Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] vnc



On Sun, Aug 24, 2014 at 10:29:13AM -0400, Stephen Adler wrote:
> I'm installing red hat enterprise linux on a server at home and I'm
> tweaking the vnc service setup. I've followed the instructions in
> the system admin guide, but I'm not liking the final set up.
> Basically I've enabled vncserver for a user registered on the
> system. When I reboot, the system spawns off Xvnc for the user. When
> I run vncviewer, I issue my password and then I have a vnc window of
> the desktop of the user on the system.
> 
> My problem with this is that the password I issue to open up the
> vncviewer window to access the desktop of the user is not part of
> the /etc/passwd file, but some clear text password file. There are
> warnings in the documentation about this.
> 
> What I would like is to be able to somehow start an Xvnc session in
> which gdm is started, and then when I run vncviewer and issue the
> password, I'm placed into a gdm login screen, at which point I
> select my user and password and log in. This is the model of the old
> Xterminals of the 1990s.
> 
> does anyone have any tips/tricks on how to set up Xvnc or a
> vncserver set up so that I get a gdm login screen instead of going
> directly into the user's desktop?

So, the reason you're not supposed to do that -- or be happy
with the way vnc comes out of the box -- is that vnc is
unencrypted.

Set Xvnc to not listen on anything except localhost. Then back
that up with a firewall restriction -- really, you shouldn't
have to, because you do default deny, right?

Run an ssh tunnel to your server, LocalForward some port to the vnc port,
and point your vncviewer at localhost:0.

Now that you've got that working, you can do multiuser. 

Most of the info for that is here:
http://linuxreviews.org/howtos/xvnc/
but the short version is, enable xdcmp listening to localhost
for your display manager.

-dsr-



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org