Re: Xvnc + inetd
duckeo wrote: I don't know anything in general to accomplish X forwarding (except paid for solutions such as Reflection X, Hummingbird, etc), so maybe going with VNC is a good idea. So I suggest setting up everything described in the HOWTO, but have SSH keys setup so then people don't have to worry about 'annoying' password based logins via SSH. Read http://www.jfitz.com/tips/ssh_for_windows.html#Automatic_login for more details on how to do this via putty. The only thing I can think of that's causing issues is maybe kdm isn't running on port 177. Have you attempted setting it up to listen on port 177, and also have you checked to see if login via the local box is possible? KDM is definately listening, UDP 177: frisbee# netstat -aln Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp4 0 0 *.5961 *.*LISTEN udp6 0 0 *.177 *.* 5861 being VNC, 177 being XDMCP. I can't VNC from the local box, is there a way I can test local login to KDM from the command line? I'm working on it remotely at the moment, SSH'd in from Windows. Anything X related needs to be run through a running X server; command line invocations aren't possible. You can try running vncserver though and then VNC into the server at the display as root to see if your VNC server config at least works. vncserver -localhost is your friend in this case :). Just a thought, would the fact that it's listening on UDP6 be a factor? Shouldn't be I would think. Well, as long as identd knew that it was UDP and not TCP and Xvnc was catching the listening port correctly :P. Besides, UDP[v]6 supports UDP[v]4, correct? I would sure hope so... And judging by the HOWTO it's supposed to do that. Xvnc is the binary, vncserver is a longish script I'm sifting through. It appears it just has a bunch of default settings in there, what I might do is try to modify one or two and see if the /root/.vnc/xstartup is having an effect (being invoked). Take a look in there, but not too hard. Try logging in 'single user mode' by invoking vncserver directly as root, or attempt calling vncserver from within inetd.conf as opposed to Xvnc, just for testing's sake. One thing I find interesting is that Xvnc is being called as user 'nobody' and not root, so therein may lie your issue ;). Therefore, creating an additional unprivileged user and then creating all the necessary settings for that user and configuring inetd to call Xvnc as your user may serve to be the solution you're looking for. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Xvnc + inetd
duckeo wrote: Ok then. "What sort of DE/WM setup do you plan on having for your clients?" is a question you need to ask yourself. Purely KDE for the moment, desktop wise it would be the same for each user. Essentially if it's a small number of users and you want to let them setup their own X flavor, you could basically set it up as follows: #!/bin/sh [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources xsetroot -solid grey vncconfig -iconic & startkde& # or whatever X style they like, such as startfluxbox, xfce4-session, etc I'd rather not have to make the user log in via SSH and invoke a vnc each, or even have vnc listening on X number of ports for different users. What I'd like to happen is users VNC into the box on a particular port, and be greeted with a Login screen to KDE (kdm). The guide I've been roughly following is at http://oxo.rucus.net/docs/Terminal-Vnc-HOWTO, to give you an idea of what I was aiming for. Hmmm... that's an interesting HOWTO. What the writer is doing is documenting basically how to do the DM stuff for login, but just without the SSH. I don't think that this method is really a good idea at all for security purposes as all data that goes through VNC is unencrypted. Make sure you don't have anyone pass any root passwords, credit card numbers, etc across the network during login or while they are getting logged in :). Setting up a firewall for a set of trusted PCs as close as possible to your VNC machine may be an incredibly wise idea as well while you don't have anything setup for SSH logins. I don't know anything in general to accomplish X forwarding (except paid for solutions such as Reflection X, Hummingbird, etc), so maybe going with VNC is a good idea. So I suggest setting up everything described in the HOWTO, but have SSH keys setup so then people don't have to worry about 'annoying' password based logins via SSH. Read http://www.jfitz.com/tips/ssh_for_windows.html#Automatic_login for more details on how to do this via putty. The only thing I can think of that's causing issues is maybe kdm isn't running on port 177. Have you attempted setting it up to listen on port 177, and also have you checked to see if login via the local box is possible? Testing out to see if that works or not might be something to really try first before seeing whether or not the VNC is at fault. Then, try logging in via another account, see if that works, and go down the line determining what the issue is. If you can't login via VNC, check the console with the VNC server started for any error messages that were displayed during execution (there might be some issues encountered during startup). I would also check the vncserver (invoke 'whereis vncserver' or 'which vncserver') file (I don't think it's binary but an actual script used for listening via TCP but I could be wrong). If it's a script (and hopefully not a binary file), it should contain any relevant information about what variables get setup during execution because vncserver eventually calls Xvnc, which does the actual serving. There might be some variables in vncserver which might help you determine when and how to add information in other commands and files (ie inetd.conf and kdm conf file wherever it is). Also, since you are running everything from a login manager as opposed to a direct VNC invocation, you may need to create the relevant files like ~/.Xsession, etc or setup the system wide Xsession file properly. Hopefully this helps as a start. I have no tried this so I can't guarantee any solutions but hopefully I brought something up which will lead you to a solution. The person who wrote the doc should be advised as to what actual steps need to be taken to make sure this works since the doc lacks some relevant details. Then again, a lot of docs do need to be improved and not just this one :). Take care and good luck :). -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Xvnc + inetd
