Linux Remote Desktop, linux

Linux Remote Desktop, linux

Mark yourself in the IDC for a long time. (Test environment rhel5.5)

Independent service configuration in vnc

 

　　

Step 1:

(1) check whether the vnc service is installed in the system. (You can also choose system-administrator-service to check and enable the Service on startup)

# rpm -qa | grep vnc

(If there is a return value, similar to the value of vnc-server, it indicates that vnc-server has been installed. skip this step .)

(2) install vnc:

(To the Mount directory) # cd/rhdvd/Server (to install vnc-server) # rpm-ivh vnc-server-4.1.2-14.el5_6.6.x86_64.rpm (to install vnc-viewer) # rpm-ivh vnc-4.1.2-14.el5_6.6.x86_64.rpm

View Code

(3) Verify that the vnc-server package is successfully installed:

# Rpm-qa vnc-server-4 (vnc-server-4.1.2-14.el5_6.6 display)

View Code

 

Step 2:

(1) run the vnc service

 # vncservers    

(Enter the vnc password for the first operation. The password is the root vnc password of the current user)

(2) Add a user, set a password, and set a vnc password:

# Useradd user001 (Add User) # passwd user001 (Set User Password) # su-user001 (switch user) # vncpasswd (set vnc password, password file in/user /. vnc/passwd)

(Note: The vncpass here can only be run under the vnc user. For example, if you want to configure a vnc authentication password with the user001 user name, you need to switch to the user001 user first, and then run the vncpasswd command)

(3) create user002 and user003 .......

 

Step 3:

Before configuring VNC, you must understand the running mechanism of VNC.

In Linux, VNC can start multiple vncservers at the same time. Each vncserver is differentiated by the display number. Each vncserver listens to three ports, which are:

The default HTTP port 5800 + is the http listening port of VNC. It must be enabled if the VNC client is IE or Firefox or other non-vncviewer.

RFB Protocol default port 5900 + display no.: The real port used for communication between the VNC server and the client, which must be opened unconditionally.

X protocol default port 6000 + display number: X listening port, optional.

The displayed numbers and open ports are controlled by vncservers and VNCSERVERARGS in the/etc/sysconfig/VNCSERVERS file.

(1) configure the configuration file of the vnc service

 # vi /etc/sysconfig/vncservers

The content is as follows:

# The VNCSERVERS variable is a list of display: user pairs. # Uncomment the lines below to start a VNC server on display: 2 # as my 'myusername' (adjust this to your own ). you will also # need to set a VNC password; run 'man vncpasswd' to see how # to do that. # do not run this service if your local area network is # untrusted! For a secure way of using VNC, see # <URL: http://www.uk.research.att.com/archive/vnc/sshvnc.html>. # Use "-nolisten tcp" to prevent X connections to your VNC server via TCP. # Use "-nohttpd" to prevent web-based VNC clients connecting. # Use "-localhost" to prevent remote VNC clients connecting using t when # doing so through a secure tunnel. see the "-via" option in the # 'man vncviewer 'manual page. # VNCSERVERS = "2: myusername" # VNCSERVERARGS [2] = "-geometry 800x600-nolisten tcp-nohttpd-localhost" VNCSERVERS = "1: user001 2: user002 3: user003 4: user004 "(ADD) VNCSERVERARGS [1] ="-geometry 1366x768-AlwaysShared "(ADD) VNCSERVERARGS [2] = "-geometry 1366x768-AlwaysShared" (ADD) VNCSERVERARGS [3] = "-geometry 1366x768-AlwaysShared" (ADD) VNCSERVERARGS [4] = "-geometry 1366x768-AlwaysShared" (ADD)

View Code

Note: [1] VNCSERVERS = supports multiple users, separated by spaces. The number is the port number, that is, the desktop number.

[2] The data in [] After VNCSERVERARGS must be consistent with the value of the user corresponding to VNCSERVERS. Basic VNCSERVERARGS parameters include:

-Geometry desktop size. The default value is 1024x768 resolution.-nohttpd does not listen to HTTP ports, 58xx ports (not recommended)-nolisten tcp does not listen to port X, and 60xx ports (not recommended) -localhost only allows access from the Local Machine (not written)-SecurityTypes None logon does not require password authentication VncAuth. password authentication is required by default-depth indicates the color depth, with the parameter 8, 16, 2nd-by default, AlwaysShared can only have one vncviewer connection (also related to client configuration). Once 1st connections are connected, are disconnected. This parameter allows multiple vncviewer connections at the same time.

