PDA

View Full Version : Vnc & Gdm



gin
30th April 2004, 04:30 PM
so, you have no graphics card, but you still want GUI management / X Windows......

Perhaps you do have a graphics card but want the convenience of using VNC to reach your Fedora machine?

There are some great turotials on getting the basics of VNC set up, but it always logs you right into the machine as a specific user...I want to choose my user....VNC + GDM is the answer

VNC + GDM will allow you to fir a vnc viewr at you linux box and have the GDM appear. This information contained below is a collection of personal knowledge and information collected from other postings on some other boards (note: go back and reference some of the contributors).

This mini-tutorial will not cover off security...so if you are doing this..make sure it is on your own network, behind a firewall etc. etc. etc....I hope to come back and add the security pieces in later...just don't have too much time today.

On with the show......

How it will work
===========
GDM will be running in the background (with no X-Server in this config). When we start a VNC session, VNC will contact the GDM to display the "Greeter"...then we log in as we normally do with GDM locally.

Configure GDM
==========
Sorry to you KDM/XDM folks out there...I will add in KDM ata a later date...it isn't too much different.

GDM presents the graphical greeter. To allow VNC to contact the GDM we must turn on XDMCP (Security concious peeps should set their firewall to only allow LOCAL connections for XDMCP - i.e. from the localhost - because VNC is running on the same linux device) - there is another option here to change the XServer that GDM can run to be VNC but I have not explored this option...perhaps later, but for now we'll do it with XDMCP:
1. Turn on XDMCP


edit /etc/X11/gdm/gdm.conf
find the [xdmcp] section
Change
Enable=false
to
Enable=true

2. (optional) Turn off XWindows (VNC runs it's own XWindows)


edit /etc/X11/gdm/gdm.conf
find the [servers] section
Change
0=Standard
to
#0=Standard


Configure VNC
==========
We will have VNC run from xinetd. We will create 2 "services". One for 800x600 and the other for 1024x768...if you want others, you can extrapolate yourself....800x600 will be available via :0 and 1024x768 as :1 (don't worry yet if you do not understand what I mean by :0 and :1)

1. Create /etc/services


edit /etc/services
add the following 2 liines:
vnc800 5900/tcp # VNC & GDM
vnc1024 5901/tcp # VNC & GDM


2. create xinetd services


create etc/xinetd.d/vnc800
service vnc800
{
disable = no
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -inetd -broadcast -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none
}


3. -securitytypes=none means VNC will not ask you to authenticate...we want GDM to do that part...

4. create xinetd services


create etc/xinetd.d/vnc1024
service vnc1024 {
disable = no
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -inetd -broadcast -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none
}


TEST IT
=====


1. stop any X Windows
init 3

2. Log into console (text mode)
3. Turn off "vncserver"...we don't want VNC to run except for xinetd
chkconfig --level 2345 vncserver off
4. start GDM
init 5
5. start vncviewer
I tested my connection from Win XP...
for 800x600 -> vncviewer localhost:0
for 1024x768 -> vncviewer localhost:1



SUMMARY
=======
You should now be able to run a headless (no kbd/mouse/video) linux box with a GUI and GDM greeter....

I know this mini-tutorial is a little thin at the moment, but I only had a few mins to type it up..I will clean it up I promise...if anyone likes it...I could try and write a mini-howto.....anyway...good luck..

-GIN-

redhat71
3rd May 2004, 05:33 AM
Originally posted by gin
You should now be able to run a headless (no kbd/mouse/video) linux box with a GUI and GDM greeter....


i do get a gdm greeter but it looks different, any idea?

gin
3rd May 2004, 06:23 AM
This is probably caused by the RemoteGreeter setting of GDM...try adding:


RemoteGreeter=/usr/bin/gdmgreeter

to /etc/X11/gdm/gdm.conf

Alternatively (GUI METHOD)
run gdmsetup

change the remote greeter in the GENERAL tab to your liking !!


Note..for the xinetd config...you can also use:

server_args = -inetd -query localhost -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none

instead of

server_args = -inetd -broadcast -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none

-Gin-

redhat71
3rd May 2004, 09:21 AM
Originally posted by gin
This is probably caused by the RemoteGreeter setting of GDM...try adding:


RemoteGreeter=/usr/bin/gdmgreeter

to /etc/X11/gdm/gdm.conf

Alternatively (GUI METHOD)
run gdmsetup

change the remote greeter in the GENERAL tab to your liking !!


that's it, thanks


Originally posted by gin

Note..for the xinetd config...you can also use:

server_args = -inetd -query localhost -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none

instead of

server_args = -inetd -broadcast -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none

-Gin-

and the difference would be?
i saw "-query localhost" as an example in the man page of Xvnc, but didn't find an explanation of it

gin
7th May 2004, 03:13 PM
The difference would be that:

--broadcast
does an xdmcp broadcast ( to the broadcast address ) and may receive "responses" from other machines, whereas

--query 127.0.0.1
is a unicast message directly to the localhost. This is more appropriate since we do not want "remote" connections to GDM. The user connects remotely to VNC but VNC connects LOCALLY (sp) to [GKX]DM.

This will allow users running firewalls to keep this more secure.

-Gin-

redhat71
7th May 2004, 07:04 PM
ok, thanks a lot!

g3brown
2nd June 2004, 01:06 PM
This works great. However if I turn on IPTABLES, you just get an X type desktop after connecting. Seems the X and GDM are communicating. Could you offer any advice there? Thanks!

# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5900 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

gin
2nd June 2004, 03:30 PM
Unfortunatly I was unable to replicate your results. First thing would be to turn on logging in the firewall so that we can actually see what is being rejected. Here is a sample that I used for testing. This in no way implies a secure firewall configuration (infact...it's not):



:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
:LOGANDREJECT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5900 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -j LOGANDREJECT
#-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A LOGANDREJECT -j LOG
-A LOGANDREJECT -j REJECT


Basically this code will log to /var/log/messages the packets that do not get accepted.

look for (sorry if this is all news to you, I just do not know your familiarity with firewalls:


Jun 1 X:X:X ABCDEFG kernel: IN=eth0 OUT= MAC=
SRC=X.X.X.X DST=X.X.X.XLEN=XX TOS=0x00 PREC=0x00 TTL=XXX
ID=30755 DF PROTO=UDP SPT=XXX DPT=XXX LEN=XX


Pay attention to the SPT= and DPT= fields. Post your info and we'll see what happens.....

-GIN-

g3brown
3rd June 2004, 03:53 PM
Do you have the COMMIT at the end of your file? I think it is necessary for the filter to take effect. I logged the rejects and caught only one line.

Jun 2 22:37:37 fedora2 kernel: IN=eth0 OUT= MAC= SRC=192.168.0.107 DST=192.168.0.255 LEN=35 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=32769 DPT=177 LEN=15

I opened upd port 177 with

-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 177 -j ACCEPT

and now vnc connects wonderfully again. Thanks for your help.

ofergal
15th June 2004, 05:52 AM
Didn't you mean:
create etc/xinetd.d/vnc1024
service vnc1024 {
disable = no
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -inetd -broadcast -geometry 1024x768 -depth 16 -once -fp unix/:7100 -securitytypes=none }

2 more
1. Is this going to force 1 password for VNC then user/password for the login?
2. Can I have more then 2 VNC services (say for 3 more resolutions optins)

Thanks

gin
15th June 2004, 07:57 AM
1024x76s...oops...bad copy paste :-)


1. Is this going to force 1 password for VNC then user/password for the login?

No, the "-securitytypes=none" argument makes VNC not ask you for a password but because we are using XDMCP (think GDM) then then GDM will respond (or xdm or kdm depending on what you are running).


Can I have more then 2 VNC services (say for 3 more resolutions optins)

Yes you can..just keep adding them:
Add to /etc/services
Add to /etc/xinetd.d/<whatever>

-GIN-

zathrusuk
10th October 2004, 02:31 PM
Hi, Thanks for the how to it was very very usefull, i have followed it and got the login screen to appear, i fill in my details and then it suddenly closes the vnc viewer on my windows xp service pack 2 machine is there something i am doing wrong?

ANy help would be great. Thanks

Mike

felmasper
7th November 2004, 10:57 AM
I am using this tutorial for Debian and:

1) Xvnc does not have the securitytype option yet, I've just disabled it
2) what if I want my machine to have a gdm working on :0 while I use another via VNC?

