查看“VNCOverSSH”的源代码
来自Ubuntu中文
←
VNCOverSSH
跳到导航
跳到搜索
因为以下原因,您没有权限编辑该页面:
您请求的操作仅限属于该用户组的用户执行:
用户
您可以查看和复制此页面的源代码。
---- 原文出处: 原文作者: 授权许可:[http://creativecommons.org/licenses/by-sa/2.0/ 创作共用协议Attribution-ShareAlike 2.0] [http://www.gnu.org/copyleft/fdl.html GNU自由文档许可证] 翻译人员:Xiaobin Ding 校对人员: 贡献者: 适用版本: 文章状态:翻译中 === Introduction === === 引言 === This brief guide will introduce a method for securely accessing the desktop of a remote Ubuntu computer system from a local Ubuntu computer system by tunneling a Virtual Network Computing (VNC) session over the Secure SHell (SSH) protocol. This guide does not use the default installation of the ''Vino'' VNC server provided with Ubuntu, nor does it utilize any of the server-specific ''Remote Desktop'' functionality provided by the ''Preferences'' menu. This guide uses the ''TightVNC'' flavor of VNC for the server side, and is applicable to either standard, or server installations of Ubuntu. 本文将介绍如何使用SSH协议,通过隧道传输虚拟网络计算(VNC)会话,从本地的Unbuntu计算机安全的控制远程的Ubuntu计算机系统的桌面。本文所使用的VNC服务器不是Ubuntu默认安装所提供的''Vino'' VNC服务器,也没有使用任何由首选项菜单中提供的特定务器的远程桌面功能。本文所使用的是''TightVNC''作为服务器端,该软件也适用于Ubuntu的标准安装或者服务器安装。 === Target Audience === 本简要指南将介绍以一种在使用安全'''SHell(SSH)'''协议的基础上通过隧道传输虚拟网络计算'''(VNC)'''会话从本地'''Ubuntu'''计算机系统安全地访问<br>远程'''Ubuntu'''计算机系统桌面的方法。本指南并不使用'''Ubuntu'''默认安装的'''Vino VNC'''服务器,也不使用任何由首选项菜单所提供的服务器特定的远程<br>桌面功能。本指南使用服务器端常用的'''TightVNC''',它既适用于标准桌面版'''Ubuntu'''也适用于服务器版'''Ubuntu.''' === 目标读者 === This guide is for anyone with sufficient experience with the GNU/Linux command-line, and particularly experience in executing command-line utilities, and editing system configuration files with a preferred editor. A familiarity with OpenSSH, and VNC will help in understanding the concepts involved, but is not necessary to follow this guide's instruction. 本文主要针对的用户是对于GNU/Linux命令行操作有足够经验,并且有一定的使用命令行工具的经验,同时能够使用特定编辑器编辑系统文件能力。如果您对于OpenSSH 和VNC比较熟悉,这将有助于理解后面所涉及到的概念,但这些知识并不是阅读本文所必需的。 === VNC === === 虚拟网络计算(VNC) === Virtual Network Computing (VNC) is a freely-available, cross-platform software solution which makes viewing, and interacting with a remote computer's desktop possible from any other computer, or appropriately enabled device across a Local Area Network, (LAN) via the Internet. The solution is comprised of separate server, and client applications, but control via a standards-compliant web browser which supports JavaScript is also possible too. More information on VNC is available via the [[UbuntuHelp:InterWiki|VNC Wiki Page]], or the '''Resources''' section of this guide. 虚拟网络计算(VNC)是一个自由的跨平台的软件解决方案,可以用于浏览并与远程计算机桌面进行交互操作,并且还可以使局域网通过Internet网络来连接。该解决方案由分开的服务器和客户端应用程序来组成,同时也可以通过标准的支持JavaScript的Web浏览器来进行控制。更多的关于VNC的信息请参阅[[UbuntuHelp:InterWiki|VNC Wiki Page]],或者请访问本手册'''资源'''部分。 ==== Installing VNC Components ==== ==== 安装VNC ==== Before you can begin establishing the secure desktop connections with VNC, you must verify installation of the appropriate packages on the server, and client computers. 在您使用VNC建立安全的桌面连接之前,您必须首先验证是否正确的安装了服务器和客户端。 ==== The Host Computer (Server) ==== To install the TightVNC software on your Ubuntu server computer, (the remote computer) simply use your preferred package manager application, such as '''Synaptic''', and install the <code><nowiki>vnc-common</nowiki></code> and <code><nowiki>tightvncserver</nowiki></code> packages. To install these packages from the terminal, open a Terminal instance, and type the following command at the terminal prompt: <code><nowiki>sudo apt-get install vnc-common tightvncserver</nowiki></code> Enter your user password when prompted, and provided your system's package sources are in order, the packages should install without error. To avoid a nasty error related to FontPaths when starting your VNC server later, edit the the /etc/vnc.conf file with <code><nowiki>sudo</nowiki></code>, and your preferred editor, and add these lines to the very bottom of the /etc/vnc.conf file: <pre><nowiki> $fontPath "unix/:7100" # local font server # if the local font server has problems, we can fall back on these $fontPath .= "/usr/share/X11/fonts/misc,"; $fontPath .= "/usr/share/X11/fonts/cyrillic,"; $fontPath .= "/usr/share/X11/fonts/100dpi/:unscaled,"; $fontPath .= "/usr/share/X11/fonts/75dpi/:unscaled,"; $fontPath .