Linux Remote Desktop

Torture in the computer room for a long time to fix their own Mark. (Test environment rhel5.5)

VNC's Standalone service configuration

　　

Step 1:

(1) Check if the system has VNC service (can also be viewed and checked in the system-admin-service)

# Rpm-qa | grep VNC

(If there is a return value, similar to the value of vnc-server, this step can be skipped if the vnc-server is already installed.) ）

(2) Installing VNC:

(go to mount directory) # CD   /rhdvd/Server    (Install VNC--ivh vnc-server-4.1.  2-el5_6. 6 . x86_64.rpm (Install VNC--ivh vnc-4.1. 2-el5_6. 6. x86_64.rpm

View Code

(3) Verify that the Vnc-server package is installed successfully:

# RPM-QA vnc-server-4(shows VNC-server-4.1. 2-el5_6. 6)

View Code

Step 2:

(1) Running the VNC service

# vncservers    

(The VNC password is required for first run, this is the VNC password of the current user root)

(2) Add user and set password and set VNC password:

# Useradd user001    (add user) # passwd user001    - user001    (toggle user) # VNCPASSWD    /user/. VNC/PASSWD)

(Note that the vncpass here can only be run under the VNC user.) For example, if you want to configure the user named user001 VNC authentication password, you need to switch to the user001 user, and then run the VNCPASSWD command)

(3) Re-establish user002, user003 ...

Step 3:

Before you configure VNC, you must understand the operating mechanism of VNC

VNC under Linux can start multiple vncserver at the same time, each vncserver is distinguished by the display number, and each Vncserver service listens on 3 ports, respectively:

HTTP protocol default port 5800+ display number: VNC HTTP listener Port, if the VNC client is ie,firefox such as non-vncviewer must be open.

RFB protocol default port 5900+ display number: The true port that the VNC server communicates with the client must be open unconditionally.

X protocol default port 6000+ display number: x listening port, optional.

The display numbered, open ports are controlled by the vncservers and Vncserverargs in the/etc/sysconfig/vncservers file, respectively.

(1) Configuring the VNC service configuration file

# vi/etc/sysconfig/vncservers

The contents are as follows:

# The Vncservers variable isa list of Display:user pairs.## uncomment the lines below to start a VNC server on display:2#  asMy'MyUserName'(Adjust ThisTo your own). You'll also# need toSeta VNC password; Run'Mans VNCPASSWD'To see how# to DoThat . # # Do not RUN the this SERVICEifYour local Area network is# Untrusted! For a secureusingVNC, see#<url:http://www.uk.research.att.com/archive/vnc/sshvnc.html>.# Use"-nolisten TCP"To prevent X connections to your VNC server via tcp.# use"-nohttpd"To prevent web-based VNC clients connecting.# use"-localhost"To prevent remote VNC clients connecting except when# doing so through a secure tunnel. See the"-via"Optioninchthe# ' man vncviewer'manual page.# vncservers="2:myusername"# vncserverargs[2]="-geometry 800x600-nolisten tcp-nohttpd-localhost"vncservers="1:user001 2:user002 3:user003 4:user004"(add) vncserverargs[1]="-geometry 1366x768-alwaysshared"(add) vncserverargs[2]="-geometry 1366x768-alwaysshared"(add) vncserverargs[3]="-geometry 1366x768-alwaysshared"(add) vncserverargs[4]="-geometry 1366x768-alwaysshared"Add

View Code

Note: "1" vncservers= can support multiple users, separated by a space, the number is the port number is the desktop number.

After the "2" Vncserverargs, the data inside the [] is consistent with the value of the corresponding user behind the vncservers. Vncserverargs Basic parameters are:

-geometry desktop size, default is 1024x768 resolution -nohttpd  --localhost  only allows access from native (not written)-  Securitytypes None login does not require password Authentication Vncauth, the default to password Authentication -depth  color depth, parameters 8,and Alwaysshared can only have one Vncviewer connection (also related to client configuration), once the 2nd is connected, the 1th one is disconnected, this parameter allows to connect multiple vncviewer simultaneously

View Code

Step Four:

(1) Start Vncserver

# service Vncserver start     /etc/init.d/vncserver start# service vncserver stop    /etc/init.d/vncserver stop# chkconfig vncserver On   (set Vncserver to boot, reboot effective) # chkconfig vncserver off   (set Vncserver to power on without booting, reboot effective)

Step Five:

(1) Configuring the VNC graphical desktop environment

VNC is configured and functioning correctly, but the screen displayed after logging in with Vnc-viewer is grayed (and black) and cannot be manipulated.