Well I suppose I could use vncserver which chooses an empty DISPLAY or write a script myself... kind of:

Xvnc.new:
#!/bin/sh
d=0
while [ -f /tmp/.X11-unix/X$d ] ; do let d++ ; done
Xvnc "$@" :$d
#eof

Supposed... I tried but it did not work. VNC gives me "invalid protocol". I did straces (with "strace -o /tmp/foo -fp `pidof inetd`"), solved some problems (mainly with font paths, Debian uses additional paths besides xfs and I X was not getting a cursor theme) but I am still getting "Invalid protocol".

I do not understand how is gdm going to be started after I connect to a VNC... hmm let me see... -query localhost will look for XDMCP connections in localhost and gdm is one of them, is that it?

Should I change gdm.conf, XDMCP part, enabling servers on :1, :2 and so on?

I am using it over ssh. It's ok, I've already used VNC over ssh with a fixed server (vncserver called from command line).

[]s
Felipe

jtkohl
11th November 2004, 06:13 PM
If I understand the basic setup here, won't the Xvnc server stop when
you disconnect the vnc client? That's rotten, because half of the
benefit of VNC is being able to disconnect a session and reconnect
later. How do xinetd and Xvnc interact?

If I can reconnect later, then you really need to set up the Xvnc line
in the xinetd config file to require some authentication, otherwise when
you disconnect someone else can reconnect without authenticating.

baoilleach
10th December 2004, 05:38 PM
I'm trying to set up a vnc server so that users will see gdm when they start a vncviewer. I'm trying to set this up using SSH tunneling.

I'm having some problems.

Can someone talk me through what is exactly happening in this case - e.g. computer A connects to port X on computer B; this causes xinetd to do something, etc. I find it a bit hard to get it all straight in my head, so I don't know how to look for the problem.

Regards,
baoilleach

gin
7th January 2005, 04:17 AM
I'm trying to set up a vnc server so that users will see gdm when they start a vncviewer. I'm trying to set this up using SSH tunneling.

I'm having some problems.

Can someone talk me through what is exactly happening in this case - e.g. computer A connects to port X on computer B; this causes xinetd to do something, etc. I find it a bit hard to get it all straight in my head, so I don't know how to look for the problem.

Regards,
baoilleach

the SSH Client connects to the SSH server.
the SSH Client must be configured to create a "local" tunnel to forward a "local" port on the client to a "remote" port on the server (which will go through ssh and thus be encrypted).
The local ports must be >=5900 and the remote port must be those which you configure xinetd to listen to (5900, 5901 in the example)

ssh -l <USER> -L 5910:127.0.0.1:5901 <SERVER>

The above command causes the SSH CLIENT to create a listening service on the client using tcp port 5910. This is the port that we will connect our VNC client to - 127.0.0.1:10 (:10 means display number 10 which means port 5910). When the local listener receives anything on port 5910 it transports it ACROSS the ssh tunnel (tcp port 22) and feeds it to localhost on the server side (i.e. the server) on port 5901.

gin
7th January 2005, 04:28 AM
If I understand the basic setup here, won't the Xvnc server stop when
you disconnect the vnc client? That's rotten, because half of the
benefit of VNC is being able to disconnect a session and reconnect
later.
You understand correctly. Xvnc will stop when you disconnect the client.

How do xinetd and Xvnc interact?
Xinetd is the service that is listening on the tcp port, NOT Xvnc. Once Xinetd has received a connection on the port it starts the command associated with that service (in our case: /usr/bin/Xvnc -inetd -broadcast -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none).

Once the program starts xinetd passes the various handles to the program.


If I can reconnect later, then you really need to set up the Xvnc line
in the xinetd config file to require some authentication, otherwise when
you disconnect someone else can reconnect without authenticating.
That would be the case if you could re-connect later. With the particular method we are using here Xvnc is on a per connection basis where we want GDM to perform the authentication for us. If you want a persistent VNC session then you would do better to log in over SSH and then start your VNCSERVER. You may then open and close your connection as long as that VNCSERVER process remains running - obviously do no use he securitytypes=none at this point.

cbolin
18th January 2005, 12:37 AM
First Gin, thanks for this post - I've used it many times to get this up and running.

Have a problem though:

I can run Synaptic locally fine. However if I log in remotely via VNC I get the following:



Xlib: connection to "localhost.localdomain:1.0" refused by server
Xlib: No protocol specified


(gedit:3176): Gtk-WARNING **: cannot open display:


Oddly, this happens when I try to run gedit as root also - but not as any other user.

What the heck is this and how can I correct it

cbolin
20th January 2005, 01:14 AM
SOLVED!!! Create a file called /etc/X0.hosts (or modify if it exists) and add the following line:

Code:
127.0.0.1


Since there are buzzilions of questions about this subject if you google the error message - I'd suggest adding it to the howto. I couldn't find a solution posted - I had to figure it out.

gin
3rd March 2005, 01:05 AM
Sorry I have not been able to reply for a while - I'll not bother you with excuses, but anyway.....

I finally installed core 3 and indeed I suffered black screens... that was until I change the value of "localhost" to the result of "hostname -f"


(from /etc/xinet.d/vnc800)
-inetd -query <my fullly qualified domain name> -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none


Hope that helps!!

-Gin-

sc00by
24th March 2005, 09:51 PM
Im confused now. I am indeed suffering these black screens but do not have a xinet.d file or a vnc800 filein the location you specified.

Where is -inetd -query <my fullly qualified domain name> -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none

supposed to go??

i did run hostname -f and it appears as my http:// address and not localhost

Thanks

gin
25th March 2005, 04:45 AM
My bad, that should have read /etc/xinetd.d/vnc800. This file is created back at the very begining of the thread!!.

As for the hostname -f, well, if "hostname -f" returns minime.nowhere.com then your /etc/xinetd.d/vnc800 file should look like:

service vnc800
{
disable = no
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -inetd -query minime.nowhere.com -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none
}

gin
25th March 2005, 04:50 AM
So, does anyone still find this thread useful?

Should I put it together as a how-to and include the firewall config/ssh config etc?

Opinions please!

jim
25th March 2005, 04:54 AM
Why not? any help would be great to anyone plus if you see a thread started, you can easilt point them to the HOw-to artile you wrote. include images as well pictures speak a thousand words. also you can post it at fedoraNEWS.org that site is hit quite often.

alphonsebrown
25th March 2005, 10:23 AM
great How-to I was thinking it's not possible but it seems very good just 2 things: how would some one be able to reconnect later with security..=none when he needs ssh auth first :)

and is it possible to make it automatic to reconect later not to start vncserver after connect through ssh but like xinetd.. I may have confused the technical terms, hope you got the idea?

should we just forward 117 through ssh?


(optional) Turn off XWindows (VNC runs it's own XWindows)
Code:

edit /etc/X11/gdm/gdm.conf find the [servers] section Change 0=Standard to #0=Standard what means optional?

what's the connection with that line from services??
x11-ssh-offset 6010/tcp # SSH X11 forwarding offset

sc00by
25th March 2005, 05:27 PM
I have tried this and alomst have it working. The black screen is gone but now i get the desktop with menu etc but no pictures! :confused:

heres what i'm getting!

http://img.photobucket.com/albums/v355/sc00by121/snova/hmm.jpg

any ideas?

alphonsebrown
25th March 2005, 05:29 PM
it's ugly for sure :)

gin
25th March 2005, 11:40 PM
should we just forward 117 through ssh?
The only thing that needs to be forwarded through SSH is the VNC connection (TCP Port 5901/5902 etc) This will be more clearly explained as I create the howto. 117 is not required to forward through because this is only used locally (between XVnc on your fedora box and the xdmcp on your fedora box).


how would some one be able to reconnect later with security..=none when he needs ssh auth first :)
If SSH is still active (the tunnel is still open and forwarding the packets) then your SSH auth is still valid, so you can just VNC as normal. If the tunnel is closed then you will ahve to re-establish. Remember though that these are "on-demand" sessions and will terminate once you close the connection (i.e. when you re-connect you are starting a new session). If you want to re-connect to the same session then you should probably be using "vncserver" and not xinetd.


what means optional?
By optional, we mean that you do not have to disable the local X server if you do not want to.

-G-

gin
25th March 2005, 11:52 PM
I have tried this and alomst have it working. The black screen is gone but now i get the desktop with menu etc but no pictures! :confused:

heres what i'm getting!
...
any ideas?