= "/usr/share/X11/fonts/Type1,"; $fontPath .= "/usr/share/X11/fonts/CID,"; $fontPath .= "/usr/share/X11/fonts/100dpi,"; $fontPath .= "/usr/share/X11/fonts/75dpi,"; # paths to defoma fonts $fontPath .= "/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType,"; $fontPath .= "/var/lib/defoma/x-ttcidfont-conf.d/dirs/CID"; </nowiki></pre> Save the file, and exit the editor. ==== The Remote Computer (Client) ==== As of this writing, Ubuntu version 5.10 "The Breezy Badger" ships with the VNC viewer application, <code><nowiki>vncviewer</nowiki></code> installed by default. A ''Terminal Server Client'' application is also provided which gives a front-end to the <code><nowiki>vncviewer</nowiki></code> command. To verify installation of the Terminal Server Client, simply click the ''Applications'' Menu, then navigate to the ''Internet'' Menu, where you should observe the Terminal Server Client entry. To verify installation of the <code><nowiki>vncviewer</nowiki></code> application, open Terminal window, and enter the following command at the terminal prompt: <code><nowiki>which vncviewer</nowiki></code> The output of the command should resemble the following: <pre><nowiki> /usr/bin/vncviewer </nowiki></pre> Once you've installed the VNC server software on the server computer, and verified installation of the VNC client software on the client computer, you are ready to proceed to OpenSSH installation on the two computers. === SSH === OpenSSH is the freely available version of the Secure SHell (SSH) software which allows for direct remote terminal control, file transfer, and tunneling all over a secure, and encrypted connection. Additional information about OpenSSH is available from the [[UbuntuHelp:InterWiki|SSHHowto Wiki Page]], the [[UbuntuHelp:InterWiki|AdvancedOpenSSH Wiki Page]], and the '''Resources''' section of this guide. ==== Installing OpenSSH ==== Installation of the OpenSSH client, and server components is identical for both the client, and server computers. Using your preferred package management application, install the <code><nowiki>openssh-client</nowiki></code> and <code><nowiki>openssh-server</nowiki></code> packages. To install these packages at a terminal prompt, open a Terminal instance, and type the following command at the terminal prompt: <code><nowiki>sudo apt-get install openssh-client openssh-server</nowiki></code> Enter your user password when prompted, and provided your system's package sources are in order, the packages should install without error. Once you've installed OpenSSH on the client, and sever computers, it is time to make a secure, tunneled VNC connection over SSH! === VNC + SSH === Creating the VNC connection over a SSH tunnel is quite simple, but involves issuing commands at both the client and server computers. To do this, you must have physical access to both machines, or use the <code><nowiki>ssh</nowiki></code> application itself to login at the remote computer from the local computer, using a syntax similar to the following: <code><nowiki>ssh remote.host.name.com</nowiki></code> or <code><nowiki>ssh 82.211.81.166</nowiki></code> to connect via IP address. Of course, you should replace the example hostname, or IP address in the commands above with your remote computer's actual hostname or IP address. Provide the password of your account on the remote machine to complete the ssh login. Now, the commands required at both ends to start a session. In the example presented below, the remote computer is actually using Xubuntu, and is thus using the XFCE desktop environment. The example user will be ''jimi'' and the remote server will be ''82.211.81.166'', with a hostname of ''hendrix''. Remember to substitute your values accordingly though. ==== The Host Computer (Server) ==== To enable a listening VNC server on the server computer, enter this command into a terminal prompt: <code><nowiki>vncserver :1</nowiki></code> The first time you do this, you'll be prompted for a password to use for incoming connections: <pre><nowiki> You will require a password to access your desktops. </nowiki></pre> Enter, and verify the password you wish to use to access the server's desktop from the client computer. You