Rexiology::Work

Microsoft, Information Technologies...

Community

News

  • From Taiwan, living and working at Tokyo, Japan.




Recent Posts

Tags

Microsoft Sites

Other Sites

Blog pools

Bloggers

Archives

Site Info



Locations of visitors to this page




Logos & Chicklets


GeoURL


Rex's Certifications
Rex's Certifications


Creative Commons授權條款
本 著作 係採用
Creative Commons 授權條款



Windows X client (server) to connect Linux server - XDMCP and VNC approaches...

 

Well, still been busy on procesing my working visa things so recently didn't update this blog often. everything is going well and now all I have to do is wait for the process result. during this month my current company just move to a new big office and also the company's System and Networking engineer resigned his work before the office move. so we as developers also have to plan the new office's network topology, buying necessary network equipments, setting up NTT VDSL and office network routing to make the new office network working like usual. We as developers also need to touch the system maintainance things to manage those linux servers, some real ip for staging server is changed and have to change firewall so that it can work like usual, things like that. it's a big headache for me counting as a Windows pro but rarely know things on linux system, but I still managed to overcome all this and make it to here. that's the reason I didn't write things in this month, tooooooo busy!!

just spend the whole weekend studying most of fundamental things of a linux system. I managed to setup a Fedora Core 6 system on VMWare 5.5 inside my LAN to have an experiment env. for testing those linux commands during my reading. The goal is to understand and know how to setup those network services like DNS / Firewall / Software Router / Mail Server / WWW server / Database Systems on a linux env. just like what I can easily do those on a Windows server system. but after I've get used to use SSH clients to operate the server on shell mode, and before I started to study those network services, I am still likely to have a Window system on my linux server so that I can have not only terminals but also those GUI dev. env.s like Eclipse. so I started digging those info about setting up windows X server (client) to connect remote linux server using X protocol and VNC. the goal is to do this remote connecting things just like I can easily terminal service to a Windows server. and here we go.

My primary info is mostly from http://linux.vbird.org , which is written in Chinese, actually the author also got those contents published in books selling at Taiwan area, get one of them if you feel needed. Thanks to VBird for organizing those info systematically...

First of all, some nice ssh clients people used in Japan area:

some nice ftp and scp clients people use in Japan area:

some famous Windows X Server:

I am using the latest version of Fedora Core 6 (2.6.18-1.2849.fc6) to set up my linux server on VMWare 5.5.3 build 34685. notice that when setup the VM the FC6 DVD iso installer seems not knowing VMWare's SCSI disk and will not find any patition during installation, thus I had changed the disk type to IDE to let the installation process finished without toubles.

After installation, first SSH to the server, su to root, and then setting up the firewall rules. I'll allow the LAN area to access my linux server only. if using the default setup during the installation, iptables and TCP_Wrappers (hosts.allow / hosts.deny) were enabled by default. (I've disable SELinux first during the installation to prevent more permission trouble now). so first to touch the iptables things:

  • Edit "/etc/sysconfig/iptables" (in below follow the order to input line by line, firewall rules got orders)
  • add "-A RH-Firewall-1-INPUT -p udp --dport 177 -s 192.168.1.0/24 -j ACCEPT" to allow LAN to pass xdmcp udp 177 port
  • add "-A RH-Firewall-1-INPUT -p udp --dport 177 -j REJECT" to block other subnet to using xdmcp.
  • add a row allow access to LAN IPs like "-A RH-Firewall-1-INPUT -i eth0 -s 192.168.1.0/24 -j ACCEPT"
  • "eth0" is the main network interface, "192.168.1.0/24" is the LAN subnet, "RH-Firewall-1-INPUT" is the default chain name set when installing the server
  • save the file and restart iptables by issuing "/etc/init.d/iptables restart"

after iptables were set, the next is to also set TCP_Wrappers:

  • Edit "/etc/hosts.allow"
  • add access grant to local LAN, like "ALL: 192.168.1.0/255.255.255.0 : ALLOW"
  • edit "/etc/hosts.deny"
  • add no access to others not set like "ALL : ALL : DENY"
  • in old linux like RedHat 7.x, it's needed to restart xinetd service to let new settings take effect.
  • in new linux like Fedora Core 6, change will take effect immidiately once saved those files.

after setting the firewall, it's time to start configuring xdmcp.

