Problem: I want to remotely access my computer from untrusted computers like on friends house or at work.
Looking for: Remote desktop software (SSH is out of scope, as it could do commands in the background). Client should work in the browser or have portable binaries. Server should send some soft of 2FA before every connection without a way to remember it, so I could be safe in a case of a keylogger snooping on connection password. Not nessesary, but would be nice to have some sort of rate limiting for the inputs, so it won’t be possible for some rubber-ducky style script to open terminal and run command before I could react.
All your concerns are true of remote x sessions and while I’m not familiar enough with Wayland to defend this claim, I’d bet they are true of remote Wayland sessions too.
The old way of doing a secure remote x session was by tunneling it through ssh. When I needed remote desktop reachable anywhere I used passwordless 2fa ssh as the tunnel.
How exactly were you planning on initiating this connection to the host machine from an untrusted client, using their binaries?