I would imagine that this is either caused by some typo in the modifications you have made or this could be a result of VNC using a lower colour depth to compensate for network conditions. Here are the screenshots from my connection. I will later post all fiels that I modify in their entirity.

http://twistedpear.no-ip.org/images/fedora/1.vnc.png
http://twistedpear.no-ip.org/images/fedora/2.gdmlogin.png
http://twistedpear.no-ip.org/images/fedora/3.loggedin.png
http://twistedpear.no-ip.org/images/fedora/4.stuff.png

orbknives
26th March 2005, 04:02 AM
This is great!!However in my case firestarter keeps blocking my VNC port!!

sc00by
26th March 2005, 10:22 AM
I've fixed it!

I changed the colour depth from 32 to 16 in the vnc config file and it started working

Thanks everyone

alphonsebrown
26th March 2005, 10:57 AM
once you close the connection (i.e. when you re-connect you are starting a new session). If you want to re-connect to the same session then you should probably be using "vncserver" and not xinetd.


By optional, we mean that you do not have to disable the local X server if you do not want to.

-G-
so what means not to disable the local X server? is that about leaving any current X session and starting a new one because that's what I want if there's already an active session not to close it and what affects this local server? I mean is it connected to local logins or?

and can this on demand be made to work with xinetd only in no active session is available?

alphonsebrown
26th March 2005, 11:31 AM
can we combine xinetd and vncserver depending on wheater we have an active session (or I made remote reboot)

alphonsebrown
27th March 2005, 04:13 PM
I don't know who gave the negative reputation on this thread but I'm not been talking personaly to anyone so who's the guy?

gen
3rd April 2005, 02:18 AM
gin, really useful tutorial! Provides the ideal way
for me to remotely administer the server I just setup on an old box.

pim
23rd May 2005, 09:56 PM
Hi Gin

I am confused here, to be honest I am not too experienced so please go easy on me
As far as I can see I did exactly what you described in your original post, subsequently I corrected the typo for the resolution, and I added the the hostname to prevent the black screen

Now I try to connect using vncviewer , from an XP-client to my Fedora 4-3 box, using the internal IP address: 192.168.0.4, no port extension

I keep getting the following message: "unable to connect to host Connection refused (10061)
The firwall is off, and from the same machine I can log in the Fedora box using secure CRT, as well as pinging it
For good measures I also rebooted the box, but no joy

Any help is greatly appreciated

alphonsebrown
23rd May 2005, 10:31 PM
telnet 5900/5901 ok?

pim
23rd May 2005, 10:43 PM
no address associated with nodename :mad:

suitepotato
24th May 2005, 07:41 PM
This is probably caused by the RemoteGreeter setting of GDM...try adding:


RemoteGreeter=/usr/bin/gdmgreeter

to /etc/X11/gdm/gdm.conf

Alternatively (GUI METHOD)
run gdmsetup

change the remote greeter in the GENERAL tab to your liking !!


Note..for the xinetd config...you can also use:

server_args = -inetd -query localhost -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none

instead of

server_args = -inetd -broadcast -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none

-Gin-

The above did work and I made it work from my workplace accross an SSH session with port forwarding. It was the -query localhost which most directly seems responsible for ending my black screen issues.

Before I could get to that point however, I had to make the newly created services work.


netstat -a

didn't show them there and listening.

As root,


# /sbin/service xinetd restart

fixed the issue of the first run. A reboot would also have done the trick.

It should also be remembered that if your machine boots to a graphical greeter by default, then when you logout of one of these sessions GDM and all its parts will still be running. So then


# init 3
# /sbin/service xinetd restart
# init 5

Makes certain to clear everything if it bogs down, misbehaves, etc.

I thank the writer of this and all those who've posted their issues and shared information. I was tearing my hair out trying to get this to work. Now I need to figure out the issues of running multiple users at once and then I'll have a really cheap terminal server for my house, saving me from buying a bunch of new machines for my family.

pim
24th May 2005, 07:51 PM
Just to be sure: is this meant as a general posting or as a concrete answer to my problem, if the latter (hopefully), do I need to do all those things.
And lastly: your remark about "localhost", how should I interpret that

suitepotato
24th May 2005, 08:11 PM
You need to specify the session ID number or explicit port number depending on the client. Usually for you if the vncserver enabled machine is at 192.168.0.4, then it would be 192.168.0.4:0 or 192.168.0.4:5900 as the case may be.

suitepotato
24th May 2005, 08:44 PM
Just to be sure: is this meant as a general posting or as a concrete answer to my problem, if the latter (hopefully), do I need to do all those things.
And lastly: your remark about "localhost", how should I interpret that


-broadcast

in the vnc800/vnc1024 service definitions does a simple broadcast and some machines may not listen to their own broadcasts. Changing it to


-query localhost

explicitly tells it to talk to itself.

I mean no insult on your level of knowledge when I point out that localhost simply refers to the machine's loopback address on 127.0.0.1 and you can in fact can use that IP instead of localhost.

Some machines don't listen to localhost/127.0.0.1 because lo is not working right and you can instead specify your eth0 IP address.


#/sbin/ifconfig eth0

...will tell you what your ethernet IP is currently which in your case was 192.168.0.4 IIRC.


#/sbin/ifconfig lo

...should tell you if loopback is there and configured correctly.


ping localhost

or


ping 127.0.0.1

...will confirm if your machine is responding there. I've had various Linux and especially BSD boxes not work on their own loopbacks but they did on eth0.

pim
24th May 2005, 08:58 PM
what do you makeof this???

[root@Fedora43 /]# service xinetd restart
xinetd: unrecognized service
[root@Fedora43 /]# /etc/rc.d/init.d/xinetd restart
bash: /etc/rc.d/init.d/xinetd: No such file or directory
[root@Fedora43 /]# /sbin/service xinetd restart
xinetd: unrecognized service
[root@Fedora43 /]#

suitepotato
24th May 2005, 10:14 PM
what do you makeof this???

[root@Fedora43 /]# service xinetd restart
xinetd: unrecognized service
[root@Fedora43 /]# /etc/rc.d/init.d/xinetd restart
bash: /etc/rc.d/init.d/xinetd: No such file or directory
[root@Fedora43 /]# /sbin/service xinetd restart
xinetd: unrecognized service
[root@Fedora43 /]#


# service --status-all |grep xinet


Should tell you if it is there as well as


# ps aux |grep xinetd

I leave further ferreting on this to others more skilled at xinetd. Although, according to some of my Google searches, it may be called xinet without the d on the end.

pim
24th May 2005, 10:22 PM
Thanks so far man, really appreciate your help here

Can anyone else tell me what's wrong here

root@Fedora43 tss2]# service --status-all|grep xinet
Device not specified in /etc/sysconfig/diskdump
rndc: connect failed: connection refused
Server address not specified in /etc/sysconfig/netdump
squid: ERROR: No running copy
[root@Fedora43 tss2]# ps aux|grep xinetd
root 12945 0.0 0.1 3756 716 pts/1 S+ 23:20 0:00 grep xinetd
[root@Fedora43 tss2]#

it looks like xinet(d) is not running/not installed, is that possible???

superyupkent
25th May 2005, 05:07 AM
edit: I managed what the problem was, I had my keyboard layout wrongly configured.


Thanks for this very interesting howto, it took me a while to get it all up and running but now were there. Initially I couldnt get over the black screens at login but a xhost +localhost solved that problem.

Now I am still faced with the fact that I can login perfectly but I am not able to use my keyboard, are there people here who experienced that same issue and perhaps solved it?

Alex

alphonsebrown
25th May 2005, 07:02 AM
Thanks so far man, really appreciate your help here

Can anyone else tell me what's wrong here

root@Fedora43 tss2]# service --status-all|grep xinet
Device not specified in /etc/sysconfig/diskdump
rndc: connect failed: connection refused
Server address not specified in /etc/sysconfig/netdump
squid: ERROR: No running copy
[root@Fedora43 tss2]# ps aux|grep xinetd
root 12945 0.0 0.1 3756 716 pts/1 S+ 23:20 0:00 grep xinetd
[root@Fedora43 tss2]#

it looks like xinet(d) is not running/not installed, is that possible???
looks pretty much like you don't have it, btw: how did you manage to do that? what kind of installation of FC4t3 did you do, custom?

alphonsebrown
25th May 2005, 07:03 AM
Thanks for this very interesting howto, it took me a while to get it all up and running but now were there. Initially I couldnt get over the black screens at login but a xhost +localhost solved that problem.

Now I am still faced with the fact that I can login perfectly but I am not able to use my keyboard, are there people here who experienced that same issue and perhaps solved it?

