Configuring a VNC server in Linux :: bobpeers.
Configuring the VNC server/viewer in Linux.
Overview of VNC
VNC, or Virtual Networked Computing, is a way of controlling a remote computer just as though you are sitting in front of it. In the Windows world it is also known as remote desktop but it's normally referred to as VNC in the Linux world. All that happens is that you connect using a VNC client to a remote computer running the VNC server, then an image of the remote desktop is transmitted to your local computer and you can see and control the desktop just as though you are there since all keyboard and mouse commands are sent from your client machine to the server.
Gnome Remote Desktop
If you are running the Gnome desktop on Fedora Core then you already have a VNC server built in. Click on the Fedora icon > Desktop > Preferences > Remote Desktop to open the dialog shown.
The screen is pretty self explanatory but basically when set up this way another computer can connect to your computer using the command listed on the dialog. There are a few important things to note, you must open port 5900 on the server for this to work since by default the Gnome Remote Desktop (called vino) listens on this port, also the person connecting will see the same session that you are currently logged in as. This means that any programs you have open will also be visible to the client, of course this is very useful if you are helping someone remotely. A more flexible way to use VNC is to install the VNC server and client software via yum, these are rpm's based on RealVNC
vncserver and vncviewer
Check what's installed
First check if you already have them installed on your system, open a terminal and type: $ rpm -qa|grep vnc vnc-server-4.1.1-36 vnc-4.1.1-36 If you get an output something like this then you're all ready, if not you need to install them via yum.
Add a user(s)
Next we need to add at least 1 VNC user, open the file /etc/sysconfig/vncservers as root and add the information shown: $ vi /etc/sysconfig/vncservers # The VNCSERVERS variable is a list of display:user pairs. #
1 of 5
10/8/2011 10:50 AM
you can add as many as you like here.vnc/linux.vnc in your home folder containing the password file. the number needs to be added to 5900 to get the listening port.vnc/xstartup Log file is /home/bobuser/.bobpeers:1 (bobpeers)' desktop is linux. run 'man vncpasswd' to see how to do that.
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.com/archive/vnc/sshvnc. The VNCSERVERARGS line refers to the arguments for user 1. see <URL:http://www.
Knowing which port to use
It's also important to note the session number user as this will tell us which port vncserver will listen on. In the same way we could use any number. You will also need to set a VNC password. for example: VNCSERVERS="2000:bobpeers" VNCSERVERARGS="-geometry 1024x768 -depth 16" In this case we need to use port 5900+2000 so port 7900. however they will get a plain grey desktop by default as the connection will not cause a new session of X to start by default. open a terminal and type: $ vncpasswd Password: Verify: This creates a hidden folder called . to fix this we need to edit the startup script in the . In this case we need to use port 5901 since we are using session 1.
Starting the server and startup options
To start the server we type the command 'vncserver' and the session you wish to start (if you have set up more than 1 entry in the /etc/sysconfig/vncservers file: $ vncserver :1 Starting VNC server: 1:bobpeers New 'linux.log [ OK ] Now the server is started and a user could connect. Geometry sets the size and depth sets the colour depth.Configuring a VNC server in Linux :: bobpeers.
Setting a password
To add some security we need to add a password that must be given before a connection can be established. $ vi ~/.bobpeers:1. See the "-via" option in the # `man vncviewer' manual page.com
http://bobpeers. Remember the Gnome Remote Desktop asked us to use computername:0 as the connection string. # Use "-localhost" to prevent remote VNC clients connecting except when # doing so through a secure tunnel. you can adjust these to suit your preferences but in my case the client machine has a resolution of 1024x768 and the depth 16 makes the connection a bit faster since the less information that needs to be sent the more responsive the session will feel.research.uk. DO NOT RUN THIS SERVICE if your local area network is untrusted! For a secure way of using VNC.vnc/xstartup
2 of 5
10/8/2011 10:50 AM
. # Use "-nohttpd" to prevent web-based VNC clients connecting.vnc folder in your home directory.att.bobpeers:1 Starting applications specified in /home/bobuser/. this sets up a users for the vnc server.com/linux/vnc
# # # # # # # #
Uncomment the lines below to start a VNC server on display :2 as my 'myusername' (adjust this to your own).html>. in this case the only user. VNCSERVERS="1:bobpeers" VNCSERVERARGS="-geometry 1024x768 -depth 16" The important part is the VNCSERVERS="1:bobpeers".
