v0.20.0 (en), xiando

Copied from http://linuxreviews.org/howtos/xvnc/

How to turn your box into a Xvnc Terminal Server using tightvnc

This will let you get a window with your remote server login manager on any Windows / Linux / Java system with vncviewer and internet access.

VNC stands for Virtual Network Computing. When you connect to a remote server with a vnc client you get a KDM/gdm/xdm login screen where you can login and work as if you were locally working on that computer.

A Xvnc server will automatically spawn when someone wants to connect, just like a terminal server. This allows multiple clients to connect using their own logins.

This guide uses tightvnc, a great client/server software package allowing remote network access to graphical desktops. It is tested to work with XFree86 v4.3.

IPv6 Notice

Xdmcp does not work if XFree is compiled with IPv6 support. Gentoo users can echo „x11-base/xfree -ipv6“ » /etc/portage/package.use or install using USE=“-ipv6“ emerge xfree to make sure it is compiled without IPv6 support.

aptitude install xinetd tightvncserver linuxvnc

xinetd comes with most distributions and chances are high you already have this up and running. emerge xinetd and rc-update add xinetd default on Gentoo.

Allow xinetd to listen to external calls:

open /etc/xinetd.conf

Make the line a comment by adding a # in front of it:

only_from = localhost

• xinetd manual page

Open /etc/X11/xdm/xdm-config with your favorite editor.

Look at the last line :

DisplayManager.requestPort :0

Comment it out by inserting a ! at the beginning of the line.

The user nobody must have a valid shell assigned when using xdm. You will only get a gray screen when connecting to xdm if nobody has the default /bin/false set.

usermod -s /bin/bash nobody

Edit the kdm config file called kdmrc. It is located in /usr/kde/3.1/share/config/kdm OR /usr/kde/3.2/share/config/kdm on Gentoo and at /etc/kde/kdm/kdmrc on Mandrake. Enable XDMCP on port 177:

  [Xdmcp]
  Enable=true
  Willing=/etc/X11/xdm/Xwilling
  Xaccess=/etc/X11/xdm/Xaccess
  Port=177

Because the X server is started with -query localhost you should disallow using KDM to shutdown and reboot. You may also want to disallow remote root logins:

  [X-*-Core]
  AllowShutdown=None
  AllowRootLogin=false

As an alternative you can use acpid to make the system shutdown cleanly by using the power button (production systems should only allow root to do this anyway)

Start gdmconfig and find the tab „XDCMP“. Make sure 'Enable XDMCP' is selected.

Edit /etc/X11/xdm/Xaccess and uncomment the line '* #any host can get a login window by removing the single quote '.

It is better to use 192.168.0.* or 127.0.0.1 than * for security.

Cut & paste the following lines to your /etc/services:

• services.txt

    #
    # VNC Servers
    #
    vnc-640x480x8 5950/tcp
    vnc-800x600x8 5951/tcp
    vnc-1024x768x8 5952/tcp
    vnc-1280x1024x8 5953/tcp
    vnc-1600x1200x8 5954/tcp
 
    vnc-640x480x16 5960/tcp
    vnc-800x600x16 5961/tcp
    vnc-1024x768x16 5962/tcp
    vnc-1280x1024x16 5963/tcp
    vnc-1600x1200x16 5964/tcp
 
    vnc-640x480x24 5970/tcp
    vnc-800x600x24 5971/tcp
    vnc-1024x768x24 5972/tcp
    vnc-1280x1024x24 5973/tcp
    vnc-1600x1200x24 5974/tcp
 
    vnc-640x480x32 5980/tcp
    vnc-800x600x32 5981/tcp
    vnc-1024x768x32 5982/tcp
    vnc-1280x1024x32 5983/tcp
    vnc-1600x1200x32 5984/tcp

with the following contents:

• xvncserver.txt

 
    service vnc-640x480x8
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 640x480 -depth 8
    }
 
    service vnc-800x600x8
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 800x600 -depth 8
    }
 
    service vnc-1024x768x8
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1024x768 -depth 8
    }
 
    service vnc-1280x1024x8
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1280x1024 -depth 8
    }
 
    service vnc-1600x1200x8
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1600x1200 -depth 8
    }
 
    service vnc-640x480x16
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 640x480 -depth 16
    }
 
    service vnc-800x600x16
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 800x600 -depth 16
    }
 
    service vnc-1024x768x16
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1024x768 -depth 16
    }
 
    service vnc-1280x1024x16
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1280x1024 -depth 16
    }
 
    service vnc-1600x1200x16
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1600x1200 -depth 16
    }
 
    service vnc-640x480x24
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 640x480 -depth 24
    }
 
    service vnc-800x600x24
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 800x600 -depth 24
    }
 
    service vnc-1024x768x24
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1024x768 -depth 24
    }
 
    service vnc-1280x1024x24
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1280x1024 -depth 24
      # port = 5973
    }
 
    service vnc-1600x1200x24
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1600x1200 -depth 24
    }
 
    service vnc-640x480x32
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 640x480 -depth 32
    }
 
    service vnc-800x600x32
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 800x600 -depth 32
    }
 
    service vnc-1024x768x32
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1024x768 -depth 32
    }
 
    service vnc-1280x1024x32
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1280x1024 -depth 32
    }
 
    service vnc-1600x1200x32
    {
      protocol = tcp
      socket_type = stream
      wait = no
      user = nobody
      server = /usr/bin/Xvnc
      server_args = -inetd -query localhost -once -geometry 1600x1200 -depth 32
    }

/etc/init.d/xinetd restart

This will end your X session!

/etc/init.d/xdm restart

vncviewer localhost:71

This will open up a 800x600x24bit client.

The last two numbers in the services file represent the resolution and color-depth. 1280x1024x8 is :53, 1280x1024x24 is :73.

• vncviewer manual page

You can/should use ssh (or other encryption) as tightvnc does not encrypt the connection (major security risk).

You can make a secure ssh tunnel for your vnc connection between client port 4961 and server port 5916:

ssh -C -L 4961:localhost:5961 my.dns-name.com

You will be asked for your home password. This makes an encrypted connection between my.dyndns-name.com:5961 and localhost:4961.

Add you@ in front of the domain (ssh -C -L 4961:localhost:5961 username@my.dns-name.com) to use a different username on the server.

Now, on the client, start a vncviewer and connect:

vncviewer -encodings „tight copyrect“ -quality 3 localhost:4961

• ssh manual page

Links:

• TightVNC Software
• Tightvnc thread in the Gentoo forums
• Apple Newton: newtVNC: VNC for the Newton

Manual pages:

• vncviewer
• Xvnc
• The kdm Handbook
• xdm
• gdm