight home from the new Micro Center in Charlotte.
One huge problem with VNC or remote desktop is how flaky it is if you have limited bandwidth or an unstable connection, like on an airplane.
It takes forever to start a screen sharing session, and the airplane's flaky WiFi usually causes the session to lock up, meaning you can't do much at all.
Remote terminal access, just relaying text commands, is the best solution for that problem. And sure, I have a VPN I could use with SSH to get to my Pi, but Raspberry Pi Connect just added support for remote shell access.
It's similar to SSH works, but with SSH you'd need your Pi exposed to the Internet. Not good. That's why I have a VPN, but a private VPN isn't something most people want to set up and maintain.
So for any situation where you don't need the whole graphical environment, or where you have limited bandwidth, you can use the new remote shell feature.
From my Southwest flight, I could connect straight from my laptop to the Pi in my rack at my studio, and terminal commands ran without a hitch.
The initial connection was quick, and I could even watch a movie through it! Well... at least if that movie is Star Wars ASCIIMATION playing through telnet!
But it was way more stable, and I could get actual work done. My lone attempt at screen sharing froze the first time I tried launching an app.
I have a brief video covering my testing on my 2nd YouTube channel:
I'm glad Raspberry Pi's adding this functionality to Pi Connect (the community has been asking for this feature since day one!). It's not quite the same thing as Tailscale, Cloudflare Tunnel, or Twingate, but it's useful if you have a Raspberry Pi you want to remote into without any VPN.
I have more about Raspberry Pi Connect, including how to get started in my earlier blog post. You can also read more on Raspberry Pi's announcement blog post, including how they're supporting every Pi device now, at least for remote shell access.
Comments
There is "mosh" for even better connection without fully dropping the connection. But i guess you knew that already.
Just to be a little polemic (in a good way)
Applying the third method of problem solving (problem does not exists), my question: but do you really need a graphical remote connection?
I mean, with automatic screen size depending on physical monitor, bandwith requirements to stream even a fullhd screen (that is the minumum acceptable, as per today), none or small graphic accelerations, unoptimized gui apps that refresh too much ...
if I need network stability I use stuff like VPN, Sshuttle in some cases, or other things to connect to the internet through the domestic devices or to the domestic devices' resources.
if you need some data accessible everywhere there are plenty of cloud providers (for non-technicians) or program like Syncthing that allow you to create your own (potentially unlimited) cloud at cost with offline data access in case of need and nearly real time replication on several machines.
Also, with a very small effort, you can rely on some side channels like Telegram bots to enable remote access only when you need it or directly command and automate some repetitive jobs (like start a vpn connection from RPi to a vpn provider and do the same on your pc to have easly an access even without exposing RPi to the internet)
Personally I prefer a switch on/off to all services that expose somehow to the internet if they do not require a full 24/7 access.
If your answer to my question is yes (you need a graphical remote access), then ok.
In my opinion is one of the most inefficient way to remotely access devices even in lan, but hey I am me and you are a different person, so it's ok to have different preferences
If it works for you, two thumbs up
There are a lot of people who rely on GUIs and want to have something running as an app or web UI locally on a computer at one place, and remote in and see it from somewhere else. I see a ton of RDP use in Windows environments, and RealVNC was (and still is, but not as much with their new plans) a very widespread alternative that worked across other platforms easily.
I use a VPN to remote access my networks, and typically do things over SSH or via SMB or file sync... but I do sometimes screen share to a Mac at another location to check on a render or do some work graphically, since it can be more convenient when needing to do GUI-based tasks like tweak a video edit on a 200 GB project I don't want to copy across or remote access via SMB.
On windows you are kinda forced.
No. Let me rephrase: you *are* forced to the gui.
Since I use a lot of linux machines and I almost never needed to access GUIs on remote (to be honest, something like 99% or more of my machines does not have X or Wayland at all), I just wondered.
As said before: two thumbs up if it works for your needs.
I like when it is the system to adapt to the user instead of the contrary.
SSH never works for me on airplane wifi. I read somewhere that they can identify and block traffic just by the packet patterns.
This is kinda old news. This kind of stuff has been around for 25 years with a variety of apps from lots of vendors long before things like RDP and VNC and the like. I do worry about whether this 'new' app will open up all kinds of new attack vectors for pi users who don't really understand that having 'anything' open to Internet is a security risk.
Just reading the pi site when I see things like "you must associate your Raspberry Pi with your Raspberry Pi ID to use Connect." it makes me just shudder. Given some of the bugs we've seen in the raspi os, why would you trust them ?
Have there been any end-to-end audits of this feature ?
The news is that Pi Connect includes remote shell (in addition to webrtc screen sharing), which is convenient for many users who don't want to manage their own VPN/remote access.
So far the source is not available, and I haven't seen any evidence of a 3rd party audit, so use the service at your own risk—but it is at least built on public projects like wayvnc (which you could run separately too) instead of being completely greenfield.
The biggest gotcha is their 'tunneling' server (the relay, as the software calls it)—for the initial connection, or for some connections where a P2P connection can't be set up, the connection is routed through there. Honestly I trust it enough for my hobby projects. But I also isolate things on VLANs, most people don't do that sort of thing :)