View Code

 

Step 4:

(1) Start vncserver

# Service vncserver start (enable and take effect immediately) #/etc/init. d/vncserver start # service vncserver stop (immediately shut down the service and take effect) #/etc/init. d/vncserver stop # chkconfig vncserver on (set vncserver to start, restart to take effect) # chkconfig vncserver off (set vncserver to not start, restart to take effect)

 

Step 5:

(1) configure the VNC graphic desktop environment

Vnc is configured and running properly, but the screen displayed after logon with VNC-Viewer is gray (black) and cannot be operated.

In the original VNC xstartup program, the default value is to start twm instead of GNOME or KDE.

　　[1] modify the xstart file:

# Vi/home/user/. vnc/xstartup (the root user is/root/. vnc/xstartup)

The content is as follows:

#! /Bin/sh # Uncomment the following two lines for normal desktop: unset SESSION_MANAGER (remove annotation) exec/etc/X11/xinit/xinitrc (remove annotation) [-x/etc/vnc/xstartup] & exec/etc/vnc/xstartup [-r $ HOME /. xresources] & xrdb $ HOME /. xresourcesxsetroot-solid greyvncconfig-iconic & # xterm-geometry 80x24 + 10 + 10-ls-title "$ VNCDESKTOP Desktop" & (annotation line) gnome-session & (ADD) # twm & (annotate this line)

View Code

Note: You can also annotate the last line of twm & and add a line of gnome-session &.

You can also remove only three or four annotations.

　　　　　　The best way is to change it all.

　　[2] After modification, restart vncserver:

# Service vncserver restart (restart all vnc desktops, this command is not recommended) # vncserver-kill: 1 (stop the first desktop) # vncserver: 1 (start the first desktop)

 

Step 6:

(1) configure the firewall

# vi /etc/sysconfig/iptables 

The content is as follows:

# Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. * filter: input accept [0: 0]: forward accept [0: 0]: output accept [0: 0]: RH-Firewall-1-INPUT-[0: 0]-a input-j RH-Firewall-1-INPUT-A FORWARD-j RH-Firewall-1-INPUT-A RH-Firewall-1-INPUT-I lo-j ACCEPT-A RH-Firewall-1-INPUT-p icmp -- icmp-type any-j ACCEPT-A RH-Firewall-1-INPUT-p 50-j ACCEPT-A RH-Firewall-1-INPUT-p 51-j ACCEPT-A RH-Firewall-1-INPUT-p udp -- dport 5353-d 224.0.0.20.- j ACCEPT-A RH-Firewall-1-INPUT-p udp-m udp -- dport 631-j ACCEPT-A RH-Firewall-1-INPUT-p tcp-m tcp -- dport 631-j ACCEPT-A RH-Firewall-1-INPUT-m state -- state ESTABLISHED, RELATED-j ACCEPT-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 22-j ACCEPT-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 5901- j ACCEPT (ADD) -A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 5902-j ACCEPT (ADD) -A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 5903-j ACCEPT (ADD) -A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 5904-j ACCEPT (ADD)-A RH-Firewall-1-INPUT-j REJECT -- reject-with icmp-host-prohibitedCOMMIT

View Code

You can also disable the firewall (not recommended ):

# Service iptables stop (firewall is immediately disabled and the restart fails) # chkconfig iptables off (firewall is permanently disabled and effective after restart)

View Code

 

Step 7:

192.168.10.131: 1 -- here: 1 refers to the port number, which is 5900 + 1. This 1 is specified in/etc/sysconfig/vncservers.
This number is less than 100, and can be expressed directly with 192.168.10.131: 1 if it does not include 100.
If the value specified in vncservers is greater than 100 and contains 100, the complete port value is used during connection.
For example, if 100 is specified in vncservers, the connection should be as follows: 192.168.10.131: 6000.

 

In case of any errors, please point out that if there is any infringement, please inform us. If you need to reprint it, please indicate the source!

My blog: http://www.cnblogs.com/yllinux/