I am using KDE as my Window Manager, so I have to enable kdm to accept xmdcp at udp port 177:

  • edit kdmrc at "/etc/X11/xdm/kdmrc"
  • on [Xdmcp] block enabling the following:
  • Enable=true
  • Port=177 (uncomment it)
  • predefined in the file for Xaccess is "Xaccess=/usr/share/config/kdm/Xaccess" , change to "Xaccess=/etc/X11/xdm/Xaccess" for easy management
  • on [X-:*-Core] block do the following to enable X listening to tcp port:
  • comment "ServerArgsLocal=-nolisten tcp"
  • umcomment "ServerArgsRemote="
  • save the file and exit.

before start kdm , do a "killall kdm" to make sure no kdm is running . using "netstat -tunlp" to check the process and ports been listening. after running "kdm" on shell, check the port listenning again. there should be a kdm process listening udp 177 port, also couple X processes listening tcp port 6000. if you see things like this, the server side settings are done.

using X-Win32 or Exceed on your windows client, you can either using broadcast mode to let the client find the xdmcp listener for you or using query mode to specify the ip address of the linux server to connect. after connect it will look like this:

xdmcp1.jpg

that's all about using windows and xdmcp to connect a linux server using X window interface.

As using xdmcp, the client and server are using X protocol to communicate, and may using a lot of bandwidth thus it should be pretty ok if using on a local LAN but should be not suitable on a internet environment, especially if only have a low bandwidth ADSL network.

VNC had always been our good friend long time ago. it use lower bandwidth and thus makes it suitable via internet, just like what we are always using Windows RDP terminal service in windows world. 

It is also possible to using VNC as network protocol, instead communicate using X, to display X env. in a windows or other client like Mac, since VNC viewer now can be installed on many platforms (and it's free!) thus make this way more convenient for our work.

let's setup a VNC server on linux and still using xdmcp to let VNC client be able to connect to KDE just like using a X server on windows client. the way this is working is because of that now VNC server is acting as network server to send the desktop to VNC client and it's reside in linux server and communicate with xdmcp and X inside the machine "locally"!!

first of all, configuring vncserver on linux (make sure you install it or just RPM and install):

  • edit "/etc/sysconfig/vncservers"
  • comment everything and add the following:
  • add : VNCSERVERS="1:user"
  • add : VNCSERVERARGS[1]="-geometry 1152x864 -query localhost" # 1152x864 is screen resolution, "-query localhost" is to instruct vnc server to query local X and thus will connect to kdm and KDE.
  • the setting above is to open only one vnc server for once user listen to port 5900+1 = 5901. for setting up more then 1 vnc server, using the following settings:
  • add : VNCSERVERS="1:user1 2:user2 3:user3"
  • add : VNCSERVERARGS[1]="-geometry 1152x864 -query localhost"
  • add : VNCSERVERARGS[2]="-geometry 1152x864 -query localhost"
  • add : VNCSERVERARGS[3]="-geometry 1152x864 -query localhost"
  • save the file and exit editor
  • before start vncserver, make sure you start kdm already (netstat -tunpl to check process running and ports been listening).
  • start vncserver by issuing "/etc/init.d/vncserver start"
  • the users specified above, will then all have a .vnc directory in their home dir.
  • su to each above users
  • edit the ~/.vnc/xstartup file and comment out everything (by default it's using twm as window manager so just comment out them).
  • save the file and exit the editor
  • issue "vncpasswd" to set the vnc viewer password for current user
  • exit this user and su to the other user
  • after edit all the xstartup file and setup vncpasswd for users specified in vncservers file, restart vncserver and kdm by issuing the following commands:
  • issue "/etc/init.d/vncserver stop "
  • issue "killall kdm"
  • the above is to clear vncserver and kdm, now start them again
  • issue "kdm"
  • issue "/etc/init.d/vncserver start"
  • depending on how many users you set on vncservers file, corresponding vncserver will be setup on port 5900+1 , +2 , +3 waiting for connection.
  • server setting is finished.

now at windows or other client like Mac or other linux GUI env.s, using VNC viewer to connect to the linux server using the ports specified above (5901 ,5902, 5903), you should also see the KDE login window in those 3 VNC sessions just like what you do using X-Win32 and xdmcp. (make sure you've opened 590x ports on your iptables settings, I've already opened my LAN for free access to server so it's no problems on connections here.) pic like this:

xdmcpvnc1.jpg

that's it, now I can have X window on my windows client to work on those linux tasks, not bad...

Technorati Tags: linux , redhatfedoraxwindowvncxdmcpx-win32exceed

 

Comments

Rexiology::Work said:

 
The title came from VMWare KB and just said exactly the problems I've faced those 2 days!
As...
# December 20, 2006 12:10 PM

Rexiology... said:

crosspost from http://rextang.net/blogs/work/ The title came from VMWare KB and just said exactly the
# December 20, 2006 12:12 PM