> Ok then. "What sort of DE/WM setup do you plan on having for your > clients?" is a question you need to ask yourself. Purely KDE for the moment, desktop wise it would be the same for each user. > Essentially if it's a small number of users and you want to let them > setup their own X flavor, you could basically set it up as follows: > > #!/bin/sh > > [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources > xsetroot -solid grey > vncconfig -iconic & > > startkde& # or whatever X style they like, such as startfluxbox, > xfce4-session, etc I'd rather not have to make the user log in via SSH and invoke a vnc each, or even have vnc listening on X number of ports for different users. What I'd like to happen is users VNC into the box on a particular port, and be greeted with a Login screen to KDE (kdm). The guide I've been roughly following is at http://oxo.rucus.net/docs/Terminal-Vnc-HOWTO, to give you an idea of what I was aiming for. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Xvnc + inetd
On 6/26/05, Garrett Cooper <[EMAIL PROTECTED]> wrote: > duckeo wrote: > > >On 6/26/05, duckeo <[EMAIL PROTECTED]> wrote: > > > > > >>Because isn't VNC far more efficient? I've read X is only really > >>useful locally, also because VNC is more common a client on Windows > >>machines (as in already installed). > >> > >> > I'm not sure if that's true or not. I've talked to various people > who've advocated both angles, but it appears that X forwarding is > (arguably) more secure. I don't know if this is the case or not, and I > also don't know if they were referring to not SSH port forwarded > connections as opposed to a non-localhost-only based server. > But I do know that running multiple separate X sessions as opposed > to X port forwarding is overall less efficient if you're dealing with a > large number of users accessing one host. This is true because VNC-in > various forms-has a tendency to eat up some userspace memory (I think > around 5-8Mb per instance), in addition to the actual X session > allocated memory that it's associated with. That's just a thought to > consider when comparing the two. > -Garrett I'll take that into consideration as the usercount starts to increase on the box, at the moment it will be mostly network oriented IT staff needing access to utilities. The main concern is access to X from Windows machines, and VNC still seems to be the easiest method (we also have things like activeX capabale VNC clients we like to use for remote access). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Xvnc + inetd
Sorry wrong target. Forwarding to the list. On 6/26/05, duckeo <[EMAIL PROTECTED]> wrote: > Because isn't VNC far more efficient? I've read X is only really > useful locally, also because VNC is more common a client on Windows > machines (as in already installed). > > On 6/26/05, Garrett Cooper <[EMAIL PROTECTED]> wrote: > > Ken Quach wrote: > > > > >I'm trying to turn FreeBSD5.4 into a 'terminal server' of sorts, > > >allowing users to VNC in to access various network related utilities. > > > > > >What I'm seeing is a gray screen when connecting into vnc, which I > > >know is indicative of not having a window manager set up. > > > > > >My question is when running xvnc through inetd, I can specify which > > >user to run it as. > > > > > >I've tried using root and nobody, as well as a 'vnc' user which I > > >created. In all cases it seems not to read the ~/.vnc/xstartup file as > > >I expect it would (e.g. /root/.xvnc/xstartup). > > > > > >I've followed various guides to ensure settings are correct but now I'm > > >stumped. > > > > > >Various config files are below. Any ideas as to what else I need to change? > > > > > > > > > > > Uhm, why not just use kdm? It appears that all you need is a X[dm] login > > based server and you don't need Xvnc at all. Refer to ssh's information > > on X port forwarding and info on how to setup kdm properly. > > -Garrett > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Xvnc + inetd
Ken Quach wrote: I'm trying to turn FreeBSD5.4 into a 'terminal server' of sorts, allowing users to VNC in to access various network related utilities. What I'm seeing is a gray screen when connecting into vnc, which I know is indicative of not having a window manager set up. My question is when running xvnc through inetd, I can specify which user to run it as. I've tried using root and nobody, as well as a 'vnc' user which I created. In all cases it seems not to read the ~/.vnc/xstartup file as I expect it would (e.g. /root/.xvnc/xstartup). I've followed various guides to ensure settings are correct but now I'm stumped. Various config files are below. Any ideas as to what else I need to change? Uhm, why not just use kdm? It appears that all you need is a X[dm] login based server and you don't need Xvnc at all. Refer to ssh's information on X port forwarding and info on how to setup kdm properly. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
