VNC Server configuration in CentOS 6.3

Operating System: CentOS6.3

Linux can be controlled by using SSH remote connection, or the following command can be executed on the host for projection.

[root@localhost ~]# export DISPLAY=ipaddress:0[root@localhost ~]# xhost +

This command requires that the ipaddress machine is equipped with X Server (such as Xmanager), but sometimes it is necessary to project the entire remote Linux desktop to a local computer. In this case, you can still install and configure Xmanager.

This article describes how to configure the VNC Server. You need to configure the yum source. The "host" in this article refers to the machine on which Linux is installed.

First, verify whether the VNC Server is installed on the host.

[root@localhost ~]# yum list | grep vnc

. Return

tigervnc.x86_64                        1.0.90-0.10.20100115svn3945.el6    @localtigervnc-server.x86_64                 1.0.90-0.10.20100115svn3945.el6    @local

It indicates that it already exists. Otherwise, it passes

[root@localhost ~]# yum install "*vnc*"

.

Single User root configuration method:

1. Start the VNC Server. You are required to enter the initial password for two connections.

[Root @ localhost ~] # VncserverYou will require a password to access your tops. password: // enter the Password Verify: // enter the Password xauth: creating new authority file/root/again /. xauthorityNew 'localhost. localdomain: 1 (root) 'desktop is localhost. localdomain: 1 Creating default startup script/root /. vnc/xstartupStarting applications specified in/root /. vnc/xstartupLog file is/root /. vnc/localhost. localdomain: 1.log

Note: Each user can start multiple VNC Server Remote desktops, which are identified by ip and port number: ip: 1, ip: 2, ip: 3, using the same port will automatically cause other users to log out. In addition, most configuration files and log files of the VNC Server are in the. vnc directory of the user's home directory.

You can customize the startup number, for example:

[Root @ localhost ~] # Vncserver: 2 # Note: There must be spaces in front of 2. A vnc server is already running as: 2

2. Red Hat Linux supports two graphical modes: KDE mode and gnome mode.

What graphic mode does your Redh Hat use? Generally, you only need to log on to the graphic interface to view it.

[root@localhost ~]# ps -aux | grep gnome

Such command to determine.

For gnome desktop, You need to modify the configuration file of/root/. vnc/xstartup.

Use vi to open the xstartup file, as shown below:

[root@localhost /]# cd /root/.vnc[root@localhost .vnc]# vi xstartup

Delete all content and add the following content:

unset SESSION_MANAGERexec /etc/X11/xinit/xinitrc

3. Restart the VNC Server

[root@localhost ~]# vncserver -kill :1Killing Xvnc process ID 21198[root@localhost ~]# vncserverNew ‘localhost.localdomain:1 (root)’ desktop is localhost.localdomain:1Starting applications specified in /root/.vnc/xstartupLog file is /root/.vnc/localhost.localdomain:1.log

Open the listening port of the VNC Server on the firewall

The VNC Server uses three ports: 5801, 5901, and 6001.

[root@localhost /]# cd /etc/sysconfig[root@localhost sysconfig]# vi iptables

Add the following three rows:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 5801 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 6001 -j ACCEPT

Note that you must

-A INPUT -j REJECT --reject-with icmp-host-prohibited

Otherwise, it will not take effect.

Restart iptables.

[root@localhost sysconfig]# /etc/rc.d/init.d/iptables restartFlushing firewall rules: [  OK  ]Setting chains to policy ACCEPT: filter [  OK  ]Unloading iptables modules: [  OK  ]Applying iptables firewall rules: [  OK  ]Loading additional iptables modules: ip_conntrack_netbios_ns ip_conntrack_ftp [  OK  ]

Connect to VNC Server using VNC Viewer on a Windows Server

Download the VNC Viewer, run it, enter IP: 5901, enter the password you just set, and enter the RHEL desktop.

