Difference between revisions of "TigerVNC"
| (42 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | {{MessageBox| | |
| − | + | backgroundcolor	= #faa| | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| image	=Warning.png| | image	=Warning.png| | ||
| heading	=WARNING| | heading	=WARNING| | ||
| − | message = This  | + | message = Proceed with extreme caution.  This guidance has not been tested nor will be supported by Amahi.  Continuing could break your HDA and a reinstall from scratch may be necessary.}} | 
| − | + | <div style="border: 1px solid #A3B1BF; padding: .8em 1em; background-color: #E6F2FF; margin: 0px 1em;"> | |
| + | '''NOTE:''' The one-click [https://www.amahi.org/apps/vnc VNC App] has been discontinued for Amahi 7 or greater. The reason is that it pulls a lot of packages, including desktop and that breaks DNS in Fedora.</div> | ||
| + | <br /> | ||
| __TOC__ | __TOC__ | ||
| − | + | = Desktop Installation Amahi 8/9 = | |
| − | =  | ||
| − | For TigerVNC to work  | + | For TigerVNC to work a Desktop Environment must be installed even if the HDA does not boot to the selected Desktop Environment.   | 
| + | This guidance is based on a clean installation of Amahi 8 or 9, using the [[Amahi_8_Install|Fedora 21 Server DVD]] or [[Amahi_9_Install|Fedora 23 Server DVD]] install method. | ||
| + | == Cinnamon (Amahi 8/Fedora 21) == | ||
| + | * As root, install Cinnamon Desktop Environment: | ||
| − | + |  yum groupinstall "Cinnamon Desktop" --skip-broken | |
| − | + | The reason for '''--skip-broken''' is that Fedora Workstation contains several variant packages that would otherwise conflict with the Server versions. By passing this argument, we’re letting yum know that it is okay to skip those packages that would have conflicts. | |
| − | + | If you wish to boot Fedora into a graphical mode instead of console, as root use the following | |
| − | + |  systemctl set-default graphical.target | |
| − | + | == LXDE (Amahi 9/Fedora 23) == | |
| − | + | * As root, install LXDE Desktop Environment: | |
| − | + |  dnf group install lxde-desktop | |
| − | + | = TigerVNC Server Installation = | |
| − | + | * These steps are the same for Amahi 8 and Amahi 9 | |
| − | |||
| − | |||
| − | |||
| * It is recommended to only use TigerVNC on a secure network or via a VPN. | * It is recommended to only use TigerVNC on a secure network or via a VPN. | ||
| Line 53: | Line 42: | ||
|   yum install tigervnc-server |   yum install tigervnc-server | ||
| − | + | Note: For Fedora 23, use dnf instead of yum | |
| − | |||
| − | + | *Once install we need to create new configuration file, vncserver@.service is only a template file, from this we need to create a the following config file. | |
| − | *Once install we need to create new configuration file, vncserver@.service is only a template file, from this we need  | ||
|   cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:1.service |   cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:1.service | ||
| Line 110: | Line 97: | ||
|   WantedBy=multi-user.target |   WantedBy=multi-user.target | ||
| − | *Under [Service] replace with the  | + | *Under [Service] replace with the <USER> with the user name setup in Amahi/Fedora. For this example we will use tom. The modified file will look like this.   | 
|   [Service] |   [Service] | ||
|   Type=forking |   Type=forking | ||
| − | |||
|   # Clean any existing files in /tmp/.X11-unix environment |   # Clean any existing files in /tmp/.X11-unix environment | ||
| − |   ExecStartPre=-/usr/bin/vncserver -kill %i | + |   ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' | 
| − |   ExecStart=/usr/bin/vncserver %i | + |   ExecStart=/sbin/runuser -l tom -c "/usr/bin/vncserver %i" | 
| − |   ExecStop=/usr/bin/vncserver -kill %i | + |  PIDFile=/home/tom/.vnc/%H%i.pid | 
| + |   ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' | ||
| − | * Once the  | + | * Once the config file vncserver@:1.service has been modified we next run the command as root. | 
|   systemctl daemon-reload |   systemctl daemon-reload | ||
| + | |||
| + | |||
| + | * We now have to modify the firewall and open port 5901 in the iptables, run the command as root. | ||
| + | |||
| + |  iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 5901 -j ACCEPT | ||
| = Password Setup = | = Password Setup = | ||
| + | *These are universal for both Amahi 8 and 9 | ||
| * Set the VNC password for the user as defined in the vncserver@:1.service, this will create the .VNC folder for each user and place a file called passwd inside the folder. | * Set the VNC password for the user as defined in the vncserver@:1.service, this will create the .VNC folder for each user and place a file called passwd inside the folder. | ||
| − | * From the example log into terminal as  | + | * From the example log into terminal as the user, in this example it will be tom and run the following command | 
|   vncpasswd |   vncpasswd | ||
| Line 143: | Line 136: | ||
| = Setup Desktop Environment Access = | = Setup Desktop Environment Access = | ||
| − | * Modification of the ~/.vnc/xstartup will be required to  | + | * Modification of the ~/.vnc/xstartup will be required to run the Desktop Environment. At this point the xstartup file doesn't exist so we do the following. | 
| − | |||
| − | For this example we need to login as  | + | For this example we need to login as the user. | 
| * Create the xstartup file using the command below then copy/paste the required xstartup for the chosen desktop enviroment. | * Create the xstartup file using the command below then copy/paste the required xstartup for the chosen desktop enviroment. | ||
