LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 06-20-2003, 04:31 PM   #1
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Rep: Reputation: 52
Running Tightvnc


Hello everyone,

I searched through the threads about Tightvnc but I still couldn't find my answer. I have redhat 7.3 and I installed both:

tightvnc-1.2.6-2.i386.rpm
tightvnc-server-1.2.8-1.i386.rpm

Now my question is...how do you run the application and set it up? Thanx for any advice and help out there. I greatly appreciate it


-twantrd
 
Old 06-20-2003, 05:10 PM   #2
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
try this..
service vncserver start

if you want it to start on boot ( not recommended ) do this..
chkconfig vncserver on

to turn off..
service vncserver stop

to disable on bootup..
chkconfig vncserver off

If this is used on a non-trusted network you should use ssh

forward the vncserver port to the local machine, start vncserver when you get logged in, start vncviewer on the local machine connecting to the local forwarded port. close vncserver before logout.

just a suggestion

http://www.uk.research.att.com/vnc/sshvnc.html
 
Old 06-20-2003, 05:22 PM   #3
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
here's an example


ssh -L 5900:localhost:5901 remotehost

enter the command to start server after login..
vncserver

now on the local machine

vncviewer localhost:5900
enter password

a window opens with the desktop in it
 
Old 06-20-2003, 05:48 PM   #4
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
it might be a little faster if you use this

ssh -C -c blowfish -L 5900:localhost:5901 remotehost
 
Old 06-20-2003, 08:31 PM   #5
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Original Poster
Rep: Reputation: 52
Wow, thanx for your help guys...Ok, now I'm running the vncserver. How do I set it up so that if I log on using a web browser (port 80) I can see my home computer (running linux redhat with vnc)? Thanx again...if I can get this puppy up...you guys are the greatest!!

-twantrd
 
Old 06-20-2003, 08:51 PM   #6
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
wait!

you want to have your desktop show in a browser on port 80?

what? No!

What?

Last edited by DavidPhillips; 06-20-2003 at 08:53 PM.
 
Old 06-20-2003, 09:04 PM   #7
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
Please don't do that

use this if it forwarded with ssh as shown above

http://localhost:5900

or if not

http://servername:5901
 
Old 06-21-2003, 05:12 PM   #8
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
or forward the port to port 80 if you want, but I would not do that.

make sure you have no web server running there
 
Old 06-21-2003, 05:41 PM   #9
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Original Poster
Rep: Reputation: 52
Thanx, I understand the insecurity reasons for not forwarding to port 80. The reason why I wanted to do that is for testing only. I got the vncserver running and it works fine if i do this:

http://<my ip address:5801>

How would I configure vncserver so that it will listen to connections on port 80? Is there a file that I can edit? Thanx for the help..much appreciated

-twantrd
 
Old 06-22-2003, 12:04 AM   #10
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
Actually you don't want to do anything to vnc, you just want to use iptables to redirect any connections to port 80 over to the port that vnc is already on.

so if the interface that poeple will connect to is eth0 and vnc is on 5901 then this will do it


iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 5901
 
Old 06-22-2003, 01:12 AM   #11
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Original Poster
Rep: Reputation: 52
Hey David,

Thanx for the help, I'll try it. Hopefully this command works because im using ipchains. I'll let you know...thanx again!

-twantrd
 
Old 06-22-2003, 09:11 PM   #12
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
no it won't work, it works with iptables

ipchains -A input -i eth0 -p tcp -d 0.0.0.0/0 80 -j REDIRECT 5901
 
Old 06-23-2003, 07:05 PM   #13
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
I have looked into this more today.

This is what I think is the best way to access your desktop from any browser on any OS without risk of giving people access.


first part is to use apache web server

here is the Virtual Host section of the httpd.conf

<VirtualHost *>
ServerAdmin admin@domain.com
DocumentRoot /var/www/unsecure/vnc
ServerName vnc.domain.com
ErrorLog logs/dcp-error_log
CustomLog logs/dcp-access_log common
</VirtualHost>


note the folder in this Virtual Host is /var/www/unsecure/vnc

the index.php file there contains the following

<?php
header("Location: https://vnc.domain.com");
exit();
?>


now this will redirect any connection by http to https which will secure the connection before login. Also all data is secure.

Here is the secure Virtual Host section of httpd.conf

<VirtualHost *:443>
Port 443
DocumentRoot "/usr/share/vnc/classes"
ServerName vnc.domain.com
ServerAdmin admin@domain.com
ErrorLog logs/vnc_ssl-error_log
TransferLog logs/vnc_ssl-access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>


ok, this puts a browser connection to vnc.domain.com in the folder /usr/share/vnc/classes

now in that folder you need an index.html

example index.html

<HTML>
<TITLE>
VNC Desktop
</TITLE>
<APPLET CODE=vncviewer.class ARCHIVE=vncviewer.jar
WIDTH=800 HEIGHT=600>
<param name=PORT value=5902>
</APPLET>
</HTML>

The port here is an example of what you need if the vncserver is on vnc.domain.com:2

If you want more security to access the folder use something like this

<Directory /usr/share/vnc/classes>
Options +Indexes
AuthType Basic
AuthName vncUser
AuthUserFile /var/www/access/vnc/.htpasswd
EnableDelete Off
umask 007
require valid-user
</Directory>






If you want to get fancy with this I guess you could have a page where you login and it lets you start vncserver then connects you to the port it's on.

This is just the basics.

Last edited by DavidPhillips; 06-23-2003 at 07:07 PM.
 
Old 06-23-2003, 07:42 PM   #14
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
Here is an example,

note the secure connection icon in the vnc browser status bar

http://my.awesomenet.net/~phillips/i.../vncscreen.jpg

Last edited by DavidPhillips; 06-23-2003 at 07:48 PM.
 
Old 06-24-2003, 01:18 AM   #15
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Original Poster
Rep: Reputation: 52
Wow, i'll give that shot, thank you very much david!!!

-twantrd
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
tightvnc help greenmeanie Mandriva 5 12-12-2004 11:01 AM
TightVNC help, please. The Bane Linux - Software 5 08-05-2004 09:15 PM
tightvnc+X tsitras Linux - Software 2 03-24-2004 04:23 PM
Tightvnc len Linux - Software 11 06-24-2003 04:31 PM
TightVNC jeffer Linux - Software 1 05-22-2003 11:06 AM


All times are GMT -5. The time now is 12:31 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration