Re: remote access via VNC
On Thu, 31 May 2012 22:31:11 +0700 Khemara Lyn wrote: > Thanks, > It is far better than i thought. i would love to try the ssh tunnel and > access by VNC to the display 0 also. Please forgive me for the poor > suggestion. I thought i could help; in fact, i learn new thing from that :). x11vnc may be a better fit for some of these uses. It can be set up to do things like 'connect to the existing session if present or start a new one if you want', and to do password authentication etc nicely. It also supports various tunnels and little details like a command to run when your vnc session drops (eg to screenlock) Finally if you run either with the noVNC websocket proxy you can set it all up to work in a modern web browser over SSL with no plugins and other bits needed. Alan -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
Thanks, It is far better than i thought. i would love to try the ssh tunnel and access by VNC to the display 0 also. Please forgive me for the poor suggestion. I thought i could help; in fact, i learn new thing from that :). Regards, Khem On 05/31/2012 04:25 PM, Reindl Harald wrote: Am 31.05.2012 11:19, schrieb Khemara Lyn: Hello, Have you tried with "vino"? I prefer it than a separate VNC server with a separate display. With Vino, I can log in locally to my desktop at office; i would lock the screen when i leave my office and when i arrive home i would connect to the same desktop/display i left off at office with a normal VNC client (RealVNC for windows). you recognized that it was solved yesterday? :-) "vino", "vncserver" and others can not provide "Whether the user is logged or not, anyone with the right access can RDP in. IIRC, the old original VNC server used to do that on Windows." this can only be done with xvnc sahring display 0 _ example to show the big difference * i connect via ssh to our admin-server in the LAN * type "wol workstation (/etc/ethers is your friend) * my workstation is powered on and boots to kdm login * "vnc.sh workstation" creates a ssh-tunnel and connects to display 0 this way i can power off my machine completly and control it from remote like with physical access -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On 05/31/2012 01:36 PM, Tommy Pham wrote: > There's no problem really except that it's an additional manual step > I'd like to avoid. Oh, I *see*. I thought you couldn't connect. :-) Andrew. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On Thu, May 31, 2012 at 1:17 AM, Andrew Haley wrote: > On 05/29/2012 09:22 PM, Tommy Pham wrote: >> On Tue, May 29, 2012 at 1:01 PM, Andrew Haley wrote: >>> On 05/29/2012 06:26 PM, Tommy Pham wrote: Is it possible to have remote access via VNC without having the user to be logged in (automatically, especially on a system reboot)? >>> >>> I don't get the problem. You don't have to be logged in on >>> the console, or anything like that. You just have to be able >>> to start a vnc server, and you can do that via ssh. What else >>> do you want to do? >> >> I have no problems doing the major of the work needed via ssh and >> command line. However, there are a few things that requires the GUI, >> specifically Oracle, for me to do a few things. Setting the autologin >> would allow me to VNC into the system, especially when the system is >> rebooted. > > But I can do it already. > > I log in to the system via ssh and start the vnc server. > > Then I create an ssh tunnel, and connect to the VNC server I just > started. VNC goes through SSH. > >> However, that poses a security risk for me. Basically, I'm >> looking for something similar to MS Windows' RDP. Whether the user is >> logged or not, anyone with the right access can RDP in. IIRC, the old >> original VNC server used to do that on Windows. I haven't used VNC >> server in about 10~ years. > > What's the problem with what I just described? > > Andrew. > Hi Andrew, There's no problem really except that it's an additional manual step I'd like to avoid. Regards, Tommy -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
Am 31.05.2012 11:19, schrieb Khemara Lyn: > Hello, > > Have you tried with "vino"? I prefer it than a separate VNC server with a > separate display. > > With Vino, I can log in locally to my desktop at office; i would lock the > screen when i leave my office and when i > arrive home i would connect to the same desktop/display i left off at office > with a normal VNC client (RealVNC for > windows). you recognized that it was solved yesterday? :-) "vino", "vncserver" and others can not provide "Whether the user is logged or not, anyone with the right access can RDP in. IIRC, the old original VNC server used to do that on Windows." this can only be done with xvnc sahring display 0 _ example to show the big difference * i connect via ssh to our admin-server in the LAN * type "wol workstation (/etc/ethers is your friend) * my workstation is powered on and boots to kdm login * "vnc.sh workstation" creates a ssh-tunnel and connects to display 0 this way i can power off my machine completly and control it from remote like with physical access signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
Hello, Have you tried with "vino"? I prefer it than a separate VNC server with a separate display. With Vino, I can log in locally to my desktop at office; i would lock the screen when i leave my office and when i arrive home i would connect to the same desktop/display i left off at office with a normal VNC client (RealVNC for windows). Just do: yum install vino vino-passwd vino-preferences HTH Regards, Khem On 05/31/2012 03:17 PM, Andrew Haley wrote: On 05/29/2012 09:22 PM, Tommy Pham wrote: On Tue, May 29, 2012 at 1:01 PM, Andrew Haley wrote: On 05/29/2012 06:26 PM, Tommy Pham wrote: Is it possible to have remote access via VNC without having the user to be logged in (automatically, especially on a system reboot)? I don't get the problem. You don't have to be logged in on the console, or anything like that. You just have to be able to start a vnc server, and you can do that via ssh. What else do you want to do? I have no problems doing the major of the work needed via ssh and command line. However, there are a few things that requires the GUI, specifically Oracle, for me to do a few things. Setting the autologin would allow me to VNC into the system, especially when the system is rebooted. But I can do it already. I log in to the system via ssh and start the vnc server. Then I create an ssh tunnel, and connect to the VNC server I just started. VNC goes through SSH. However, that poses a security risk for me. Basically, I'm looking for something similar to MS Windows' RDP. Whether the user is logged or not, anyone with the right access can RDP in. IIRC, the old original VNC server used to do that on Windows. I haven't used VNC server in about 10~ years. What's the problem with what I just described? Andrew. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On 05/29/2012 09:22 PM, Tommy Pham wrote: > On Tue, May 29, 2012 at 1:01 PM, Andrew Haley wrote: >> On 05/29/2012 06:26 PM, Tommy Pham wrote: >>> Is it possible to have remote access via VNC without having the user >>> to be logged in (automatically, especially on a system reboot)? >> >> I don't get the problem. You don't have to be logged in on >> the console, or anything like that. You just have to be able >> to start a vnc server, and you can do that via ssh. What else >> do you want to do? > > I have no problems doing the major of the work needed via ssh and > command line. However, there are a few things that requires the GUI, > specifically Oracle, for me to do a few things. Setting the autologin > would allow me to VNC into the system, especially when the system is > rebooted. But I can do it already. I log in to the system via ssh and start the vnc server. Then I create an ssh tunnel, and connect to the VNC server I just started. VNC goes through SSH. > However, that poses a security risk for me. Basically, I'm > looking for something similar to MS Windows' RDP. Whether the user is > logged or not, anyone with the right access can RDP in. IIRC, the old > original VNC server used to do that on Windows. I haven't used VNC > server in about 10~ years. What's the problem with what I just described? Andrew. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On Wed, May 30, 2012 at 3:20 PM, Reindl Harald wrote: > > > the main question is where you missed my post about the package > replying "I just installed that package prior to your response" > but who cares, now it works :-) > > Sorry, I meant I just installed the tigervnc package. It's been a long day :). Thanks again to you and Rick. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