Alex what was that xhost thingy?

superyupkent
25th May 2005, 10:43 AM
I did that to allow GDM to accept connections from the localhost, after that I had it working

alphonsebrown
25th May 2005, 11:13 AM
aa yes this is important part I got it semi-working :) this is mainly because of this huge thread... now I'm stuck with the vino server not the xvnc :(

suitepotato
25th May 2005, 04:14 PM
Good eyes there. I'll have to remember to compare all of this to FC4 when I finally throw it on my machine this weekend.

pim
17th June 2005, 04:47 PM
looks pretty much like you don't have it, btw: how did you manage to do that? what kind of installation of FC4t3 did you do, custom?


Yes,,,,not good I assume?

I am installing latest release now and see if that helps

pim
17th June 2005, 05:06 PM
and.....did it again, new install; not a trace of XINET(D)

RenX99
11th October 2005, 05:21 PM
I got this working using the VNC that came with fedora core 4 but when I removed vnc-server and installed tightvnc it stops working. Any changes on a how to on setting up tightvnc to work with gdm?

Thanks!

alex2k4
23rd October 2005, 01:10 AM
I'm tring to connect a Hp thin client t5525 running Linux Embeded to my FC4. I did what I saw in this howto but when I try to conect by XDM it only shows me the grey screen with a big X.
Please any sugestions?
I edited gdm.conf to allow remote connections.
I started vnc server.
Firewall is off.
Because I receive the grey screen means the thin client can connect to the FC4, right? And that it isn't allowed to use the X server.
What shoult I check?

alphonsebrown
24th October 2005, 07:46 AM
check your ~/.vnc there was a file to set xvnc parameters

mr_dirt
19th November 2005, 05:14 PM
Thanks, this a great howto. I'm running on Redhat 7.3. I had a few inconsistencies b/c of the older distro. My installation is on an embedded machine with the keyboard disabled by the BIOS, but the PS/2 mouse port should work.

My VNC client connects now, but I just get a grey desktop screen with an X pointer. No login window, and clicking gets nothing. I installed all the x and vnc support by hand, so I wonder if I missed some needed config...

Thanks, gin and everyone who contributed. Is a kdm setup similar?

wk5657
22nd November 2005, 01:31 AM
This session does not behave like a local session (does not run any priveleged apps), although I can use the shell if I have logged in as root. How do I open it up for security. Thanks in advance.

Wayne

N4cr2k
9th January 2006, 04:16 AM
This session does not behave like a local session (does not run any priveleged apps), although I can use the shell if I have logged in as root. How do I open it up for security. Thanks in advance.

Wayne

I'm having the exact same problem. It prompts for the Root password. I get the little sherrif's badge, but the app never runs. It gets to be a hassle to either log out and log in as root, or make changes from the command line. Any suggestions?

N4cr2k
12th January 2006, 05:41 AM
I have somewhat solved my problem. If after I login, I go to a terminal and type

$ xhost +localhost

I can run those apps. I would like to automate this somehow. Is a login script the best method? And if login script, which one, there seem to be many options. Or is there some other security configuration I could modify.

mgdodge
27th January 2006, 07:48 AM
This topic has been around for a while...hopefully that means enough of you have resolved the problem that someone will be able to help me out.

I am running CentOS4, which is virtually identical to RedHat Enterprise 4 and Fedora 4. I have followed the instructions in this thread to the letter, and the most I can get is a black VNC screen with an "X" for a cursor. The cursor moves, but nothing ever comes up into the window.

Recently, I moved my server to a new IP, one without a router to act as a firewall. This server never had problems with VNC until I enabled the firewall on it...and poof. I have opened ports 5900 & 5901, UDP 177 and 138 (/var/log/messages had a line with "SPT=138 DPT=138" as per some of the troubleshooting on this forum), nothing helps. I disable the firewall and reboot...nothing.

The wierd thing is that I can log in using putty, type "vncserver" to start it that way, and I get it to work just great.

Any troubleshooting ideas would be most welcome. I am willing to post server logs and config files if it will help out at all.

giulix
27th January 2006, 10:26 AM
Excuse me, but I don't follow you... You mean that, before, you were able to connect to your box without starting vncserver in advance ?

mgdodge
27th January 2006, 10:44 AM
Without manually starting it, yes. The method stated in this thread allows the server to listen on ports 5900 and 5901 for incoming connections, and when it detects one it displays the standard gnome login screen. I was able to do just that until yesterday, when I had to move my server and implement the firewall I described...which seems to have hosed something. I can connect if I start vnc manually, but I would like to have it automatically listening as before.

giulix
27th January 2006, 01:02 PM
Ah, ok...I had missed the first post, sorry.

alphonsebrown
27th January 2006, 02:05 PM
I still don't know how to setup the xvnc setup so that is starts the login form rather than gnome-session for example, can you help me out?

cottsay
5th February 2006, 05:33 AM
Alright, for me, I can get the VNC to start, but it doesn't start gdm - I just get a black screen with an X cursur, and when I boot, it sits at the startup screen, and my mouse freezes, when at that point it should be moving to the greeter. Anyone?

Scott K Logan
CottsayNet
logans@cottsay.net

Firewing1
5th February 2006, 05:41 AM
See my sig link; I modded this how-to a little and it works fine for me.
Firewing1

cottsay
5th February 2006, 05:58 AM
Alright, now it just puts up a colored background and a hourglass and then kills the connection, and on startup, I still get no greeter. It just locks up. I'm using FC4 btw...

Thanks,

Scott K Logan
CottsayNet
logans@cottsay.net

Firewing1
5th February 2006, 06:10 AM
Did you run gdmsetup and allowed TCP connections / enabled XDMCP? That could be the cause of killing X...
And, what resolution / connection speed are you using?
Firewing1

cottsay
5th February 2006, 06:34 AM
yea, yea both 800 and 1024, and i'm on a 10/100 connection. I've had previous VNC's working - i'm just looking at the GDM approatch - just now I got my FC3 box to do it...sorta - it doesn't bring up the greeter at startup, and when I vnc to it, it brings my to the greeter and I can log in. Is there a way that I could make it so that I don't end the session when I log out of VNC or anything?

Thanks,

Scott K Logan
CottsayNet
logans@cottsay.net

Firewing1
5th February 2006, 05:33 PM
Hmmm....
Same happened to me. Eventually I got the gdm to display... How it did it is in that how to... :S I can't really help there
but as for the gdm at startup, I did this part of the how-to:

edit /etc/X11/gdm/gdm.conf
find the [servers] section
Change
0=Standard
to
#0=Standard
And this disables GDM at startup. So, to enable it, edit /etc/X11/gdm/gdm.conf, and change:

#0=Standard
to
0=Standard

Also, I'm sure you've done it -- but you'll need to add ports 5900 - 5901 (tcp) to your firewall in order for them to work -- That's another symptom of a connection dieing.

Hope it helps,
Firewing1

cottsay
5th February 2006, 09:28 PM
I did find a way of doing what I wanted...

http://www.realvnc.com/products/free/4.1/x0.html

...basically incorperates VNC into X - very easy to do. It works exactly how I wanted it to.
Thanks for your help!

Airmister
6th March 2006, 03:04 PM
This is a great post. Thank you so much.

Can't wait to get home from work to try this out on my FC4!! :)

alphonsebrown
7th March 2006, 10:11 AM
The idea is to do it from your work for example ;)

Airmister
7th March 2006, 10:41 AM
I understood that. But first I had to set up the system. And secondly at work we have a very restrictive firewall and proxy, so I don't think I'll be able to run my linux box from there.

But it worked perfectly after a few tweaks and tries. I've been trying to do this kind of thing for a week now. Finally I can.

Thank you again to the starter of this tread and the rest of you guys who contributed. :)

Airmister
12th March 2006, 03:44 PM
Hello. I've done this VNC & GDM thingie on my Linux-server which I was planning on hiding away from my wife.

The problem is that it worked excellent with real color (32) until I unplugged the display. Now the server is up and running with nothing but keyboard and mouse connected. But I can't connect to it i 32-bit color. What is wrong? How can I fix it.

Anyone who knows how I can set up the computer so that it starts normally without keyboard and mouse connected?

