精華區beta TTU-I90B 關於我們 聯絡資訊
http://fedoranews.org/tchung/vnc/index.shtml 1. Do you have it in my system ? Type following command to check if you have the client and server installed in your system. [tchung@tchung101 tchung]$ rpm -q vnc vnc-server vnc-4.0-0.beta4.3.2 vnc-server-4.0-0.beta4.3.2 [tchung@tchung101 tchung]$ 2. To configure vncserver as a service on your system, add yourself in following config file. [tchung@tchung101 tchung]$ sudo vi /etc/sysconfig/vncservers # The VNCSERVERS variable is a list of display:user pairs. # # Uncomment the line below to start a VNC server on display :1 # as my 'myusername' (adjust this to your own). You will also # need to set a VNC password; run 'man vncpasswd' to see how # to do that. # # DO NOT RUN THIS SERVICE if your local area network is # untrusted! For a secure way of using VNC, see # URL:http://www.uk.research.att.com/vnc/sshvnc.html # VNCSERVERS="1:myusername" VNCSERVERS="1:tchung" 3. Before starting vncserver as a service, let's create a vnc password with vncpa sswd command. Notice it creates a hidden directory .vnc under your home account with file pa sswd which contains your vnc password. [tchung@tchung101 tchung]$ vncpasswd Password: Verify: [tchung@tchung101 tchung]$ ls -d .vnc .vnc [tchung@tchung101 tchung]$ ls .vnc passwd [tchung@tchung101 tchung]$ 4. Now let's start vncserver as a service. [tchung@tchung101 tchung]$ sudo /sbin/service vncserver start Starting VNC server: 1:tchung [ OK ] [tchung@tchung101 tchung]$ Take a look at the contents of .vnc directory now. You should have something s imiliar to following. [tchung@tchung101 tchung]$ cd .vnc [tchung@tchung101 .vnc]$ ls passwd tchung101:1.log tchung101:1.pid xstartup [tchung@tchung101 .vnc]$ If you edit the script called xstartup, you will notice following comment in r ed. Uncomment those two lines in red as shown below!!! Otherwise, you will get not hing but grey screen. #!/bin/sh # Uncomment the following two lines for normal desktop: unset SESSION_MANAGER exec /etc/X11/xinit/xinitrc [ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources xsetroot -solid grey vncconfig -iconic & xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & twm & 5. Since we've just edited vnc startup script, let's restart the vncserver. [tchung@tchung101 tchung]$ sudo /sbin/service vncserver restart Shutting down VNC server: 1:tchung [ OK ] Starting VNC server: 1:tchung [ OK ] [tchung@tchung101 tchung]$ So how do I connect to vncserver? Use vncviewer command in vnc client as follo wing. [tchung@tchung101 tchung]$ vncviewer localhost:1 UPDATE: To connect to a remote system with firewall, port 5901 needs to be open. Add following line in red to open port 5901 and restart iptables service. [tchung@tchung101 tchung]$ sudo vi /etc/sysconfig/iptables # Firewall configuration written by redhat-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCE PT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT [tchung@tchung101 tchung]$ sudo /sbin/service iptables restart Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: [ OK ] [tchung@tchung101 tchung]$ To enable two different users in vncservers: VNCSERVERS="1:tchung 2:thomasc" You will, of course have to run vncpasswd for both users. Also in your firewal l update, you may want to clarify that VNC uses port 5901 for connection 1. If you had both users above, you would have to have ports 5901 and 5902 open.