UbuntuHelp:UbuntuLTSP/GDMVNCInetdssh
来自Ubuntu中文
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
This page is dedicated to getting VNC to work at the GDM level, enabling administrators to VNC (optionally over SSH port 22) into Ubuntu servers directly to an alternate X server (not the server console X session). This allows multiple admins to log in graphically at the same time, locally and over remote (secure) connections.
- Enable XDMCP
- System->Administration->Login Screen Setup
- Tab Remote -> Style = "Same as local"
- Bottom button XDMCP (still in Remote) --> You can disable "Honor Indirect Requests" if you'd like.
- Add all Ubuntu universe/multiverse repositories via Synaptic Package Manager or by manually editing /etc/apt/sources.list
- Install vnc4server (and openbsd-inetd if it's not there already):
sudo apt-get install vnc4server openbsd-inetd
- Add following to /etc/inetd.conf:
5901 stream tcp nowait root /usr/bin/Xvnc Xvnc -inetd :1 -query localhost -geometry 800x600 -once -fp /usr/share/fonts/X11/misc -DisconnectClients=0 -NeverShared securitytypes=none -extension XFIXES
Note 1) You can add as many Xvnc servers for simultanious, seperate VNC/GDM sessions by adding another line to /etc/inetd.conf, simply increasing the port number and display number in the line by one, for example: 2nd VNC session (port 5902, display :2):
5902 stream tcp nowait root /usr/bin/Xvnc Xvnc -inetd :2 -query localhost -geometry 800x600 -once -fp /usr/share/fonts/X11/misc -DisconnectClients=0 -NeverShared securitytypes=none -extension XFIXES
3rd VNC session (port 5903, display :3):
5903 stream tcp nowait root /usr/bin/Xvnc Xvnc -inetd :3 -query localhost -geometry 800x600 -once -fp /usr/share/fonts/X11/misc -DisconnectClients=0 -NeverShared securitytypes=none -extension XFIXES
..etc, etc etc.... Note 2) that this does not ask for the root VNC password before connecting. I am using this in a secure LAN environment so I don't mind people logging into a login prompt without a password. You can always put the original switch in ( passwordFile=/root/.vncpasswd ) if you want to retain the VNC password functionality.
- Restart inetd with:
sudo /etc/init.d/openbsd-inetd restart
- Bookmark this page, as we will be logging out and logging back in.
- Log out of Gnome. When you get to the GDM screen, hit CTRL+ALT+BACKSPACE. This will restart the GDM service (required).
- Log back in and test locally with:
vncviewer localhost:1
- Test remotely with:
$ vncviewer <ipaddress>:1
BONUS: ADD REMOTE SSH TUNNEL TO ENCRYPT VNC SESSION: Prerequisite: You must have sshd running on the server already - this step is outside the scope of this post.
- From the client (assuming it is also Ubuntu Linux), connect to the remote SSH service using the -L (port-forwarding) switch:
ssh -L 5901:127.0.0.1:5901 myusername@<public_remote_ip>
Note: Obviously, substitute the forwarding port match the display you're trying to connect to via VNC. After you log in via SSH, fire up a VNC viewer session (on your local machine) to the remote server using LOCALHOST:1 which forwards local port 5901 over SSH to the remote server port 5901 (again, remember to substitute :1 with whatever display you're trying to connect to):
vncviewer localhost:1
Have fun with this! SSH seems to compress VNC traffic pretty well, not to mention make it SECURE over untrusted networks (I.E. the Internet)! Derived from Ubuntu Forum post here: http://ubuntuforums.org/showthread.php?t=569451