Thanks. :)

Firewing1
12th March 2006, 05:15 PM
What do you mean? The VNC doesn't have 32bit color? This is normal. Linux can only obtain 24bit color -- and infact Windows can only get 24, too.
Windows calls it "32bit" color, but it's really 24bit color w/ 8bit transarency.
Linux has this too, but we call it by it's real name, 24bit color.
And, you can also set the color settings in your /etc/xinetd.d/* file.
Firewing1

alphonsebrown
12th March 2006, 05:34 PM
at work we have a very restrictive firewall and proxy you can make a ssh server at your home box at port 80 :) and connect through it

Firewing1
12th March 2006, 05:47 PM
you can make a ssh server at your home box at port 80 :) and connect through it
The problem then is if SSH is taking port 80, he can't run a webserver :(
Firewing1

alphonsebrown
12th March 2006, 06:07 PM
The problem then is if SSH is taking port 80, he can't run a webserver :(
Firewing1
It's an exaple port number which could be let through corporate firewall :cool:

Firewing1
12th March 2006, 06:10 PM
Yeah -- That and port 110 / 25 should be OK too as that's email
Firewing1

Airmister
12th March 2006, 06:16 PM
Ok. Thanks. I am as you may understand new to this. The problem is that it all worked when I had the display connected to the Linux box, but now I got the black squares thingie on display 0 (-depth 32). When I tweak it a bit nothing happens on display 0 (even with -depth 16). The other displays are working (display 1 800x600 depth 16 and display 2 1024x768 depth 8.) When I change the settings after I'm connected it gets better when only looking at color, but the resolution seems like it's "zoomed" in 1024x768. In 800x600 it is ok. I think it is a little small to work with...

I am not planning to run a webserver anytime soon. Is it complicated to set up this SSH-method? Do I need VNC viewer insalled at work or could I use windows apps?

Thanks for all your help.

Firewing1
12th March 2006, 06:25 PM
That's odd... As for the "zoom" it's cause you need to enter fullscreen @ 1024x768.
Oh, btw, on my vnc server I'm running on 16bit colors... It's fine. Maybe it's the max?
edit: i can do 800x640 @ 16 color max, and i can do 1024x768 @ 24 color.
Firewing1

Airmister
12th March 2006, 07:29 PM
Ok. I've set i up all over again now. I got into more touble when the vnc viewer shut down after just one second. It's been working fine for over a week now apart from the graphics thing. Also just before when I was playing around with the graphics problem I didn't get to open the Display in System Settings or the Screen resolutions in the Preferences. I clicked the icons but nothing happened.

Any ideas?

Thanks again for all help. This is a great feature, and I think I'm going to have it just as I want it soon. Just takes a little bit of trouble and tweaking. That's how I learn new things on the computer anyway.

Thanks again.

OO-Dragon
13th March 2006, 01:13 AM
Hey i keep getting this when i try to goto the system-config-samba

Xlib: connection to "localhost.localdomain:1.0" refused by server
Xlib: No protocol specified

system-config-samba requires a currently running X server.
and i tried that guys thing for adding 127.0.0.1 to /etc/X0.hosts

SOLVED!!! Create a file called /etc/X0.hosts (or modify if it exists) and add the following line:

Code:
127.0.0.1

same thing :( it pretty much happens to all the system-config things (sometimes slightly diffrent message)
but this stays the same
"Xlib: connection to "localhost.localdomain:1.0" refused by server
Xlib: No protocol specified"

any ideas would be swell ^_^

Thanks

P.S. o yeah, it only heppens when useing VNC connection, if im actually sitting at the machine its fine.

Airmister
13th March 2006, 10:35 AM
Hi. I've solved my problem, and I think it's the same as yours. If you type xhost +localhost the problem should be solved. I'm not sure if you have to be root or not. Try su first.

My next experiment will be to add localhost as code in /etc/X0.hosts

Hope that helps.

OO-Dragon
13th March 2006, 10:38 AM
Hi. I've solved my problem, and I think it's the same as yours. If you type xhost +localhost the problem should be solved. I'm not sure if you have to be root or not. Try su first.

My next experiment will be to add localhost as code in /etc/X0.hosts

Hope that helps.
ahh cool thanks, yeah i tried it as root before, but didnt work, have to do it as my normal user ^_^

Thanks a billion!

alphonsebrown
13th March 2006, 04:37 PM
Hi. I've solved my problem, and I think it's the same as yours. If you type xhost +localhost the problem should be solved actually where do you type that?

Firewing1
13th March 2006, 04:51 PM
No -- An easy way to make it work is: (As your regular user)


gedit ~/.bashrc
add this line to the bottom:
xhost +$(hostname)

Then:


gedit ~/.bash_logout
Add this line to the bottom:
xhost -$(localhost)

This will effectively add your hostname to the xhost access control list, enabling you to do remote GTK apps, then on logout it will remove your hostname from the ACL, making it secure again
I'm not sure if the GTK works out of the menu with this, but it will work for sure if you type the app name from a terminal.
Firewing1

Airmister
13th March 2006, 05:16 PM
alphonso:

I type it in the terminal window before I use the su command.

xhost +localhost

But I'm now trying the solution provided by Firewing1 here. That looks real good. Thanks again for the help.

alphonsebrown
13th March 2006, 09:40 PM
gedit ~/.bashrc
xhost +$(hostname)
gedit ~/.bash_logout
xhost -$(localhost)

are those two lines supposed to be the same?

Firewing1
13th March 2006, 10:56 PM
Nope. One adds, one removes. B/c it's not very good for security to leave your system avail. to remote access GTK apps, so it adds it as you login, then removes it on logout.
Firewing1

Airmister
14th March 2006, 09:14 AM
I had to modify the code slightly to make it work. But thanks for the idea. Now it's all good.


gedit ~/.bashrc
xhost +localhost
gedit ~/.bash_logout
xhost -localhost

:D

alphonsebrown
14th March 2006, 10:21 AM
gedit ~/.bashrc
xhost +localhost


That was my point... why firewing suggested differenyt values not the operator, btw: where did you find this information about controlling ACL?

btw1.1: this produces:
-bash: localhost: command not found, when logging in...

btw2: is there a way to not enable/disable this everytime I open a terminal from the localhost ? :confused:

Firewing1
14th March 2006, 11:04 PM
OK, It's 'cause I don't use "localhost" for a hostname, it causes network problems. So for me $(hostname) works. But for others that haven't changed their hostname, then add this:
xhost +localhost > /dev/null and
xhost -localhost > /dev/null
The > /dev/null will make it silent.
Firewing1

Airmister
14th March 2006, 11:31 PM
Excellent! I was wondering about that.

Thanks again!

alphonsebrown
15th March 2006, 08:18 AM
So for me $(hostname) works. So do you use it for the "-" string also?

I have a big problem - it was working but at some point it reached the state:
only black screen with X cursor Any ideas are really appreciated!

Airmister
15th March 2006, 11:44 AM
Yes I use it for the - string also. Guess that's not necessary. Now all I need is a guide to make this secure somehow, preferably with SSH. I need the "for dummies"-approach...

Anyone who know where to learn more? :)

alphonsebrown
15th March 2006, 12:24 PM
I do it via ssh, but since a couple of days I have a black screen only how to extract info abount the error/problem>? thanks in advance

Firewing1
15th March 2006, 10:32 PM
So do you use it for the "-" string also?

I have a big problem - it was working but at some point it reached the state:
only black screen with X cursor Any ideas are really appreciated!
You mean only when you do it via SSH, the local VNC is OK? Or all GDM > VNC is messed up? If all is, see my server setup howto for more info, it's a simple mod of this thread but it's (those steps are) what I did to solve the problem.
and yes, I use and recommend others to include the "-$(hostname)" in .bash_logout as this way the system remains secure after a logout.
Firewing1

b00st
26th March 2006, 06:47 PM
I need some help, this worked a total of 1 time and has since refused to ever work again. How do I keep it running regardless of when I disconnect?

Airmister
27th March 2006, 02:26 AM
Hello.

I also had some trouble a little while after first making it work. The thing I did to make it work again was just to follow the how-to again. I have not tried the approach you want. I've seen several how-to's on this, and you should find some hints on how to do this in this thread too.

Good luck!

Firewing1
27th March 2006, 03:05 AM
try
su -
gdmsetup
make sure the settings are OK
killall X x xorg Xorg gdm gdm-binary gdmgreeter
I know that's too many names but I forget which are the correct ones... Anyways after X restarts (I know your login will crash) try again.
Firewing1

alphonsebrown
27th March 2006, 08:22 AM
I'll have to double check... everything but for now VNC+GDM is black screen only, VNC only - (vino-server) works

Firewing1
28th March 2006, 03:59 AM
Try using the code from my post above to:
1) Reconfigure xinetd services
2) run system-config-services and make sure they're ticked off
3) run gdmsetup and make sure settings are OK
4) reboot
5) run that killall command
6) make sure the ports are in the firewall
7) try again
Firewing1

Airmister
28th March 2006, 07:33 AM
I experienced something similar. In my case I played with the -depth argument in on of the files that was created following the HOW-TO. Then I had to change the corresponding value in the VNC viewer.