The default setting in the VNC xstartup program is to start TWM instead of GNOME or KDE.

　　"1" Modify the Xstart file:

# vi/home/User/.vnc/xstartup    (root user is/root/.vnc/xstartup)

The contents are as follows:

#!/bin/sh# Uncomment the following and the lines fornormal Desktop:unset Session_manager (remove annotations) EXEC/etc/x11/xinit/xinitrc (remove annotations) [-x/etc/vnc/xstartup] && exec/etc/vnc/xstartup[-R $HOME/. Xresources] && Xrdb $HOME/. Xresourcesxsetroot-Solid Greyvncconfig-iconic &# xterm-geometry 80x24+Ten+Ten-ls-title"$VNCDESKTOP Desktop"&(note this line) Gnome-session &(ADD) # TWM& (Note this line)

View Code

Note: You can also annotate only the last line Twm & and add a line gnome-session &.

It is also possible to remove only 3 or 4 lines of annotations.

　　　　　　The best way is to change it all.

　　"2" will need to restart vncserver after modification:

# service Vncserver Restart     -kill:1    (Stop first Desktop) # Vncserver:1    

Step Six:

(1) Configuring the firewall

The contents are as follows:

# Firewall configuration written by system-config-securitylevel# Manual Customization of ThisFile isNot recommended.*filter:input ACCEPT [0:0]:forward ACCEPT [0:0]:output ACCEPT [0:0]:RH-firewall-1-input-[0:0]-A input-j rh-firewall-1-INPUT-A forward-j rh-firewall-1-INPUT-A rh-firewall-1-input-i Lo-J ACCEPT-A rh-firewall-1-input-p ICMP--icmp-type any-J ACCEPT-A rh-firewall-1-input-p --J ACCEPT-A rh-firewall-1-input-pWuyi-J ACCEPT-A rh-firewall-1-input-p UDP--dport5353-D224.0.0.251-J ACCEPT-A rh-firewall-1-input-p udp-m UDP--dport631-J ACCEPT-A rh-firewall-1-input-p tcp-m TCP--dport631-J ACCEPT-A rh-firewall-1-input-m State--state established,related-J ACCEPT-A rh-firewall-1-input-m State--state new-m tcp-p TCP--dport A-J ACCEPT-A rh-firewall-1-input-m State--state new-m tcp-p TCP--dport5901-J ACCEPT (add)-A rh-firewall-1-input-m State--state new-m tcp-p TCP--dport5902-J ACCEPT (add)-A rh-firewall-1-input-m State--state new-m tcp-p TCP--dport5903-J ACCEPT (add)-A rh-firewall-1-input-m State--state new-m tcp-p TCP--dport5904-J ACCEPT (add)-A rh-firewall-1-input-j REJECT--reject-with icmp-host-Prohibitedcommit

View Code

You can also turn off the firewall (not recommended):

# Service Iptables Stop    (instant shutdown firewall, reboot disabled) # Chkconfig iptables off    (permanently shut down firewall, restart active)

View Code

Step Seven:

192.168.10.131:1--here: 1 is the port number, refers to the 5900+1, this 1 is specified in the/etc/sysconfig/vncservers.
This number is below 100, not including 100 can be directly used 192.168.10.131:1 to express.
If the value specified in Vncservers is greater than 100 and contains 100, the full port value will be used when connecting.
such as: In the vncservers is specified in the 100, then the connection should be the case: 192.168.10.131:6000.

If there are errors please also indicate, if there is infringement please inform, if you want to reprint please specify the source!

My blog: http://www.cnblogs.com/yllinux/

Linux Remote Desktop