Am 31.05.2012 00:10, schrieb Tommy Pham: > On Wed, May 30, 2012 at 2:54 PM, Reindl Harald wrote: >> Am 30.05.2012 23:32, schrieb Tommy Pham: Name : tigervnc-server-module Architektur : x86_64 Version: 1.1.0 Ausgabe: 3.fc16 Größe : 606 k Repo: installed Zusammenfassung : TigerVNC module to Xorg URL: http://www.tigervnc.com Lizenz : GPLv2+ Beschreibung : This package contains libvnc.so module to X server, allowing others : to access the desktop on your machine. >>> I just installed that package prior to your response and rebooted. >>> Still no luck :( >>> >> where did you? >> >> i see no "tigervnc-server-module" in your list >> tigervnc-server-module != tigervnc-server-minimal > > Don't know how I missed the module when I did "yum search vnc". > Adding that package fixed it for me. Thank your for time. :) the main question is where you missed my post about the package replying "I just installed that package prior to your response" but who cares, now it works :-) signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On Wed, May 30, 2012 at 2:54 PM, Reindl Harald wrote: > > > Am 30.05.2012 23:32, schrieb Tommy Pham: >>> Name : tigervnc-server-module >>> Architektur : x86_64 >>> Version : 1.1.0 >>> Ausgabe : 3.fc16 >>> Größe : 606 k >>> Repo : installed >>> Zusammenfassung : TigerVNC module to Xorg >>> URL : http://www.tigervnc.com >>> Lizenz : GPLv2+ >>> Beschreibung : This package contains libvnc.so module to X server, allowing >>> others >>> : to access the desktop on your machine. >>> >> I just installed that package prior to your response and rebooted. >> Still no luck :( >> >> [root@ogx280 ~]# rpm -qa|grep -i vnc >> gtk-vnc2-0.5.0-2.fc17.i686 >> gtk-vnc-0.5.0-2.fc17.i686 >> gvnc-0.5.0-2.fc17.i686 >> tigervnc-license-1.1.0-5.fc17.noarch >> libvncserver-0.9.8.2-4.fc17.i686 >> tigervnc-server-1.1.0-5.fc17.i686 >> tigervnc-server-minimal-1.1.0-5.fc17.i686 >> gtk-vnc-python-0.5.0-2.fc17.i686 >> x11vnc-0.9.13-3.fc17.i686 > > where did you? > > i see no "tigervnc-server-module" in your list > tigervnc-server-module != tigervnc-server-minimal > > the "vncserver"-stuff i stripped of your reply has nothing > to do with vnc-access to display 0, this is a totally different > topic because it starts a whole session and give you no access > to the same screen as on the local machine like xvnc does > > there is no need to reboot, this is no kernel-update :-) > "killall X" will restart X11 > > > again my only installed packages: > > [harry@srv-rhsoft:~]$ rpm -qa | grep vnc > tigervnc-1.1.0-3.fc16.x86_64 > tigervnc-server-module-1.1.0-3.fc16.x86_64 > tigervnc-license-1.1.0-3.fc16.noarch > > > my configuration: > > [root@srv-rhsoft:~]$ cat /etc/X11/xorg.conf.d/02-vnc.conf > Section "Module" > Load "vnc" > EndSection > Section "Screen" > Identifier "Screen0" > Option "passwordFile" "/root/.vnc/passwd" > EndSection > > > [root@srv-rhsoft:~]$ /bin/netstat --numeric-hosts --numeric-ports --notrim > --programs -u -t -l | grep 5900 > tcp 0 0 0.0.0.0:5900 0.0.0.0:* > LISTEN 19650/X > > Don't know how I missed the module when I did "yum search vnc". Adding that package fixed it for me. Thank your for time. :) -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