It works great now.

Fezzik
3rd April 2006, 09:49 PM
Ok I went through all of this but the problem is I can't connect from my house. All this localhost stuff just allows you to connect on the same network for instance I could connect to my roomates computer from my laptop. I need to be able to vnc into my parent's computer. I did this once in windows and when it loads the vnc server it gives it a number address that you can use to connect. When I did it on my linux computers at home I used the number my router assigned to it but that number I am assuming will be the same on several computers around the world and would be useless outside of that network. So how can I set vnc up on parents' computer so I can remote access it and help them with stuff they are afraid to mess with like anything that is done in terminal. LOL. Mine just gives it the address localhost.localdomain:4 which is useless from outside the house. Help me please.

OO-Dragon
4th April 2006, 12:00 AM
Well for starters you'll have to forward the ports on your router (probably port 5900) to your parents computer, so when you put your routers IP in (the one your ISP gives it) it'll auto redirect to the computer your helping. I'll just asume you already added ports to your firewall as well. once that's done you should be able to connect up.

Fezzik
4th April 2006, 05:53 PM
Ok networking is still a little foreign to me. like I say my version of Networking has been connecting to the internet wirelessly. What is this forwarding the ports. How does that work? I forward my ports do I do that from my house and how do I connect to their computer to forward it or how do I forward my ports from their house.

Sorry but like I say this is just a little more difficult than it was in Windows and I did it maybe once in windows so I may be someone that should stay away from something on this level till I learn more but I just really don't want to travel to their house everytime I need to do something on their computer.

So their ISP gives it an IP address. All I see is the loopback local network number. I will digaround in the router and see if I can find one in there. I assume it is in there. I don't see it in any of the networking programs on FC5. They all show the 127.0.0.1 thing or whatever that all of them have. Or the one the router assigned it for the local network the 192.168.x.x number. I was thinking that when I was in the router checking out the settings and everything I saw some 10.something numbers I will see if those work.

OO-Dragon
4th April 2006, 08:11 PM
Ok, yeah well if you can connect to the computer on another computer in your local network, then you'll just have to open the ports on the router (the router at your parents house). depending on the make and model of the router, there should be an Internet connection details that will show IP address that will NOT be something like 192.168.x.x and should NOT start with 10.x.x.x. because those are private IP ranges that dont work directly on the net. Once you do find your internet IP use that number to connect. but first you'll have to forward the ports as i said. there should be an option in the router like Virtual servers or Port Forwarding, in there you can select a name for it (just put VNC or whatever), then set the type of port (in this case i think its TCP, but if you can select both TCP and UDP then do so) and the actuall port it is (it will probably say port range in which case you just put 5900 for start and 5901 for end, asuming you use default port) and finally it will ask to what internal IP it goes to, just select the IP of your parents computer. and wala! if all went well you should be able to put your parents internet IP to connect to and get in. keep in mind most ISP's use a dynamic IP setting, so your parents IP address may change every now and then.

hopfully that helps yeah ^_^

Fezzik
4th April 2006, 10:27 PM
I hope so. I will test it out as soon as possible probably tomorrow evening I think but I will try it. This makes a lot of things make a lot more sense to me. Thanks.

Fezzik
5th April 2006, 07:55 PM
Ok here is what I found out and whatever I have done now I can't get in with my dad's laptop even so I am really confused. I did find something called virtual servers but the settings didn't make sense. There were a lot of settings that needed to be set up. I think I can figure that part out if I understand a few things.

"5900 for start and 5901 for end, asuming you use default port) and finally it will ask to what internal IP it goes to, just select the IP of your parents computer" -- this means the 192.168 number right?

I got 3 numbers that didn't start with 192 or 10. Something like general wan, wan dns, and one I don't remember the name of that I saw referenced to as a static ip to use to play games and stuff that the router may slow down. It was a 60 something number I wrote down but don't remember it off hand. That is the only other number I have found. I am about ready to give up. I went through the whole list here and it still doesn't work. The query localhost thing should that have the 60 something number or localhost. Or should it say broadcast?

A few things to chew on.

OO-Dragon
5th April 2006, 09:20 PM
"5900 for start and 5901 for end, asuming you use default port) and finally it will ask to what internal IP it goes to, just select the IP of your parents computer" -- this means the 192.168 number right?
yeah that's the one, make sure its the one on your parents computer.



I got 3 numbers that didn't start with 192 or 10. Something like general wan, wan dns, and one I don't remember the name of that I saw referenced to as a static ip to use to play games and stuff that the router may slow down. It was a 60 something number I wrote down but don't remember it off hand. That is the only other number I have found. I am about ready to give up. I went through the whole list here and it still doesn't work.
Ok it'll be the IP address, you can ignore the DNS addresses/gateway/subnet mask. and remember your just useing that IP in your VNC connection client, so just write it down ^_^.


The query localhost thing should that have the 60 something number or localhost. Or should it say broadcast?
So yeah it should have that IP address (the 60 or whatever it might be). assuming your talking about your VNC client?

If you want some more in depth help just PM me your MSN address (if you use msn that is).

tebbens
10th April 2006, 01:33 AM
Should VNC be run using xinetd/Xvnc or turn it on via chkconfig/vncserver ? Why ?

I assume with xinetd its run as root.
But with vncserver, /etc/sysconfig/vncserver args take your username.
I don't know the right way of starting VNC... xinetd or chkconfig/vncserver, root or not ?

VNCSERVERS="2:tebbens"
VNCSERVERARGS[2]="-geometry 1024x768 -depth 16 -nolisten tcp -nohttpd"

Thanks !

Firewing1
10th April 2006, 02:00 AM
Please DO NOT use vncserver. It's very unsecure. Use the xinetd / VNC + GDM method instead... Follow this howto or see my server setup link in my signature, there's a step-by-step VNC section for Fedora Core 4 or 5.


su -
chkconfig vncserver off
chkconfig xinetd on
reboot
will disable vncserver and get xinetd running, then just configure your GDM over VNC servers.
Firewing1

tebbens
10th April 2006, 03:06 AM
That information should be easier to find !!
Could you please update your first post and say that.

Thanks !
Matthew

Firewing1
10th April 2006, 04:23 AM
Will do :)
Firewing1

cow
19th April 2006, 08:24 AM
Firewing1: you are awesome... your how-to on setting on xinetd & vnc is great... working so far I will play with it a little more later.

Question: I need to be able to restart my server when connected through xinetd/vnc how can I make the RESTART option available?

When I am locally at the computer the RESTART option is there but not through a remote session.

Thanks for all your help.

alphonsebrown
19th April 2006, 02:15 PM
btw do you guys know the difference between Xvnc and some strange (for me) vncts I found to be included in fedora 5 xinetd config..

Firewing1
19th April 2006, 09:58 PM
Can you post the contents of the file(s)?
Firewing1

nosupport
19th April 2006, 10:27 PM
so, you have no graphics card, but you still want GUI management / X Windows......
-GIN-

Is this to say that with adequate remote console software configuration, a computer cab boot without a video card or on-board video. I thought a video chip was needed for the boot process. Every time I tried to boot up a machine w/o video chip-set, I got nowhere and beep codes.

Firewing1
19th April 2006, 10:36 PM
AFAIK you have to disable it in BIOS first, then it will boot. Worst comes to worst, you can get a 5-year old one from a dead PC and pop it in... It doesn't matter if it doesn't work properly or at all, just so the slot is filled & the computer will boot.
I guess this won't be an issue in newer systems anyways, seeing as most come with integrated ones these days...
Firewing1

alphonsebrown
20th April 2006, 11:43 AM
Can you post the contents of the file(s)?
Firewing1
Sure,

actually it tuned out to be some package from xtras or I don't know from where (rpmforge or livna).. it's not from core..

the contents are similar to what is proposed here to be added as "/etc/xinetd.d/vnc**" it's just named vncts

Unfortunately I can't find the source of this package for now..

$ locate vncts
/etc/sysconfig/vncts
/etc/xinetd.d/vncts
/usr/bin/vncts
/usr/share/vnc/vncts.services

no man entry whatsoever..