Multi-user configuration method:

1. After vncserver is installed, set vncserver to self-start:

# Chkconfig -- level 345 vncserver on

2. modify the configuration file and set the users that can log on through the VNC client:

# Vi/etc/sysconfig/vncservers

Modify the vnc configuration file:

---------------------------

# The VNCSERVERS variable is a list of display: user pairs.

#

# Uncomment the lines below to start a VNC server on display: 2

# As my 'myusername' (adjust this to your own). You will also

# Need to set a VNC password; run 'man vncpasswd' to see how

# To do that.

#

# Do not run this service if your local area network is

# Untrusted! For a secure way of using VNC, see

# <URL: http://www.uk.research.att.com/archive/vnc/sshvnc.html>.

# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.

# Use "-nohttpd" to prevent web-based VNC clients connecting.

# Use "-localhost" to prevent remote VNC clients connecting tables t when

# Doing so through a secure tunnel. See the "-via" option in

# 'Man vncviewer 'manual page.

# VNCSERVERS = "2: myusername"

VNCSERVERS = "1: root 2: test1 3: test2"

VNCSERVERARGS [1] = "-geometry 800x600"

VNCSERVERARGS [2] = "-geometry 800x600"

VNCSERVERARGS [3] = "-geometry 800x600"

----------------------------

# VNCSERVERARGS [2] = "-geometry 800x600-nolisten tcp-nohttpd-localhost" Description: VNCSERVERS can be users who remotely log on through the VNC client

Format: 1: User 1 2: User 2 3: User 3

However, in this way, only user 1 can log on. User 2 and user 3 cannot log on.

3. Modify the vnc configuration file in each user's home directory to allow multiple users to log on

# Su-root

$ Mkdir. vnc // * Create A. vnc directory to save this user's vnc configuration file *//

$ Vncpasswd // * set the root user's vnc remote connection password *//

# Vi xstartup

Delete all content and add the following content:

---------------

Unset SESSION_MANAGER

Exec/etc/X11/xinit/xinitrc

---------------

# Su-test1

$ Mkdir. vnc // * Create A. vnc directory to save this user's vnc configuration file *//

$ Vncpasswd // * sets the vnc remote connection password of the test1 user *//

# Vi xstartup

-------------

Unset SESSION_MANAGER

Exec/etc/X11/xinit/xinitrc

-------------

Similarly, test2

4. Update the X11 Font Pack (support for centos default update source updates)

Yum install pixman-devel libXfont

5. Restart the VNC service.

# Service vncserver restart

6. Modify permissions

Su-root

Chmod 755. vnc/xstartup

Su-test1

Chmod 755. vnc/xstartup

Su-test2

Chmod 755. vnc/xstartup

7. Disable firewall restrictions on VNC ports

If you want to control a Linux instance on the Intranet from the Internet, you need to open the corresponding port of the firewall and perform port ing on the vro.

The port number that VNC gives to the browser is 5800 + N, the port number for vncviewer is 5900 + N, and N is the set display number.

If you do not want to enable the firewall but still need the VNC service, you need:

Edit vi/etc/sysconfig/iptables

Add the following two lines to it:

-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 5901-j ACCEPT

-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 5902-j ACCEPT

What is needed here is that the port corresponding to the display N is 5900 + N, so it is not recommended to set too much.

8. Stop vncserver: (optional)

To stop a vncserver, run: vncserver-kill: 1.

Note: ": 1" indicates that the first vnc desktop is stopped, 1 indicates the number of the currently enabled VNCserver, and there is a space before ": 1. If the number currently started is 2, to disable it, use "vncserver-kill: 2 ".

9. Change vnc password: (read only)

To change the vnc password, run: vncpasswd.

Enter the password twice.

10: Check whether the VNC Server on the Server is running properly:

Run: ps-ef | grep vnc

If the vnc is running, you can see similar messages:

# Ps-ef | grep vnc

Root 3605 1 0 Jul13? 00:13:51 Xvnc: 1-desktop MyIMS. local: 1 (root)-httpd/usr/share/vnc/classes-auth/root /. xauthority-geometry 800x600-depth 16-rfbwait 30000-rfbauth/root /. vnc/passwd-rfbport 5901-pn

The vnc process listens on port 5901.