Xresources ] && xrdb $HOME/.Configuring a VNC server in Linux :: bobpeers.
Stopping the vncserver
There are two ways to stop the server.com
http://bobpeers. then you can type localhost:5901 for example. enter the password and you should now see a copy of your desktop. To restart the vncserver we need to kill the process and start a new one as root: $ vncserver -kill :1 Killing Xvnc process ID 13728 $ vncserver :1 Starting VNC server: 1:bobpeers New 'linux.bobpeers:1. Next we need to restart vncserver to pick up the changed we just made.bobpeers:1 (bobpeers)' desktop is linux.
Allowing remote connections
3 of 5
10/8/2011 10:50 AM
. If you just type 'vncviewer' at the prompt then you will asked for the host to connect to. either as root: $ /sbin/service vncserver stop Shutting down VNC server: 1:bobpeers [ OK ] or you can explicitly kill a particular session without being root: $ vncserver -kill :1 Killing Xvnc process ID 13728 Just replace the 1 with the vnc session you wish to stop.log [ OK ]
To start the viewer type: $ vncviewer localhost:5901 This open a dialog as shown for us to enter our password we set earlier.vnc/linux.Xresources xsetroot -solid grey vncconfig -iconic & xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & twm & As the file says make sure the two lines at the top are uncommented by removing the leading # sign. if you set your VNCSERVERS to be 2000:myname then you would need to connect on localhost:7900.com/linux/vnc
#!/bin/sh # Uncomment the following two lines for normal desktop: unset SESSION_MANAGER exec /etc/X11/xinit/xinitrc [ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup [ -r $HOME/. it's basically a whole new logon running at the same time.bobpeers:1 Starting applications specified in /home/bobuser/. Remember to use the correct port number when connecting.vnc/xstartup Log file is /home/bobuser/. Note that unlike the Gnome Remote Desktop this has started a new session of X so any applications open on the host machine are not visible to the new session.
5901 in my case. but remember to close the port again when you are finished. select tcp.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED.
To do the same from the command line add the line in bold to the file /etc/sysconfig/iptables while logged in as root: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended.com
http://bobpeers. That's all there is to it.Configuring a VNC server in Linux :: bobpeers. This can either be done from the command line or using system-config-security if you have it installed.com/linux/vnc
So far we have only connected to our own computer using localhost so we have not needed to open any ports in the firewall.0.RELATED -j ACCEPT
4 of 5
10/8/2011 10:50 AM
. then click OK and OK again to save your settings. Go to the Fedora start menu > Desktop > Administration > Security Level and Firewall.
Using system-config-security to opens ports. then type your root password when prompted to see this:
Click on other ports at the bottom and enter the port you wish to open.[0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224. however if we want to allow remote connection we will have to do the following.0.
Editing the iptables manually to opens ports. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT .
First we'll look into the GUI system-config-security.
if things seem a bit slow you can try adjusting the colour depth or screen resolution on the vncserver to see if that helps.1.168.com
http://bobpeers. $ sudo /sbin/service iptables restart Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: [ OK ] Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]
Connecting from the remote machine.Configuring a VNC server in Linux :: bobpeers.105:5901 You should see a copy of the hosts desktop. 05 Sep 2009 12:27:47 GMT
5 of 5
10/8/2011 10:50 AM
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT Finally we need to restart the iptables service to reload the changes.
Now from the remote client computer start up vncviewer but this time use the IP address of the host computer followed by the port number. So on my home network this might be: $ vncviewer 192.
Last modified on Sat.