Am 30.05.2012 23:32, schrieb Tommy Pham: >> Name : tigervnc-server-module >> Architektur : x86_64 >> Version: 1.1.0 >> Ausgabe: 3.fc16 >> Größe : 606 k >> Repo: installed >> Zusammenfassung : TigerVNC module to Xorg >> URL: http://www.tigervnc.com >> Lizenz : GPLv2+ >> Beschreibung : This package contains libvnc.so module to X server, allowing >> others >> : to access the desktop on your machine. >> > I just installed that package prior to your response and rebooted. > Still no luck :( > > [root@ogx280 ~]# rpm -qa|grep -i vnc > gtk-vnc2-0.5.0-2.fc17.i686 > gtk-vnc-0.5.0-2.fc17.i686 > gvnc-0.5.0-2.fc17.i686 > tigervnc-license-1.1.0-5.fc17.noarch > libvncserver-0.9.8.2-4.fc17.i686 > tigervnc-server-1.1.0-5.fc17.i686 > tigervnc-server-minimal-1.1.0-5.fc17.i686 > gtk-vnc-python-0.5.0-2.fc17.i686 > x11vnc-0.9.13-3.fc17.i686 where did you? i see no "tigervnc-server-module" in your list tigervnc-server-module != tigervnc-server-minimal the "vncserver"-stuff i stripped of your reply has nothing to do with vnc-access to display 0, this is a totally different topic because it starts a whole session and give you no access to the same screen as on the local machine like xvnc does there is no need to reboot, this is no kernel-update :-) "killall X" will restart X11 again my only installed packages: [harry@srv-rhsoft:~]$ rpm -qa | grep vnc tigervnc-1.1.0-3.fc16.x86_64 tigervnc-server-module-1.1.0-3.fc16.x86_64 tigervnc-license-1.1.0-3.fc16.noarch my configuration: [root@srv-rhsoft:~]$ cat /etc/X11/xorg.conf.d/02-vnc.conf Section "Module" Load"vnc" EndSection Section "Screen" Identifier "Screen0" Option "passwordFile" "/root/.vnc/passwd" EndSection [root@srv-rhsoft:~]$ /bin/netstat --numeric-hosts --numeric-ports --notrim --programs -u -t -l | grep 5900 tcp0 0 0.0.0.0:59000.0.0.0:* LISTEN 19650/X signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On Wed, May 30, 2012 at 1:42 PM, Reindl Harald wrote: > > > Am 30.05.2012 22:33, schrieb Tommy Pham: >> I still can't seem to get this right :(. This is what I have. >> >> [root@ogx280 init.d]# rpm -qa|grep -i vnc >> gtk-vnc2-0.5.0-2.fc17.i686 >> gtk-vnc-0.5.0-2.fc17.i686 >> gvnc-0.5.0-2.fc17.i686 >> tigervnc-license-1.1.0-5.fc17.noarch >> libvncserver-0.9.8.2-4.fc17.i686 >> tigervnc-server-minimal-1.1.0-5.fc17.i686 >> gtk-vnc-python-0.5.0-2.fc17.i686 >> x11vnc-0.9.13-3.fc17.i686 > > you are missing "tigervnc-server-module"! > > no idea what "x11vnc" is but this are my > vnc-related packages while "tigervnc" is > the client to connect to remote-machines > > [root@srv-rhsoft:~]$ rpm -qa | grep vnc > tigervnc-license-1.1.0-3.fc16.noarch > tigervnc-server-module-1.1.0-3.fc16.x86_64 > tigervnc-1.1.0-3.fc16.x86_64 > > "/usr/bin/vncpasswd" for create "/root/.vnc/passwd" > is contained in "tigervnc-server-minimal" which can > even be uninstalled after all works! > > http://rpm.pbone.net/index.php3/stat/4/idpl/17378318/dir/fedora_16/com/tigervnc-server-minimal-1.1.0-3.fc16.x86_64.rpm.html > > well, this is a F16 link / system, but i am using this config > since years on several machines while iptables is blocking the > vnc-port and connect is done with a shell-script creating a > ssh-tunnel and fire up "vncviewer" with the needed params > > ___ > > [root@srv-rhsoft:~]$ cat /etc/X11/xorg.conf.d/02-vnc.conf > Section "Module" > Load "vnc" > EndSection > > Section "Screen" > Identifier "Screen0" > Option "passwordFile" "/root/.vnc/passwd" > EndSection > ___ > > Name : tigervnc-server-module > Architektur : x86_64 > Version : 1.1.0 > Ausgabe : 3.fc16 > Größe : 606 k > Repo : installed > Zusammenfassung : TigerVNC module to Xorg > URL : http://www.tigervnc.com > Lizenz : GPLv2+ > Beschreibung : This package contains libvnc.so module to X server, allowing > others > : to access the desktop on your machine. > > Hi, I just installed that package prior to your response and rebooted. Still no luck :( [root@ogx280 ~]# rpm -qa|grep -i vnc gtk-vnc2-0.5.0-2.fc17.i686 gtk-vnc-0.5.0-2.fc17.i686 gvnc-0.5.0-2.fc17.i686 tigervnc-license-1.1.0-5.fc17.noarch libvncserver-0.9.8.2-4.fc17.i686 tigervnc-server-1.1.0-5.fc17.i686 tigervnc-server-minimal-1.1.0-5.fc17.i686 gtk-vnc-python-0.5.0-2.fc17.i686 x11vnc-0.9.13-3.fc17.i686 [root@ogx280 ~]# cat /etc/X11/xorg.conf.d/00-system-setup-vnc.conf # This file is to share the root screen via VNC Section "Module" Load "vnc" EndSection Section "Screen" Identifier "Screen0" Device "Videocard0" Option "SecurityTypes" "VncAuth" Option "UserPasswdVerifier" "VncAuth" # Option "passwordfile" "/root/.vnc/passwd" EndSection [root@ogx280 ~]# ls /lib/systemd/system/*vnc* /lib/systemd/system/vncserver@.service [root@ogx280 multi-user.target.wants]# ll /etc/systemd/system/multi-user.target.wants/*vnc* lrwxrwxrwx. 