10. VNC client

After the server runs normally, we can consider using the VNC client to connect to it.

Configuration of Windows client VNC Viewer:

A. Download VNC Free Edition for Windows Version 4.1.2 from the http://www.realvnc.com/download.html

B. Open VNCViewer:

Enter the IP address of the VNCServer: Number (1 or 2 or ...)

C. VNCViewer switch to full screen mode: F8

11 some configuration files:

/Etc/X11/xorg. conf set screen resolution

At this point, your VNC should be connected, but there may be a black screen problem:

A. Check the log under/root/. vnc/. Is there any error? It may be that the xstartup permission is insufficient. Change "chmod xstartup 777"

Permission. Restart the instance and try again.

B. Restart your computer and try again. I am a black screen after various configurations, and OK after restarting the computer.

12. view the VNC logon log:

Access the. vnc/host name in the home directory where you log on to the user: 1. log File

For example:

/Root/. vnc/www.test.com: 1.log

---------- Other configurations -------------

VNCServer Configuration
Generally, vncserver is automatically installed in redhat. You only need to select and start it in the service list.
Start your window manager by editing the file $ HOME/. vnc/xstartup. Use
Startkde & to start KDE and use gnome-session & to start GNOME.

Create for the first time ~ /. Vnc/xstartup, the specified Window manager is twm, which is a very small Window manager and has twm on almost every X Window System machine. Twm does not have most of the fancy features of the "Desktop Manager" (like KDE, GNOME, or WindowMaker. The following is a modified example:

#! /Bin/sh

[-X/etc/vnc/xstartup] & exec/etc/vnc/xstartup
[-R $ HOME/. Xresources] & xrdb $ HOME/. Xresources
Xsetroot-solid gray
Vncconfig-iconic &
# Xterm-geometry 80x24 + 10 + 10-ls-title "$ VNCDESKTOP Desktop "&
# Twm &
# Exec wmaker
# Exec startkde
Gnome-session &

In the above example, the default start of twm and xterm is commented out. This desktop is configured to avoid color gradient on the background and title bar, and very little animation effect is used.


Disable vnc connection on the server
Vncserver-kill: desktop number

Automatically run vncserver upon startup
1. Set the vncserver STARTUP script (/etc/init. d/vncserver) to enable vncserver when the system starts automatically.

2. edit/etc/sysconfig/vncservers

VNCSERVERS = "1: user1"
ARGS = "-geometry 800x600-alwaysshared"

Modify "800x600" in ARGS to adapt to the actual X Desktop parameter configuration. You can add any other VNC Server parameter configuration here. In VNCSERVERS, modify user1 to the user you want to run the VNC desktop. 1 In VNCSERVERS indicates that VNC runs on desktop 1. If you want to add another desktop, you can modify the configuration as follows:

VNCSERVERS = "1: user12: user23: user3"

3. Set the vnc server access password
Vncpasswd

On the RedHat system, run the following command to start VNC:
/Etc/init. d/vncserver start

----------------

Change the root and vnc passwords and configure vnc

Change the root password.

Log on to the root user

# Passwd

Change vnc Password

# Vncpasswd

Configure vnc

# Vi/etc/sysconfig/vncservers

Find the vncservers = "1: myusername" string, remove the comment, and change myusername to your logon username. Save and exit.

# Service vncserver start // This step allows him to generate an xstatup File

# Vi. vnc/xstatup // this step is run under root @ localhost #

Unset SESSION_MANAGER

Exec/etc/X11/xinit/xinitrc (remove comments)

# Vi/etc/sysconfig/iptables

Add port 5901 to it, save and exit.

# Service iptables restart

# Service vncserver restart

Complete

If you want to set a user other than the root user

First create a user

Root @ localhost # cp-r. vnc/home/userName

Root @ localhost # chown-R userName: groupName. vnc

If too accept security failures occurs when you connect to VNC: it may be because VNC is disabled. Restart the VNC service. # Service vncserver restart

This article from "all the way to the North" blog, please be sure to keep this source http://showerlee.blog.51cto.com/2047005/1127490