VNC, Transparently

Secure, transparent and ubiquitous desktops with VNC and OpenSSH, Part 1 of 2.
Configuring a VNC Server

The VNC server also must be running, and it must be configured to run your preferred window manager. This is accomplished by editing the file $HOME/.vnc/xstartup to call your preferred window manager. Use startkde & for KDE, gnome-session & for GNOME or fvwm2 & for FVWM2. Also, make sure you have run vncpasswd in $HOME/.vnc/passwd to create the password file.

Red Hat 7.1 provides an easy way to start up the VNC desktop at boot time. Use linuxconf to set the vncserver boot script (in /etc/init.d/vncserver) to come up at boot. The default bootscript, however, doesn't quite give me the flexibility that I'd prefer. Edit /etc/init.d/vncserver, looking for the line that says

"su - ${display##*:} -c \"cd && [ -f .vnc/passwd ]
&& vncserver :${display%%:*}\""

Change it to look like this:

"su - ${display##*:} -c \"cd && [ -f .vnc/passwd ]
&& vncserver ${ARGS} :${display%%:*}\""
Then edit /etc/sysconfig/vncservers so that it looks like this:
# The VNCSERVERS variable is a list of
# display:user pairs.
#
# Uncomment the line below to start a VNC server on
# display :1 as my 'myusername' (adjust this to your
# own). You will also need to set a VNC password;
# run 'man vncpasswd' to see how to do that.
#
# DO NOT RUN THIS SERVICE if your local area network
# is untrusted! For a secure way of using VNC, see
# <URL:www.uk.research.att.com/vnc/sshvnc.html>.
VNCSERVERS="1:jdimpson"
ARGS="-geometry 1024x768 -alwaysshared "
Change the value “1024x768” in ARGS to represent the size of your actual X desktop. Add any other VNC server arguments that you wish to this ARGS variable. Change jdimpson in VNCSERVERS to whatever user you wish to run the VNC Desktop. The value “1” in VNCSERVERS makes the VNC server run as display 1. You can have additional desktops come up like this:
VNCSERVERS="1:jdimpson 2:phred 3:sysadmin"
On a Red Hat system, make sure the VNC server is running by executing this:
/etc/init.d/vncserver start
At this point, you can connect to the VNC Desktop using any VNC client.

Configuring the Display Manager

On my Red Hat 7.1 system, I created a file called $HOME/.xsession. This file says which program, usually a window manager, should be run when I log in through a display manager. When logging in, the display manager checks for the existence of this file. If it exists, the display manager will then run the program listed in the file. The display manager considers this file to contain the command to start the user's desired window manager. Instead of running a window manager like GNOME or KDE, however, we'll run the VNC client. Edit $HOME/.xsession so that it looks like this:

exec vncviewer -passwd $HOME/.vnc/passwd
-fullscreen localhost:1

If you are using another Linux distribution, it is highly likely that the same mechanism will work for you, but you should double-check. One quick way to check is to put the line

exec fvwm2
in this file (assuming fvwm2 is loaded on your system). When logging in to the display manager, if fvwm2 starts up, then you have success. If not, you'll have to dive into the documentation for your system or the configuration file; try understanding what /etc/X11/xdm/Xsession does.

Login

Log in to the display manager login window. You will be presented with your preferred desktop.

When you log in to the server using the display manager, it will be replaced by your chosen window manager running under the VNC server. If you have another computer on the same network, trying using the VNC client to connect to your server. You should see two copies of your desktop. When you move a window using one computer, you will see the window move on the other, too.

If, after logging into the display manager, the screen flickers and the display manager login banner returns, then something went wrong. Make sure vncserver is running, and make sure the .xsession file is correct.

Notice that in this setup you should not use any logout feature that may be part of your window manager. Doing so will end the VNC desktop, which is probably not what you want to do. Instead, just press Ctrl-Alt-Backspace to kill the X server. You'll see the display manager return to the screen. If you log back in, you'll be right where you left off. So you can turn the console over to someone else but not lose your desktop state.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: VNC, Transparently

High_Noonan's picture

This is exactly what I am trying to do on Red Hat 9.0, but I am having trouble finding what the window manager is called for BlueCurve. Anyone know?

I want each of my user accounts to be able to fire up a VNC connection and and be asked for their username and password.

Has anyone gotten this to work in RH9.0?

