1. Introduction
This HOWTO came about because I want to run one of my old machines headless that is no screen. It was just too much hastle to keep changing the vga cable over. I could not use a KVM switch due tothe setup of my dual screens. I wanted to be able to simply turn on the old machine wait for it to boot and then start a vncviewer session from a remote linux box.
1.1. Copyright
Copyright (c) 2008 by Richard W. Brown
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is available from http://www.fsf.org/licenses/fdl.html.
1.2. Disclaimer
No liability for the contents of this document can be accepted. Use the concepts, examples and information at your own risk. There may be errors and inaccuracies which could be damaging to your system. Proceed with caution, and although this is highly unlikely, the author(s) do not take any responsibility.
Owners hold all copyrights, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Naming of particular products or brands should not be seen as endorsements.
This document is how I configure and use the various software tools related to my own system. I am not, nor do I pretend to be a Linux expert. I am just some guy who has benefited from the expertise of others and wish to add my contribution back to the Linux community.
Note: You are strongly recommended to take backup copies of all files before they are modified.
1.3. Feedback.
Feedback is most certainly welcome for this document. Send your additions, comments and criticisms to the following email address: howtos at Mythical Beast dot co dot uk Errors and omission will be added to the next version of this document.
2. Installation.
2.1. Install Using The 'apt-get' Software
sudo apt-get install vnc4server xinetd openssh-server
The xinetd software is used to start the vncserver automatically when it is requested. By using it we only have the vncserver on demand. Xinetd also has some extra security options so you can stop unwanted guests from using the vncserver. Ssh is required if you are going to tunnel to the vncserver from a remote machine.
2.2. Allow local and remote XDMCP connections
This is how vncserver knows to use gdm when you start up the server process.
sudo gedit /etc/gdm/gdm.conf
Once the editor is running andthe file is loaded fine the following lines uncomment the RemoteGreeter line, by removing the # at the start of the line.
RemoteGreeter=/usr/lib/gdm/gdmlogin
Turn on xdmcp, do this by searching for the [xdmcp] section header and change the line to read
[xdmcp]
Enable=true
With that bit all finished we just need to restart gdm with the following command.
sudo /etc/init.d/gdm restart
2.3. Configuring xinetd to start Xvnc on demand
xinetd is a secure replacement for inetd. If you already have some services running under inetd, at a later stage you might like to move them over to xinetd. The default Ubuntu installation of xinetd looks for files in the directory /etc/xinetd.d and creates an entry for the service configured therein. So we can start by creating a file /etc/xinetd.d/Xvnc so we have some idea what the service will be running from its name.
sudo gedit /etc/xinetd.d/Xvnc
The contents of the file should be similar to this, You migh want to adjust the -geometry setting and possibly the only_from. Use what is here now to get it going you can play later
service Xvnc
{ type = UNLISTED
disable = no
socket_type = stream
protocol = tcp
wait = no
user = nobody
only_from = 192.168.0.0
server = /usr/bin/Xvnc
server_args = -inetd -query localhost -geometry 1024x768 -depth 16 -once -securitytypes=none -extension XFIXES
port = 5901
}
Now restart the xinetd daemon and we are almost done.
sudo /etc/init.d/xinetd restart
2.3.1. What the xinetd configuration lines were doing.
2.3.1.1. type = UNLISTED
Use UNLISTED for services that are not listed in the /etc/services or /etc/rpc files.
2.3.1.2. disable = no
This tells xinetd if this service is disabled or not. If you want it to run set this to yes!
2.3.1.3. socket_type = stream
There a a few valid options that could be used by xinetd but you need to use stream for vncserver.
2.3.1.4. protocol = tcp
This option sets the protocol that will be used by this service. The protocol must exist in /etc/protocols. If this attribute is not defined, the default protocol employed by the service will be used.
2.3.1.5. wait = no
Strange name for this option once you know what it is for. If set to yes then the service is single threaded. This means that xinetd will get a request start the service and then not start any more instances of this service until this first one quits. If no then xinetd will try to start a new service for each request.
Looking at the Xvnc man page tells us that vncserver has different behaviour depending on the value of this option. When wait is no then the vncserver is not persistant. That is when you log out the server dies.
2.3.1.6. user = nobody
This is the user who will run the vncserver process. It can be anybody but nobody is better as that useer has by default very little or no permission to do anything. If the process is hacked little damage can be done. Since you get a login window and haveto enter a password to before you an login as a real user this is a good choice. If you changed to wait = yes then you will want to change this to a real user and also add a password file to the Xvnc command line.
2.3.1.7. only_from = localhost
This limits connections to the IP addresses listed. there can be more than one only-from line and they are cumulative. using 192.168.0.0 means any machine with an IP address that starts 192.168 can start this process. If you use localhost this means you must use ssh tunneling to start this process from another machine.
2.3.1.8. server = /usr/bin/Xvnc
This is the name ofthe process that vncserver kicks off. See the man page for details of all of its command line options.
2.3.1.9. server_args = -inetd -query localhost -geometry 1024x768 -depth 24 -once -securitytypes=none -extension XFIXES
- inetd switch as this turns on the functionallity needed when this program is run from xinetd.
- query localhost We only want to automatically start on this host and will therefore contact XDMCP on localhost.
- geometry This is the resolution of the screen that will be displayed when you run the vncviewer.
- depth This is the colour depth displayed on the vncviewer, if you have a slow connection reduce the value.
- once only one instance of Xvnc will be started by this service.
- securitytypes=none Do not ask for a vncpassword before starting the viewer.
2.3.1.10. port = 5901
TCP port which will be polled to initiate the connection.
2.4. Running the vncviewer.
To see the vncserver we just configured you need to run a vncviewer. We configured the server to run on port 5901. This menas we will be using screen display :1 (5901 - 5900 = 1)
vncviewer localhost:1
When the window opens up you will see the usual gmd greeter or login screen. Login as you normally do and a few seconds later thered is your desk top.
Note: If as you are already logged into theis nachine you will see a dialog box checking that this is okay.
3. Advanced Stuff
Once you have all the above up and running, you might like to have a play with.
3.1. Persistance vncserver settings.
To allow you vncserver to continue to run when you close down the viewer change the following values. Change the wait value to yes. This will stop the need to log in with a user name and password the second time. It would also be worth turning on securitytypes which also means you need to use a user other than nobody.
wait = yes
3.2. converting existing inetd services to use Xinetd
This is not for the unwary and make sure everything is backed up. This has a very very high potential for going badly wromg making your machine unbootable! Get a rescue disk or CD!
There is a little utility program/script to convert from inetd to xinetd, it is called itox. I have used it a number of times to convert existing inetd configurations to xinetd. Although there is also a newer script xconvert.pl that is a little better about converting modern inetd.conf files. Personally I've never used it.
sudo itox < /etc/inetd.conf > /etc/xinetd.d/old_inetd.cong
In a perfect world, you could now comment all the lines in your old /etc/inetd.conf uninstall the inetd sortware stopping that daemon from running and reboot. BUT it is not a perfect world, companies still force employees to under go tortcher and use Wimpoz so test each and every service that inetd was running making sure it is running correctly with xinetd.
4. VNC Without Xinetd
To run a vncserver on your host is not that difficult but there were a few gotchers I came across that took some working out.
4.1. Software Installation
Yep, you guessed it pretty much the same as above, but no xinetd or openssh required. Ah, okay so that will be just vncserver then.
sudo apt-get install vnc4server
Once that is all installed you need to create one file and you are all done. The file is used by vncserver so that it knows what you want to run. So assuming you want to run the usual gnome session. Make the following directory and then create the file with the contents shown below.
cd <<-- make sure you are in your $HOME directory
mkdir .vnc
gedit .vnc/xstartup
#----- copy this -------------------------
#!/bin/sh
unset SESSION_MANAGER
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -nowin &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
/usr/bin/gnome-session &
#----- down to here -------------------------
Note: For KDE you can use startkde & as the last line.
When you run the the vncserver command the first time it will ask you for a password. This is the password you will enter when you or anyone else wants to use the vncviewer to see your vncserver sessions.
The server command line I use for my wide screen 1680x1050 is as follows. I have included the output when I ran this on my kvm guest machine called kvmhardy.
vncserver -geometry 1640x970
New 'kvmhardy:1 (richard)' desktop is kvmhardy:1
Starting applications specified in /home/richard/.vnc/xstartup
Log file is /home/richard/.vnc/kvmhardy:1.log
To see your new session you will need to run vncviewer. Looking at the output above, you already know that the server was run on the host machine called kvmhardy. The :1 at the end of the name tells you that the server is using DISPLAY 1. This is needed one the vncviewer line. If we are running the viewer on the same host in our case running on kvmhardy we can also use a host name of localhost.
vncviewer kvmhardy:1
5. Further Information.
5.1. Links I Found Useful
There are quiet a few similar posts on the Ubuntu forum. So in no particular order:
- Post by Kcnnc
- Post by Tichondrius
- Home of xinetd
- Good startingpoint for xinetd
- RealVNC home page
- tightvnc home page
- A Great system Rescue CD it has saved me many times.