1 root root 38 May 30 14:09 /etc/systemd/system/multi-user.target.wants/vncserver@:0.service -> /lib/systemd/system/vncserver@.service [root@ogx280 multi-user.target.wants]# cat /etc/systemd/system/multi-user.target.wants/vncserver@:0.service # The vncserver service unit file # # Quick HowTo: # 1. Copy this file to /etc/systemd/system/vncserver@:.service # 2. Edit and vncserver parameters appropriately # ("runuser -l -c /usr/bin/vncserver %i -arg1 -arg2") # 3. Run `systemctl daemon-reload` # # DO NOT RUN THIS SERVICE if your local area network is # untrusted! For a secure way of using VNC, you should # limit connections to the local host and then tunnel from # the machine you want to view VNC on (host A) to the machine # whose VNC output you want to view (host B) # # [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB # # this will open a connection on port 590N of your hostA to hostB's port 590M # (in fact, it ssh-connects to hostB and then connects to localhost (on hostB). # See the ssh man page for details on port forwarding) # # You can then point a VNC client on hostA at vncdisplay N of localhost and with # the help of ssh, you end up seeing what hostB makes available on port 590M # # Use "-nolisten tcp" to prevent X connections to your VNC server via TCP. # # Use "-localhost" to prevent remote VNC clients connecting except when # doing so through a secure tunnel. See the "-via" option in the # `man vncviewer' manual page. [Unit] Description=Remote desktop service (VNC) After=syslog.target network.target [Service] Type=forking # Clean any existing files in /tmp/.X11-unix environment ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i" ExecStop=/sbin/runuser -l root -c "/usr/bin/vncserver -kill %i" [Install] WantedBy=multi-user.target -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://a
Re: remote access via VNC
Am 30.05.2012 22:33, schrieb Tommy Pham: > I still can't seem to get this right :(. This is what I have. > > [root@ogx280 init.d]# rpm -qa|grep -i vnc > gtk-vnc2-0.5.0-2.fc17.i686 > gtk-vnc-0.5.0-2.fc17.i686 > gvnc-0.5.0-2.fc17.i686 > tigervnc-license-1.1.0-5.fc17.noarch > libvncserver-0.9.8.2-4.fc17.i686 > tigervnc-server-minimal-1.1.0-5.fc17.i686 > gtk-vnc-python-0.5.0-2.fc17.i686 > x11vnc-0.9.13-3.fc17.i686 you are missing "tigervnc-server-module"! no idea what "x11vnc" is but this are my vnc-related packages while "tigervnc" is the client to connect to remote-machines [root@srv-rhsoft:~]$ rpm -qa | grep vnc tigervnc-license-1.1.0-3.fc16.noarch tigervnc-server-module-1.1.0-3.fc16.x86_64 tigervnc-1.1.0-3.fc16.x86_64 "/usr/bin/vncpasswd" for create "/root/.vnc/passwd" is contained in "tigervnc-server-minimal" which can even be uninstalled after all works! http://rpm.pbone.net/index.php3/stat/4/idpl/17378318/dir/fedora_16/com/tigervnc-server-minimal-1.1.0-3.fc16.x86_64.rpm.html well, this is a F16 link / system, but i am using this config since years on several machines while iptables is blocking the vnc-port and connect is done with a shell-script creating a ssh-tunnel and fire up "vncviewer" with the needed params ___ [root@srv-rhsoft:~]$ cat /etc/X11/xorg.conf.d/02-vnc.conf Section "Module" Load"vnc" EndSection Section "Screen" Identifier "Screen0" Option "passwordFile" "/root/.vnc/passwd" EndSection ___ Name : tigervnc-server-module Architektur : x86_64 Version: 1.1.0 Ausgabe: 3.fc16 Größe : 606 k Repo: installed Zusammenfassung : TigerVNC module to Xorg URL: http://www.tigervnc.com Lizenz : GPLv2+ Beschreibung : This package contains libvnc.so module to X server, allowing others : to access the desktop on your machine. signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On Tue, May 29, 2012 at 1:53 PM, Rick Stevens wrote: > On 05/29/2012 01:26 PM, Rick Stevens wrote: >> >> On 05/29/2012 12:00 PM, Tommy Pham wrote: >>> >>> On Tue, May 29, 2012 at 11:18 AM, Rick Stevens >>> wrote: On 05/29/2012 10:26 AM, Tommy Pham wrote: > > > Hi, > > Is it possible to have remote access via VNC without having the user > to be logged in (automatically, especially on a system reboot)? You could share the display in the X configs, e.g.: cat /etc/X11/xorg.conf.d/00-system-setup-vnc.conf # This file is to share the root screen via VNC Section "Module" Â Â Load "vnc" EndSection Section "Screen" Â Â Identifier "Screen0" Â Â Device "Videocard0" Â Â Option "SecurityTypes" "VncAuth" Â Â Option "UserPasswdVerifier" "VncAuth" Â Â Option "passwordfile" "/root/.vnc/passwd" EndSection You may have to refresh the display after connecting when the user login screen is shown. I have to on occasion...something with the way the login mechanism (gdmgreeter?) updates the screen. >>> >>> Hi Rick, >>> >>> I just tried it why your suggested configuration but I'm still unable >>> to access via VNC. >>> >>> [root@fedora17 ~]# find / -type f -name 'passwd' >>> /sys/fs/selinux/class/passwd/perms/passwd >>> find: `/run/user/dlp/gvfs': Permission denied >>> /usr/share/bash-completion/completions/passwd >>> /usr/bin/passwd >>> /etc/pam.d/passwd >>> /etc/passwd >>> >>> I've rebooted the system with no effect. >> >> >> If you look, you'll see that I used a password file, /root/.vnc/passwd >> to hold the VNC passwords. You must create that file using "vncpasswd" >> on the VNC server and give the root user a password. When you >> authenticate VNC, you must give the root user's VNC password. >> >> You don't need to use the authentication, I guess (I always do). I also >> believe that, for selinux to like it, you have to change the SELinux >> context of the file: >> >> [root@golem4 .vnc]# ls -lZ /root/.vnc/passwd >> -rw---. root root unconfined_u:object_r:admin_home_t:s0 >> /root/.vnc/passwd >> >> To access the machines, I have been using vncviewer over an SSH tunnel: >> >> # vpnc -via golem4 golem4 > > > Whoops! Sorry, that should read: > > # vncviewer -via golem4 golem4 > > (yes, I use vpnc a lot, hence my mistake) > > >> I get a dialog box asking for root's VNC password. I put it in and the >> desktop shows up. >> >> You probably want to look at the /var/log/Xorg.0.log file on the VNC >> server machine to verify that the vnc module is actually being loaded. > > -- > - Rick Stevens, Systems Engineer, AllDigital ri...@alldigital.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - When you don't know what to do, walk fast and look worried. - > Hi Rick, I still can't seem to get this right :(. This is what I have. [root@ogx280 init.d]# rpm -qa|grep -i vnc gtk-vnc2-0.5.0-2.fc17.i686 gtk-vnc-0.5.0-2.fc17.i686 gvnc-0.5.0-2.fc17.i686 tigervnc-license-1.1.0-5.fc17.noarch libvncserver-0.9.8.2-4.fc17.i686 tigervnc-server-minimal-1.1.0-5.fc17.i686 gtk-vnc-python-0.5.0-2.fc17.i686 x11vnc-0.9.13-3.fc17.i686 [root@ogx280 init.d]# netstat -tapnv Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp0 0 0.0.0.0:30000.0.0.0:* LISTEN 1387/mysqld tcp0 0 127.0.0.1:250.0.0.0:* LISTEN 1461/sendmail: acce tcp0 0 0.0.0.0:82220.0.0.0:* LISTEN 1716/httpd tcp0 0 0.0.0.0:25962 0.0.0.0:* LISTEN 664/rpc.statd tcp0 0 0.0.0.0:83330.0.0.0:* LISTEN 1716/httpd tcp0 0 0.0.0.0:111 0.0.0.0:* LISTEN 604/rpcbind tcp0 0 0.0.0.0:81810.0.0.0:* LISTEN 1716/httpd tcp0 0 192.168.122.1:530.0.0.0:* LISTEN 1415/dnsmasq tcp0 0 0.0.0.0:22 0.0.0.0:* LISTEN 616/sshd tcp0248 10.167.28.248:22155.64.180.69:59101 ESTABLISHED 1892/sshd: root@pts tcp6 0 0 :::111 :::* LISTEN 604/rpcbind tcp6 0 0 :::1521 :::* LISTEN 1508/tnslsnr tcp6 0 0 :::22 :::* LISTEN 616/sshd tcp6 0 0 :::39638:::* LISTEN 664/rpc.statd tcp6 0 0 :::631 :::* LISTEN 1/systemd [root@ogx280 init.d]# chkconfig Note: This output shows SysV services only and does not include native systemd services. SysV configuration data might be overridden by native systemd configuration. ceph0:off 1:off 2:off 3:off 4:off
Re: remote access via VNC