Firewing1
20th April 2006, 09:59 PM
try
rpm -qf /usr/bin/vncts
Firewing1

alphonsebrown
21st April 2006, 07:51 AM
Thanks man, I was trying some unappropriate search methods like whatprovides.,. etc..

vnc-ltsp-config-4.0-3

$ rpm -qi vnc-ltsp-config
Name : vnc-ltsp-config Relocations: (not relocatable)
Version : 4.0 Vendor: (none)
Release : 3 Build Date: Sun 10 Apr 2005 05:48:06 AM EEST
Install Date: Tue 21 Mar 2006 11:49:50 AM EET Build Host: extras64
Group : User Interface/X Source RPM: vnc-ltsp-config-4.0-3.src.rpm
Size : 2179 License: GPL
Signature : DSA/SHA1, Mon 11 Apr 2005 08:45:33 AM EEST, Key ID 82ed95041ac70ce6
Summary : Easy Enabler of VNC remote LTSP desktops
Description :
Easy Enabler of VNC remote LTSP desktops. This package contains xinetd.d
configurations that allow incoming VNC clients to open a new desktop session
with each connection. Xvnc connects to the local server using XDMCP.

Unfortunately the xinetd file is different, so it would be nice to put effort into this package to include the fuctionality posted in this thread... just the server_args line and such,.,,

Firewing1
21st April 2006, 09:57 PM
Interesting... I'll try to modify it some day....
Firewing1

alphonsebrown
25th April 2006, 09:24 AM
Interesting... I'll try to modify it some day....
Firewing1
Yes, if you like even try to install this rpm and check it out, you're the expert ;)

zillah
8th May 2006, 05:32 PM
Thanks gin.
this is similar tutorial, may be it will be useful for others.
http://forums.teamphoenixrising.net/showthread.php?t=32325

maplewang
20th June 2007, 10:21 AM
I have tested it on FC7, I can not pass through, it looks as if xinetd did not start VNC server.
through I check in service dialog, xinetd is checked and running and vnc1024 is checked in xinet table too.

alphonsebrown
8th July 2007, 07:23 AM
Thanks man, I was trying some unappropriate search methods like whatprovides.,. etc..

vnc-ltsp-config-4.0-3

$ rpm -qi vnc-ltsp-config
Name : vnc-ltsp-config Relocations: (not relocatable)
Version : 4.0 Vendor: (none)
Release : 3 Build Date: Sun 10 Apr 2005 05:48:06 AM EEST
Install Date: Tue 21 Mar 2006 11:49:50 AM EET Build Host: extras64
Group : User Interface/X Source RPM: vnc-ltsp-config-4.0-3.src.rpm
Size : 2179 License: GPL
Signature : DSA/SHA1, Mon 11 Apr 2005 08:45:33 AM EEST, Key ID 82ed95041ac70ce6
Summary : Easy Enabler of VNC remote LTSP desktops
Description :
Easy Enabler of VNC remote LTSP desktops. This package contains xinetd.d
configurations that allow incoming VNC clients to open a new desktop session
with each connection. Xvnc connects to the local server using XDMCP.

Unfortunately the xinetd file is different, so it would be nice to put effort into this package to include the fuctionality posted in this thread... just the server_args line and such,.,,I'm wondering by F7.. there should be an imploved version of the package mentioned above, someone played around with it?

kj6loh
7th August 2007, 03:32 AM
To Alphonse and MapleWang,

It does work in FC7. You just haven't configured it correctly. Your config probably worked in FC6. I'll tell you how to configure it for FC7.

After following all the procedures on pg1, assuming you haven't got it configured. Add the following to /etc/gdm/custom.conf in the [daemon] section
AllowGtkModules=false

Now do a killall gdm-binary and try the vnc thing again.

alphonsebrown
14th August 2007, 01:07 PM
To Alphonse and MapleWang,

It does work in FC7. You just haven't configured it correctly. Your config probably worked in FC6. I'll tell you how to configure it for FC7.

After following all the procedures on pg1, assuming you haven't got it configured. Add the following to /etc/gdm/custom.conf in the [daemon] section
AllowGtkModules=false

Now do a killall gdm-binary and try the vnc thing again.
How does that help? Why we turn off Gtk Modules?

Actually reading this guide now turns out that gdm.conf no longer exists... in Fedora 7


# rpm -ql gdm |grep conf
/etc/gdm/custom.conf
/etc/gdm/securitytokens.conf
/usr/share/gdm/defaults.conf
/usr/share/gdm/factory-defaults.conf


Jin can you please update your first post.

givehimagun
20th August 2007, 05:34 AM
To Alphonse and MapleWang,

It does work in FC7. You just haven't configured it correctly. Your config probably worked in FC6. I'll tell you how to configure it for FC7.

After following all the procedures on pg1, assuming you haven't got it configured. Add the following to /etc/gdm/custom.conf in the [daemon] section
AllowGtkModules=false

Now do a killall gdm-binary and try the vnc thing again.
I tried following all the directions in this forum for Fedora 7 but GDM crashes and dumps this into its log file whenever I enter my user and password through VNC to login:


[root@bemykind gdm]# tail :0.log
to make sure that you have the latest version.
Module Loader present
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Sun Aug 19 23:30:01 2007
(==) Using config file: "/etc/X11/xorg.conf"
(II) Module already built-in
(II) Module already built-in
(EE) AIGLX: Screen 0 is not DRI capable
Anyone have any ideas?

metagroboliser
21st August 2007, 01:08 AM
Folks,

I too had it working perfectly under FC5/6 (thanks to this HOWTO). However, the same setup, with or w/o the AllowGtkModules directive doesn't work under FC7. XVnc closes the connection immediately after client connect.

Does anybody have it working under FC7? If so, please post your /etc/gdm/custom.conf, the /etc/xinetd.d/vnc* file (if customised from the top of this thread) and a precise description of any other changes you may have made to the environment.

Much thanks in advance.

shihan74
23rd August 2007, 08:41 AM
Yes, i too wouldn't mind knowing how this works now... something broke in f7 thats for sure.

Only thing i can add to the logs is:
Aug 23 17:37:19 radon xinetd[2661]: START: vnc-1024x768x16 pid=4630 from=::ffff:127.0.0.1
Aug 23 17:37:19 radon kernel: gdmgreeter[4641]: segfault at 000000000000001c rip 00002aaaaefebfa7 rsp 00007fff49b91850 error 4
Aug 23 17:37:19 radon xinetd[2661]: EXIT: vnc-1024x768x16 status=0 pid=4630 duration=0(sec)

brudzins
31st August 2007, 01:37 PM
To Alphonse and MapleWang,

It does work in FC7. You just haven't configured it correctly. Your config probably worked in FC6. I'll tell you how to configure it for FC7.

After following all the procedures on pg1, assuming you haven't got it configured. Add the following to /etc/gdm/custom.conf in the [daemon] section
AllowGtkModules=false

Now do a killall gdm-binary and try the vnc thing again.

These instructions are close, but not quite. I checked the /var/log/messages when I was having this window kill problem with FC7 and found it was failing right after it tried to do AddGtkModules. So I added AddGtkModules=false instead to the [daemon] section of /etc/gdm/custom.conf and now VNC finally works.

By the way, I also found that xinetd wasn't installed with my version of FC7 when I started so I had to add the with Add Remove Programs.

alphonsebrown
3rd September 2007, 03:14 PM
Strange, I can't get it to work even with =false... It just pops up a screen and closes it, no iptables running and doesn't really matter if I try to do it locally or remotely.

Gin maybe you have a FC7 box to try it out?

maplewang
19th September 2007, 08:23 AM
see http://www.fedoraforum.org/forum/showthread.php?t=94257&page=27&pp=15

I check /var/log/messages I noticed:

Jun 25 10:48:59 EmuSimulation xinetd[1614]: START: vnc1024 pid=2082 from=::ffff:127.0.0.1
Jun 25 10:49:00 EmuSimulation gdmgreeter[2093]: The accessibility registry was not found.
Jun 25 10:49:00 EmuSimulation xinetd[1614]: EXIT: vnc1024 status=0 pid=2082 duration=1(sec)

In gdmsetup accessibility tab I unchecked the checkbox "enable accessible login", restarted gdm,this time I got the login screen and sucessfully logged in.

maybe this is a sound card problem? kde told me it can not open /dev/dsp device.
the onboard card should be working, but I donnot care it.

alphonsebrown
19th September 2007, 10:05 AM
Hmm, same here and I see for a second the mouse but that'a all :eek:

Anyone familiar how can I enable debug on Xvnc? or something? :confused:

N4cr2k
19th September 2007, 03:12 PM
While the Vnc Gdm solution worked, I've found that the NoMachine package is a better alternative. You can get the package via yum. It provides a good, fast, and customizable remote session. It's free too.

http://nomachine.com/

alphonsebrown
19th September 2007, 04:10 PM
I'llgive NX a try it seems to be faster but will it start a session by itself like calling gdm?