I had access to my root account via RH7.2, but my hard drive blew up and I am forced to rebuild everything. :(

Send me a Private Message if you can help.

Re: VNC, Transparently

guppy's picture

I got this to work with RH9.0.

I did have to change .xstartup and .xsession though.

.xstartup:

#!/bin/sh
gnome-session &

and chmod u+x that file.

.xsession:

#!/bin/sh
exec vncviewer -truecolour -passwd $HOME/.vnc/passwd -fullscreen localhost:1

and chmod u+x that file also.

You are probably using Gnome as your window manager or KDE. BlueCurve is just a theme.

Jeff

Re: VNC, Transparently on SUSE ?

Anonymous's picture

Hi

I've recently installed vnc on SUSE and would like to automate the vncserver startup when the system boots / reboots.

I have notice some differences in the files referenced in this article re: Red Hat and SUSE. Could someoen suggest a script for me for SUSE and where to put it etc etc?

Gianni

ps. I have only recently begun using Linux so I am pretty unfamiliar with it

Re: VNC, Transparently, at boot

Anonymous's picture

Anybody know how to load vnc @boot without the redhat scripts I'm using gentoo, /etc/conf.d/local looks like:

start-stop-daemon --start --chuid root:root --exec /usr/bin/vncserver -- :1

vncserver starts and I can connect I see the windowmanager (fluxbox) but cant launch any apps! no errors are recorede because when vncserver starts (from local, after xdm) it says it's trying to log to //.vnc/host.domain:1.log ... this path is missing "root" or the name of the user... since I specified --chuid i dont get it. I searched allover, tried to mod the vncserver.init script to work with gentoo... no dice yet.

Re: VNC, Transparently, at boot

Anonymous's picture

If you are using the standard perl script, it uses username and home environment variables during startup. If you are root trying to start it for some one else you will have problems with your environment.

Re: VNC, Transparently

Anonymous's picture

How do I change my window manager to KDE, I'm not real sure

Re: VNC, Transparently

Anonymous's picture

Has anyone made this work with a non-Redhat distribution? I'm using Gentoo Linux and the init.d and sysconfig stuff wasn't included with the vnc install. I've downloaded the RedHat .rpm file and extracted the files, modified them to the best of my knowledge but there are just too many differences between RedHat and my distribution.

Re: VNC, Transparently

Anonymous's picture

You are right the /etc/rc.d/init.d/vncserver and /etc/sysconfig/vncservers files only exist on redhat based machines. I had to write my own startup script. The principle still applies though. You could write your own or convert Redhat. I wrote mine for a company so I can't disclose it.

Re: VNC, Transparently

Anonymous's picture

Just emerge vnc or tightvnc and follow the instructions.
Instead of changing your $HOME/.xsession, add a file named "vnc" or similar to your /etc/X11/Sessions, containing "vncviewer -passwd $HOME/.vnc/passwd -fullscreen localhost:1". Make sure it is read- and executable by everyone!
Restart your window-manager and choose "vnc" as session-type.

Re: VNC, Transparently

Anonymous's picture

I use Gentoo at home and a combination of Solaris, NT, W2k, and Cygwin at work. You should be able to just type

emerge -s vnc

and install one of the resulting packages in the usual manner. I have had sucess with TightVNC at home and connecting to this machine via ssh port-forwarding from work sites.

Re: VNC, Transparently

Anonymous's picture

Has anyone made this work with a non-Redhat distribution?yes, in fact i just [remotely!] installed it on my trusty potato server (a.k.a. Debian GNU/Linux 2.2), and was able to execute it and connect from the windoze client without any problems.

if you're having trouble with GenToo, however, i would suggest compiling the source files from the official VNC site (now owned by AT&T) at http://www.uk.research.att.com/vnc/download.htmlpeace-p

Re: VNC, Transparently

Anonymous's picture

Has anyone else experienced kdm crashing on vnc? I have redhat 7.1 - I get "The application KDE Splash Screen (ksplash) crashed and caused the signal 11 (SIGCEGV)." Further investigation allows me to get a window using twm but starting kedit or other kde programs causes a signal 11...It's kde 2.1.1. kde works fine on the console.