On 05/29/2012 01:26 PM, Rick Stevens wrote: On 05/29/2012 12:00 PM, Tommy Pham wrote: On Tue, May 29, 2012 at 11:18 AM, Rick Stevens wrote: On 05/29/2012 10:26 AM, Tommy Pham wrote: Hi, Is it possible to have remote access via VNC without having the user to be logged in (automatically, especially on a system reboot)? You could share the display in the X configs, e.g.: cat /etc/X11/xorg.conf.d/00-system-setup-vnc.conf # This file is to share the root screen via VNC Section "Module" Â Â Load "vnc" EndSection Section "Screen" Â Â Identifier "Screen0" Â Â Device "Videocard0" Â Â Option "SecurityTypes" "VncAuth" Â Â Option "UserPasswdVerifier" "VncAuth" Â Â Option "passwordfile" "/root/.vnc/passwd" EndSection You may have to refresh the display after connecting when the user login screen is shown. I have to on occasion...something with the way the login mechanism (gdmgreeter?) updates the screen. Hi Rick, I just tried it why your suggested configuration but I'm still unable to access via VNC. [root@fedora17 ~]# find / -type f -name 'passwd' /sys/fs/selinux/class/passwd/perms/passwd find: `/run/user/dlp/gvfs': Permission denied /usr/share/bash-completion/completions/passwd /usr/bin/passwd /etc/pam.d/passwd /etc/passwd I've rebooted the system with no effect. If you look, you'll see that I used a password file, /root/.vnc/passwd to hold the VNC passwords. You must create that file using "vncpasswd" on the VNC server and give the root user a password. When you authenticate VNC, you must give the root user's VNC password. You don't need to use the authentication, I guess (I always do). I also believe that, for selinux to like it, you have to change the SELinux context of the file: [root@golem4 .vnc]# ls -lZ /root/.vnc/passwd -rw---. root root unconfined_u:object_r:admin_home_t:s0 /root/.vnc/passwd To access the machines, I have been using vncviewer over an SSH tunnel: # vpnc -via golem4 golem4 Whoops! Sorry, that should read: # vncviewer -via golem4 golem4 (yes, I use vpnc a lot, hence my mistake) I get a dialog box asking for root's VNC password. I put it in and the desktop shows up. You probably want to look at the /var/log/Xorg.0.log file on the VNC server machine to verify that the vnc module is actually being loaded. -- - Rick Stevens, Systems Engineer, AllDigitalri...@alldigital.com - - AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 - -- -When you don't know what to do, walk fast and look worried. - -- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On 05/29/2012 12:00 PM, Tommy Pham wrote: On Tue, May 29, 2012 at 11:18 AM, Rick Stevens wrote: On 05/29/2012 10:26 AM, Tommy Pham wrote: Hi, Is it possible to have remote access via VNC without having the user to be logged in (automatically, especially on a system reboot)? You could share the display in the X configs, e.g.: cat /etc/X11/xorg.conf.d/00-system-setup-vnc.conf # This file is to share the root screen via VNC Section "Module" Â Â Load "vnc" EndSection Section "Screen" Â Â Identifier "Screen0" Â Â Device "Videocard0" Â Â Option "SecurityTypes" "VncAuth" Â Â Option "UserPasswdVerifier" "VncAuth" Â Â Option "passwordfile" "/root/.vnc/passwd" EndSection You may have to refresh the display after connecting when the user login screen is shown. I have to on occasion...something with the way the login mechanism (gdmgreeter?) updates the screen. Hi Rick, I just tried it why your suggested configuration but I'm still unable to access via VNC. [root@fedora17 ~]# find / -type f -name 'passwd' /sys/fs/selinux/class/passwd/perms/passwd find: `/run/user/dlp/gvfs': Permission denied /usr/share/bash-completion/completions/passwd /usr/bin/passwd /etc/pam.d/passwd /etc/passwd I've rebooted the system with no effect. If you look, you'll see that I used a password file, /root/.vnc/passwd to hold the VNC passwords. You must create that file using "vncpasswd" on the VNC server and give the root user a password. When you authenticate VNC, you must give the root user's VNC password. You don't need to use the authentication, I guess (I always do). I also believe that, for selinux to like it, you have to change the SELinux context of the file: [root@golem4 .vnc]# ls -lZ /root/.vnc/passwd -rw---. root root unconfined_u:object_r:admin_home_t:s0 /root/.vnc/passwd To access the machines, I have been using vncviewer over an SSH tunnel: # vpnc -via golem4 golem4 I get a dialog box asking for root's VNC password. I put it in and the desktop shows up. You probably want to look at the /var/log/Xorg.0.log file on the VNC server machine to verify that the vnc module is actually being loaded. -- - Rick Stevens, Systems Engineer, AllDigitalri...