N4cr2k
20th September 2007, 03:25 AM
I'llgive NX a try it seems to be faster but will it start a session by itself like calling gdm?

I'm not 100% sure i understand your question, but if I think I understand it correctly, the answer is yes.

alphonsebrown
20th September 2007, 08:47 AM
Do you recommend the yum package instead of the node/client/server/server manager packages from the vendor web?

The question was if I have no user logged on my box, then would NX fireup the X server user session?

elbeardo69
29th September 2007, 08:48 PM
Hi,

I'm stuck with the same Xinitd -> Xvnc -> XDMCP -> kdm/gdm logon problem. Turning accessibility logins off and adding the addgtkmodules false flag haven't helped me.

When trying my set up with kdm instead of gdm, i at least get to see the login page and can put in user/pass details but get booted out immediately afterwards. The messages log gives:

kdm[2903]: Unknown session exit code 0 (sig 11) from manager process

..which appears useless (googling).. but the kdm log gives the following:

Xlib: extension "XInputExtension" missing on display "10.0.0.5:1.0"
Failed to get list of devices

I'm not sure how useful this message is, as I get very similar 'missing Xlib extention blah' messages on another fc6 box where the 'identical' setup is working swimmingly.

Can anybody suggest anything else please? I'm well and truly defeated by this issue, i'm finding it all so frustrating: fc6 works.. ..fc7 works not!

Thanks.

elbeardo69
8th October 2007, 10:51 AM
Well after another session of pain, I've solved my problem.

vnc through Xinetd / XDMCP does not like -depth 8 as a vnc server flag for either kdm / gdm - it consistently dies a horrible death on logging in (with kdm you get to enter details, with gdm the login screen flashes up and dies immediately ..so this can't be a problem with the display manager not being able to display at 8bit colour depth right?!).. ..but anyway, with the -depth 16 all is just peachy.

Connection to a 'static vnc service' (ie. not spawned by Xinetd) works with -depth 8 no problems.

Hope this helps somebody.

shihan74
20th November 2007, 04:02 PM
Never was able to get this working on f7, fc6 was not a problem, but much playing with it under f7 proved fruitless. F8 on the other hand worked without any issues at all.

On a side note though, while i was looking for alternatives i stumbled across xrdp http://xrdp.sourceforge.net/ quite a nice TS solution. Also provides gateway services, so you can rdesktop into it and then rdp/vnc/whatever into another box without logging into the gateway (thats configurable). Simple to compile/configure.

Also remembers sessions, i.e. close the rdesktop client and log back in later on to the same still-running desktop (never found that to happen with vncts). Quite fast across slower links as well (change your background to a flat colour though).

There is one thing with it, if you install it make sure you go through its pam config file. Its quite a simple pam config and not suitable for alot of installations. Pity theres no fedora 8 rpm for it (altho, it uses a flat makefile so i guess making an srpm might be troublesome).

ianm
19th December 2007, 12:12 AM
Never was able to get this working on f7, fc6 was not a problem, but much playing with it under f7 proved fruitless. F8 on the other hand worked without any issues at all.

I've had this working on every version of Fedora (and previously on RedHat) but can't get it working on F8! With a configuration that works perfectly on F7, on F8 vncserver starts and then dies with:

read: Connection reset by peer (104)

The logs show only:

xinetd[1968]: START: vnc-1024x768 pid=30148 from=xxx.xxx.xxx.xxx
xinetd[1968]: EXIT: vnc-1024x768 status=1 pid=30148 duration=5(sec)

(It's not selinux: still doesn't work with that disabled. It's not iptables: still doesn't work with that off.)

This is what I have in /etc/gdm/custom.conf:

[daemon]
AddGtkModules=false

[xdmcp]
Enable=true


If anyone has a working configuration for F8, I'd be pleased to see your /etc/gdm/custom.conf and xinetd configuration files.


Thanks

shihan74
19th December 2007, 05:44 AM
The only thing i did to make it work on f8 was to change the ports in /etc/services:

vnc-1024x768x16 5905/tcp
vnc-800x600x16 5906/tcp
...
vnc-640x480x8 5910/tcp

instead of 5900-whatever

and the [xdmcp]/enable=true setting. I did not add the addkgtkmodules=false setting.

ianm
19th December 2007, 11:51 PM
The only thing i did to make it work on f8 was to change the ports in /etc/services:
I have:

vnc-1024x768 5900/tcp

which works fine on F7 and earlier. In any case running this from the command line on F7 and on F8 shows it's nothing to do with xinetd or /etc/services:

su -s /bin/sh -c '/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -fp unix/:7100 -SecurityTypes=None' nobody

On F7 that will start and run indefinitely (until I kill it). On F8 it runs for 5 seconds and then dies. 5 seconds is also how long it runs when started from xinetd.


and the [xdmcp]/enable=true setting. I did not add the addkgtkmodules=false setting.
Not working here with our without 'AddGtkModules=false'.

Even stranger: with gdm, xinetd, vnc-server, xorg-x11-server-Xorg from F7 installed on F8 and a working /etc/gdm/custom.conf copied from F7, it still doesn't work.

shihan74
20th December 2007, 07:01 AM
Oh, wait, no, there was another thing!. The x font server wasnt in my distro by default, and so (i stumbled across this from a debug or strace message, i cant remember which).

Is xorg-x11-xfs installed?

And, dont forget to
- chkconfig xfs on
- service start xfs

ianm
20th December 2007, 11:26 PM
Is xorg-x11-xfs installed?
And, dont forget to
- chkconfig xfs on
- service start xfs

That was it. Now working perfectly on F8 i386 and x86_64.
Thanks for the help.

mattcen
16th January 2008, 07:34 AM
Hi all,

I have had complete success with this method until i tried to disconnect the monitor from the computer and restart it. when I did this, all i got from VNCing into the computer is a grey
X screen with the cursor. When I connect a screen to the computer I find that there is an X error:


Failed to start the X server (your graphical interface). It is likely that it is not set up correctly.
Would you like to view the X server output to diagnose the problem?
[yes] [no]


Here is my Xorg.conf file:


# Xorg configuration created by system-config-display

Section "ServerLayout"
Identifier "single head configuration"
Screen 0 "Screen0" 0 0
InputDevice "Keyboard0" "CoreKeyboard"
EndSection

Section "InputDevice"
Identifier "Keyboard0"
Driver "kbd"
Option "XkbModel" "pc105"
Option "XkbLayout" "us+inet"
EndSection

Section "Monitor"
Identifier "Monitor0"
ModelName "Monitor 1024x768"
HorizSync 31.5 - 61.0
VertRefresh 50.0 - 75.0
Option "dpms"
EndSection

Section "Device"
Identifier "Videocard0"
Driver "intel"
EndSection

Section "Screen"
Identifier "Screen0"
Device "Videocard0"
Monitor "Monitor0"
DefaultDepth 24
SubSection "Display"
Viewport 0 0
Depth 24
Modes "1024x768" "800x600" "640x480"
EndSubSection
EndSection




here is my Xorg.0.log (cut down to save space - can post full file if necessary)



X Window System Version 1.3.0
Release Date: 19 April 2007
X Protocol Version 11, Revision 0, Release 1.3
Build Operating System: Fedora Core 7 Red Hat, Inc.
Current Operating System: Linux adam 2.6.23.8-63.fc8 #1 SMP Wed Nov 21 18:51:08 EST 2007 i686
Build Date: 17 October 2007
Build ID: xorg-x11-server 1.3.0.0-33.fc8
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Module Loader present
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Wed Jan 16 17:20:14 2008
(==) Using config file: "/etc/X11/xorg.conf"
(II) Module already built-in
(II) Module already built-in

(EE) intel(0): detecting sil164
(EE) intel(0): Unable to read from DVOI2C_E Slave 112.
(EE) intel(0): Unable to read from DVOI2C_E Slave 236.
(EE) intel(0): ivch: Unable to read register 0x00 from DVOI2C_B:04.
(EE) intel(0): Unable to read from DVOI2C_E Slave 112.
(EE) intel(0): tfp410 not detected got VID FFFFFFFF: from DVOI2C_E Slave 112.
(EE) intel(0): No valid modes.
(EE) Screen(s) found, but none have a usable configuration.

Fatal server error:
no screens found



Any suggestions would be appreciated.

Regards,

Mattcen

mattcen
5th February 2008, 02:29 PM
Hi again all,

I have determined that a solution (albeit a bit crude) to this is to start your headless box in runlevel 3 (init 3) and then run gdm --no-console. This effectively (as I understand it) runs GDM in the background, and allows VNC to work fine.

Regards,
Mattcen.