Barrier

What is it?

Barrier lets you easily share a single mouse and keyboard between multiple computers with different operating systems, each with its own display, without special hardware. It's intended for users with multiple computers on their desk since each system uses its own display.

Pros

Cons

Installing

Getting started

If you have firewall(s), you'll need to open a port for Barrier. The default port is 24800, but it is configurable.

I recommend to create a subdirectory .barrier under your home to group and hide related stuff:  mkdir ~/.barrier 

Launch Barrier from your desktop and press F4 in the graphical interface. Disable SSL to avoid the certificate error, for now. We'll secure the communications later.

Configuring the server

Press alt-ctrl-S in the graphical interface to save the configuration.

Configuring the client

You'll need to turn Wayland off:

  1. Edit /etc/gdm3/daemon.conf

  2. Uncomment #WaylandEnable=false

  3. Save and exit
  4. Restart gdm: # systemctl restart gdm3

If Barrier picks up a server on your network, it can configure itself to use it. Otherwise, enter the server’s IP into the GUI. The server's GUI shows you its IP address.

Registering the clients in the server

  1. Start the server and the clients by clicking the Start button.

  2. Click the Configure Server button. A window opens.

  3. Use the tab Screens and links to layout the clients:

    1. Drag the monitor on the top right corner and drop it at the grid to declare a new client avatar.
    2. You can drag the client avatars from one cell to another. Place them next to each other, either side by side or one on top of the other.
    3. Double-click on the client avatar to configure it. The client avatar's name must be the same one you see in the Barrier GUI of the actual client machine the avatar wants to represent.
  4. Start both server and clients. If they connect, you'll get a yellow lock icon below and you'll be able to glide the mouse pointer from one machine to another.

Basic usage

Launch it from your desktop (at both ends, clients and server). It will take a few seconds to load.

Make sure the server is configured and running. At the bottom you should see a yellow lock and a text line saying it is running.

Try to enable the auto-configuration at the clients, and click the Apply button. If it fails, disable it, provide the server's name or IP address and click the Apply button.

Once working, you can close the windows on the server and clients. Barrier will keep working in the background till the end of the desktop session. See Conflicting instances under Troubleshooting section to learn how to manually kill the running Barrier processes, if you need to do so. The usual case is the opposite: You may want it to autostart with your desktop sessions.

Advanced configurations

Set up to autostart with your desktop sessions

Create this script in the client(s). Best under .barrier. I called it run-barrier.sh:

Then activate it: chmod +x run-barrier.sh

Then create a ~/.config/autostart/barrier.desktop text file with this content:

Create this script in the server. Best under .barrier. I called it startBarrierServer.sh:

Then activate it: chmod +x run-barrier.sh

And create a ~/.config/autostart/barrier.desktop text file similar to the one of the clients, but pointing to startBarrierServer.sh and adapting name and description.

Securing the communications

Create the certificates and their fingerprints on all ends (server and clients)

On the server, create a ~/.local/share/barrier/SSL/Fingerprints/TrustedClients.txt file.

Then for all clients...

create a ~/.local/share/barrier/SSL/Fingerprints/TrustedServers.txt file,

get their fingerprint:

and copy-paste it into the list of trusted clients of the server:

And get the server's fingerprint:

and copy-paste it into the list of trusted servers of each client:

Then at the server, press F4 and enable both checkboxes:

And save the configuration overwriting the existing one. (you can copy it before, if you wish).

The server call must now not use the --disable-crypto modifier.

The client call must now use the --enable-crypto modifier.

Troubleshooting

Press F2 to show the log.

Conflicting instances

Be aware that Barrier usually runs in the background and if you open it twice the second instance won't tell and will conflict with the running one. You can check your running instances with ps aux | grep barrier like this:

If you have instances running that don't work, you'll need to kill all these processes:

Upstream: https://github.com/debauchee/barrier/

CategorySoftware CategoryKeyboard CategoryNetworkApplication CategoryDesktopApplication