Re: VNC, Transparently

Anonymous's picture

Got the same error.
(also on RH7.1 & KDE 2.1.1)
(vnc-server-3.3.3r2-14 from the standard RH distro)
tvm works fine

vnc log says:

QImage::color: Index 0 out of range
QImage::color: Index 255 out of range
QImage::color: Index 255 out of range
QImage::color: Index 255 out of range
QImage::color: Index 0 out of range
KCrash: crashing.... crashRecursionCounter = 2
KCrash: Application Name = ksplash path =
Xlib: extension "RENDER" missing on display ":1.0".
Xlib: extension "RENDER" missing on display ":1.0".
Server has no DPMS extension
knotify: error while loading shared libraries: libsoundserver_idl.so.0: cannot load shared object file: No such file or direct
ory
Xlib: extension "RENDER" missing on display ":1.0".
QSocketNotifier: Multiple socket notifiers for same socket 6 and type read
Could not dlopen library knotify.la: libsoundserver_idl.so.0: cannot load shared object file: No existe el fichero o el direct
orio
knotify: error while loading shared libraries: libsoundserver_idl.so.0: cannot load shared object file: No such file or direct
ory
Xlib: extension "RENDER" missing on display ":1.0".
Could not dlopen library knotify.la: libsoundserver_idl.so.0: cannot load shared object file: No existe el fichero o el direct
orio
knotify: error while loading shared libraries: libsoundserver_idl.so.0: cannot load shared object file: No such file or direct
ory
Xlib: extension "RENDER" missing on display ":1.0".
KCrash: crashing.... crashRecursionCounter = 2
KCrash: Application Name = kwin path =
Xlib: extension "RENDER" missing on display ":1.0".
Xlib: extension "RENDER" missing on display ":1.0".
KCrash: crashing.... crashRecursionCounter = 2
KCrash: Application Name = kicker path =
Xlib: extension "RENDER" missing on display ":1.0".

What is the RENDER clause?
Where can I remove the libsoundserver_idl.so.0 clause (there is no sound on the linux box its a Dell PowerEdge 2500) ?

Re: VNC, Transparently

Anonymous's picture

The -depth clause on /etc/sysconfig/vncservers works with me!

Thanks!

Re: VNC, Transparently

Anonymous's picture

Add "-depth 24" to ARGS

ie:

ARGS="-depth 24 -geometry 800x600 -alwaysshared"

Re: VNC, Transparently

Anonymous's picture

yes, but wouldn't that [vastly] increase VNC's network load?

and if i set the 24-bit ARG you speak of, will that be overridden by the "Restrict pixels to 8-bit" option?

(i'm having the same KDE apps crashing problem running potato)

Re: VNC, Transparently

Anonymous's picture

I am using Redhat 7.1 and the vnc. I would like to access the X Desktop from a windows machine and run some java apps. I am able to do this as root but when I start vncserver as a normal user and login using vncviewer I don't get the terminal screen or the java app that I start using a startup script. Please advice. Thanking you in advance,

Shan.

VNC Transparently

Trungnd's picture

I 've just start vncserver on Linux system like this
-service vncserver start
-vncpasswd
-vncserver
after that i edit xstartup file in order to user can log to KDE enviroment like this

#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
startkde &

And then: I reboot system
After that , I using VNC client on window platform to log on to VNCserver.
It was running.
But i can't run any terminal or any application
Is there any body can help me
Thanks

Re: apps not working

Shagie's picture

Comment these lines in your xstartup file to run terminals/apps in KDE:

#[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#xsetroot -solid grey
#vncconfig -iconic &
#xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &

Faster VNC

Anonymous's picture

A better protocol, tight VNC, exists as well. Completely compatible with VNC (same configuration files and the same executable names).
Look at http://www.tightvnc.com.

Re: Faster VNC

Anonymous's picture

tight vnc came standard on my Mandrake 8.2 install.

Re: VNC, Transparently

jdimpson's picture

A correction to this article. In the section that titled What's Happening?, the sentence that stays "As it starts up, the VNC server reads the .xsession file in your home directory" should say ""As it starts up, the VNC server reads the .vnc/xstartup file in your home directory".

--Jeremy Impson

Re: VNC, Transparently

slimjimmonk's picture

I use another way to suspend my session. Instead of Ctl-Alt-Backspace, I choose the ``Quit viewer" from the VNC pop-up menu. This exits the viewer and returns me to the gdm logon.

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix