But because not all linux machines are running on gnome basis, I will
explain how to install and configure VNC server for Vino and TightVNC.
[Vino]
Under the gnome base environment, vino will be easily installed and found.
For gnome shell, vino preference program will be found with the name "Desktop sharing".
If vino is not installed yet, install and run vnc server with the below commands.
$ sudo apt-get install vino
$ vino-preferences
--> VNC settings
$ /usr/lib/vino/vino-server &
--> run vino server
for vino-preference, it shows one single dialog where we can decide sharing and security settings. Among all the items, under security category, we can uncheck the item "you must confirm each access to this machine" if there is no need to confirm every VNC access.
Server-side setup is completed. We can just access to this server from the client with vnc client program. if there is no vnc client program, then
$ sudo apt-get install vncviewer
$ vncviewer xxx.xxx.xxx.xxx &
<-- connect with server IP
If connection from client to server fails, we must check the firewall policies.
In server side we can simply open ports for VPN like this.
$ sudo iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5900:5901 -j ACCEPT
$ sudo iptables -I INPUT -m state --state NEW -m udp -p udp --dport 5900:5901 -j ACCEPT
[Tight VNC]
Comparing with gnome vino, Tight VNC is more common and flexible solution.
Before starting, we need to check if desktop manager is installed and configured.
for gnome desktop,
$ sudo apt-get install gdm3
$ sudo /etc/init.d/gdm3 start
$ sudo dpkg-reconfigure xserver-xorg
Now, we will install Tight VNC server.
$ sudo apt-get install tightvncserver
And, we will run vnc server for the first time so in order to let it make setup file so that we can modify the setup file later.
All the commands below must be executed under the user account, not root account.
$ vncserver :1 -geometry 1280x1024 -depth 16 -pixelformat rgb565
<-- run vnc server
1 : display number
1280x1024 : resolution
16 : color depth
$ vncpasswd
<-- define password for vnc connection from client
$ vncserver -kill :1
<-- kill vnc server
1 : display number
* display number can be integer value starting from 1. (1, 2, 3, 4, ...)
0 means the display number of screen that can be seen on the original server.
So, display number for client vnc connection starts from 1 and this number
is relating to the firewall port number of the server.
For one vnc connection, at least 2 ports must be opened at server side.
Those are 5900 and (5900 + client display number).
e.g. if vnc display number is 3, 5900 and 5903 are the ports number which must be opened.
If vnc server is killed, edit the vnc setup file.
$ vi ~/.vnc/xstartup
Add at the bottom of the file,
gnome-session &
( or startkde & according to your choice)
Last, start vnc server again.
$ vncserver :1 -geometry 1280x1024 -depth 16 -pixelformat rgb565
Server-side setup is completed. We can just access to this server from the client with vnc client program. if there is no vnc client program installed, then
$ sudo apt-get install vncviewer
$ vncviewer xxx.xxx.xxx.xxx &
<-- connect with server IP
If connection from client to server fails, we must check the firewall policies.
In server side we can simply open ports for VPN like this.
In case of display number 1, then ports 5900, (5900+1) must be opened.
$ sudo iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5900 -j ACCEPT
$ sudo iptables -I INPUT -m state --state NEW -m udp -p udp --dport 5900 -j ACCEPT
$ sudo iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT
$ sudo iptables -I INPUT -m state --state NEW -m udp -p udp --dport 5901 -j ACCEPT
For the details of firewall setting, if there is other firewall management tool installed on your server try it first.
That's it!
I hope everybody have fun with VNC and feel free to comment if there is anything wrong or opinion about this post!
No comments:
Post a Comment