@alldigital.com - - AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 - -- - Death is nature's way of dropping carrier - -- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On Tue, May 29, 2012 at 1:01 PM, Andrew Haley wrote: > On 05/29/2012 06:26 PM, Tommy Pham wrote: >> Is it possible to have remote access via VNC without having the user >> to be logged in (automatically, especially on a system reboot)? > > I don't get the problem. You don't have to be logged in on > the console, or anything like that. You just have to be able > to start a vnc server, and you can do that via ssh. What else > do you want to do? > > Andrew. Hi Andrew, I have no problems doing the major of the work needed via ssh and command line. However, there are a few things that requires the GUI, specifically Oracle, for me to do a few things. Setting the autologin would allow me to VNC into the system, especially when the system is rebooted. However, that poses a security risk for me. Basically, I'm looking for something similar to MS Windows' RDP. Whether the user is logged or not, anyone with the right access can RDP in. IIRC, the old original VNC server used to do that on Windows. I haven't used VNC server in about 10~ years. Thanks, Tommy -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On 05/29/2012 06:26 PM, Tommy Pham wrote: > Is it possible to have remote access via VNC without having the user > to be logged in (automatically, especially on a system reboot)? I don't get the problem. You don't have to be logged in on the console, or anything like that. You just have to be able to start a vnc server, and you can do that via ssh. What else do you want to do? Andrew. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On Tue, May 29, 2012 at 11:18 AM, Rick Stevens wrote: > On 05/29/2012 10:26 AM, Tommy Pham wrote: >> >> Hi, >> >> Is it possible to have remote access via VNC without having the user >> to be logged in (automatically, especially on a system reboot)? > > > You could share the display in the X configs, e.g.: > > cat /etc/X11/xorg.conf.d/00-system-setup-vnc.conf > # This file is to share the root screen via VNC > Section "Module" > Load "vnc" > EndSection > > Section "Screen" > Identifier "Screen0" > Device "Videocard0" > Option "SecurityTypes" "VncAuth" > Option "UserPasswdVerifier" "VncAuth" > Option "passwordfile" "/root/.vnc/passwd" > EndSection > > You may have to refresh the display after connecting when the user > login screen is shown. I have to on occasion...something with the > way the login mechanism (gdmgreeter?) updates the screen. > -- > - Rick Stevens, Systems Engineer, AllDigital ri...@alldigital.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - Beware of programmers who carry screwdrivers - > -- > -- Hi Rick, I just tried it why your suggested configuration but I'm still unable to access via VNC. [root@fedora17 ~]# find / -type f -name 'passwd' /sys/fs/selinux/class/passwd/perms/passwd find: `/run/user/dlp/gvfs': Permission denied /usr/share/bash-completion/completions/passwd /usr/bin/passwd /etc/pam.d/passwd /etc/passwd I've rebooted the system with no effect. Thanks, Tommy -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: remote access via VNC
On 05/29/2012 10:26 AM, Tommy Pham wrote: Hi, Is it possible to have remote access via VNC without having the user to be logged in (automatically, especially on a system reboot)? You could share the display in the X configs, e.g.: cat /etc/X11/xorg.conf.d/00-system-setup-vnc.conf # This file is to share the root screen via VNC Section "Module" Load "vnc" EndSection Section "Screen" Identifier "Screen0" Device "Videocard0" Option "SecurityTypes" "VncAuth" Option "UserPasswdVerifier" "VncAuth" Option "passwordfile" "/root/.vnc/passwd" EndSection You may have to refresh the display after connecting when the user login screen is shown. I have to on occasion...something with the way the login mechanism (gdmgreeter?) updates the screen. -- - Rick Stevens, Systems Engineer, AllDigitalri...@alldigital.com - - AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 - -- -Beware of programmers who carry screwdrivers- -- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org