个人工具

UbuntuHelp:UbuntuLTSP/GDMVNCInetdssh

来自Ubuntu中文

跳转至: 导航, 搜索
This page is specific to Ubuntu versions 8.04

If you find this information applicable to additional versions/releases, please edit this page and modify this header to reflect that. Please also include any necessary modifications for this information to apply to the additional versions.


This page is dedicated to getting VNC to work at the GDM level, enabling administrators to VNC (optionally over SSH port 22) into Ubuntu servers directly to an alternate X server (not the server console X session). This allows multiple admins to log in graphically at the same time, locally and over remote (secure) connections.

  • Enable XDMCP
  • System->Administration->Login Screen Setup
  • Tab Remote -> Style = "Same as local"
  • Bottom button XDMCP (still in Remote) --> You can disable "Honor Indirect Requests" if you'd like.
  • Add all Ubuntu universe/multiverse repositories via Synaptic Package Manager or by manually editing /etc/apt/sources.list
  • Install vnc4server (and openbsd-inetd if it's not there already):
sudo apt-get install vnc4server openbsd-inetd
  • Add following to /etc/inetd.conf:
5901    stream    tcp  nowait root  /usr/bin/Xvnc Xvnc -inetd :1 -query localhost -geometry 800x600 -once -fp /usr/share/fonts/X11/misc -DisconnectClients=0 -NeverShared securitytypes=none -extension XFIXES

Note 1) You can add as many Xvnc servers for simultanious, seperate VNC/GDM sessions by adding another line to /etc/inetd.conf, simply increasing the port number and display number in the line by one, for example: 2nd VNC session (port 5902, display :2):

5902    stream    tcp  nowait root  /usr/bin/Xvnc Xvnc -inetd :2 -query localhost -geometry 800x600 -once -fp /usr/share/fonts/X11/misc -DisconnectClients=0 -NeverShared securitytypes=none -extension XFIXES

3rd VNC session (port 5903, display :3):

5903    stream    tcp  nowait root  /usr/bin/Xvnc Xvnc -inetd :3 -query localhost -geometry 800x600 -once -fp /usr/share/fonts/X11/misc -DisconnectClients=0 -NeverShared securitytypes=none -extension XFIXES

..etc, etc etc.... Note 2) that this does not ask for the root VNC password before connecting. I am using this in a secure LAN environment so I don't mind people logging into a login prompt without a password. You can always put the original switch in ( passwordFile=/root/.vncpasswd ) if you want to retain the VNC password functionality.

  • Restart inetd with:
sudo /etc/init.d/openbsd-inetd restart
  • Bookmark this page, as we will be logging out and logging back in.
  • Log out of Gnome. Restart GDM via sudo /etc/init.d/gdm restart.
  • Log back in and test locally with:
vncviewer localhost:1
  • Test remotely with:
$ vncviewer <ipaddress>:1

NOTE: If you are experiencing random "theme-cycling" and "gnome-settings-daemon" crash issues in Hardy after performing this HOWTO, please see this page for updated vnc4server packages that fixes the problem.


BONUS: ADD REMOTE SSH TUNNEL TO ENCRYPT VNC SESSION: Prerequisite: You must have sshd running on the server already - this step is outside the scope of this post.

  • From the client (assuming it is also Ubuntu Linux), connect to the remote SSH service using the -L (port-forwarding) switch:
ssh -L 5901:127.0.0.1:5901 myusername@<public_remote_ip>

Note: Obviously, substitute the forwarding port match the display you're trying to connect to via VNC. After you log in via SSH, fire up a VNC viewer session (on your local machine) to the remote server using LOCALHOST:1 which forwards local port 5901 over SSH to the remote server port 5901 (again, remember to substitute :1 with whatever display you're trying to connect to):

vncviewer localhost:1

Have fun with this! SSH seems to compress VNC traffic pretty well, not to mention make it SECURE over untrusted networks (I.E. the Internet)! Derived from Ubuntu Forum post here: http://ubuntuforums.org/showthread.php?t=569451