should then see startup messages from the VNC server similar to the following: <pre><nowiki> New 'X' desktop is hendrix:1 Creating default startup script /home/jimi/.vnc/xstartup Starting applications specified in /home/jimi/.vnc/xstartup Log file is /home/jimi/.vnc/hendrix:1.log </nowiki></pre> Notice the references to the <code><nowiki>xstartup</nowiki></code> file? This file controls what is launched during the X session started by VNC in terms of X applications, and the Window Manager, or X Desktop Interface (Gnome, KDE, XFCE). It is configured to take sensible defaults from the currently configured X Desktop Interface, or Window Manager, so it should not need additional editing. However, if the X session as started by the VNC server does not behave as you wish it to, the ~/.vnc/xstartup file may be used to force a particular behavior. Now that the VNC server is running, we proceed to the "tricky" part, which is to establish our tunnel, and connect over it. ==== The Local Computer (Client) ==== To connect to the server's VNC desktop, from the client you'll simply use the <code><nowiki>-via</nowiki></code> parameter of the <code><nowiki>vncviewer</nowiki></code> command. The syntax of the command then resembles the following when using our example host information from above: <code><nowiki>vncviewer -via 82.211.81.166 hendrix:1</nowiki></code> This tells VNC to forward the connection to the server computer (''hendrix'') via the server computer's external, or public facing IP address, ''82.211.81.166'' (a valid, resolvable hostname would work here too). Upon entering this command at a terminal prompt, you'll notice some VNC-specific information on screen, and then you'll be prompted for the SSH password. Enter the SSH password, and upon correctly doing so, the SSH tunnel will be established. Next, you'll receive a prompt for your VNC password (which may, or may not be the same as the SSH password) which resembles the following: <pre><nowiki> VNC server supports protocol version 3.3 (viewer 3.3) Password: </nowiki></pre> Enter the VNC password, and you should then see remote server's desktop appear! Now that you have the basic connection working, you should study more information via the resources in the '''Resources''' section of this guide, and remember that virtually any kind of applications which communicate via TCP may be forwarded over SSH tunnels in a similar manner as VNC for additional security. Though some applications may lack the <code><nowiki>-via</nowiki></code> option which <code><nowiki>vncviewer</nowiki></code> uses, there are ways to manually create SSH tunnels for almost any application. See the '''Resources''' for more information. Have fun with your secure, encrypted desktop sessions! === Resources === Additional information on VNC, and SSH is available via the following resources: ==== Local System Resources ==== {|border="1" cellspacing="0" |<code><nowiki>man ssh</nowiki></code>|| System manual page for the <code><nowiki>ssh</nowiki></code> application |- |<code><nowiki>man sshd_config</nowiki></code>|| System manual page for the OpenSSH server configuration file,<code><nowiki>/etc/ssh/sshd_config</nowiki></code> |- |<code><nowiki>man vncserver</nowiki></code>|| System manual page for the <code><nowiki>vncserver</nowiki></code> application |- |<code><nowiki>man vnc.conf</nowiki></code>|| System manual page for the VNC configuration file, <code><nowiki>/etc/vnc.conf</nowiki></code> |- |<code><nowiki>man vncpasswd</nowiki></code>|| System manual page for the <code><nowiki>vncpasswd</nowiki></code> application |} ==== WWW Resources ==== [http://www.openssh.org OpenSSH Website] [http://www.tightvnc.com/ TightVNC Website] [http://www.ift.uib.no/IT/howto/remote_desktop/vnc.html Information on the vncviewer -via option] [http://www.ccs.neu.edu/howto/howto-sshtunnel.html SSH Tunneling HOWTO @ Northeastern University] [http://www.revsys.com/writings/quicktips/ssh-tunnel.html SSH Tunneling Made Easy] [http://www.linuxplanet.com/linuxplanet/tutorials/6155/1/ Using VNC Tunneling over SSH] ----
返回
VNCOverSSH
。
导航菜单
页面操作
页面
讨论
阅读
查看源代码
历史
页面操作
页面
讨论
更多
工具
个人工具
登录
导航
首页
最近更改
随机页面
页面分类
帮助
搜索
编辑
编辑指南
沙盒
新闻动态
字词处理
工具
链入页面
相关更改
特殊页面
页面信息