|   nano ~/.vnc/xstartup |   nano ~/.vnc/xstartup | ||
| − | + | == Amahi 8 (Fedora 21) == | |
| − | + | For the Cinnamon Desktop on Amahi 8 (Fedora 21), modify the xstartup to the below. | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|   #!/bin/sh |   #!/bin/sh | ||
|   # |   # | ||
| − | + |   exec /usr/bin/cinnamon-session | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + | == Amahi 9 (Fedora 23) == | ||
| + | For the LXDE Desktop on Amahi 9 (Fedora 23), modify the xstartup to the below. | ||
|   #!/bin/sh |   #!/bin/sh | ||
|   # |   # | ||
| − | + |   unset SESSION_MANAGER | |
| − | + |   unset DBUS_SESSION_BUS_ADDRESS | |
| − | + |   lxterminal & | |
| − | + |   /usr/bin/lxsession -s LXDE &lxterminal & | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + | = Starting Tiger VNC = | ||
| − | + | * Log back in as root and run the following the commands below to enable and start the vncservice. | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + |  systemctl enable vncserver@:1.service | ||
| + |  systemctl start vncserver@:1.service | ||
| = TigerVNC Server Commands= | = TigerVNC Server Commands= | ||
| Line 242: | Line 194: | ||
| = Multiple User Setup = | = Multiple User Setup = | ||
| − | * It is possible to setup multiple user login's  | + | * It is possible to setup multiple user login's. For this example with will create 2 other users, Dick & Harry. | 
| Line 252: | Line 204: | ||
| * For the example the commands will be | * For the example the commands will be | ||
| − | |||
|   adduser dick |   adduser dick | ||
| + |  adduser harry | ||
| * Then create a password for that user using the following command | * Then create a password for that user using the following command | ||
| Line 261: | Line 213: | ||
| * For this example the command will be | * For this example the command will be | ||
| − | |||
|   passwd dick |   passwd dick | ||
| + |  passwd harry | ||
| * When requested enter a password and renter the password to verify it for each user created. | * When requested enter a password and renter the password to verify it for each user created. | ||
| − | * Once the user are created we will need to assign configuration files for each user. For this will assign the following config files as followed. | + | * Once the user are created we will need to assign configuration files for each user. For this will assign the following config files as followed. Carry out the below as root. | 
| − | *  | + | * Dick will be assigned the following config file using the following. | 
|   cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:2.service |   cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:2.service | ||
| − | *  | + | * Harry will be assigned the following config file. | 
|   cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:3.service |   cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:3.service | ||
| Line 279: | Line 231: | ||
| − | * For  | + | * For Dick (under root control) | 
|   nano /lib/systemd/system/vncserver@:2.service |   nano /lib/systemd/system/vncserver@:2.service | ||
| Line 289: | Line 241: | ||
|   # Clean any existing files in /tmp/.X11-unix environment |   # Clean any existing files in /tmp/.X11-unix environment | ||
|   ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' |   ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' | ||
| − |   ExecStart=/sbin/runuser -l  | + |   ExecStart=/sbin/runuser -l dick -c "/usr/bin/vncserver %i" | 
| − |   PIDFile=/home/ | + |   PIDFile=/home/dick/.vnc/%H%i.pid | 
|   ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' |   ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' | ||
| − | * For  | + | * For Harry (under root control) | 
|   nano /lib/systemd/system/vncserver@:3.service |   nano /lib/systemd/system/vncserver@:3.service | ||
| Line 305: | Line 257: | ||
|   # Clean any existing files in /tmp/.X11-unix environment |   # Clean any existing files in /tmp/.X11-unix environment | ||
|   ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' |   ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' | ||
| − |   ExecStart=/sbin/runuser -l  | + |   ExecStart=/sbin/runuser -l harry -c "/usr/bin/vncserver %i" | 
| − |   PIDFile=/home/ | + |   PIDFile=/home/harry/.vnc/%H%i.pid | 
|   ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' |   ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' | ||
| Line 320: | Line 272: | ||
| − | *  | + | * Log in as each user and run the following command to create the xstartup file. | 
| + | |||
|   nano ~/.vnc/xstartup |   nano ~/.vnc/xstartup | ||
| − | |||
| − | |||
| − | |||
| − | + | * Again modify the xstartup file as above to use the cinnamon desktop environment. | |
| − | *  | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| * Once each xstartup file is modified we need to start each service. Login as root and run the following commands. | * Once each xstartup file is modified we need to start each service. Login as root and run the following commands. | ||
| Line 350: | Line 285: | ||
|   systemctl start vncserver@:3.service |   systemctl start vncserver@:3.service | ||
| − | * Once the services are running then each user can access their remote desktop using a client software as listed below. | + | * Once the services are running then each user can access their remote desktop using a client software as listed below. The ip address will depend on how you have setup your HDA. | 
| − | * From the example  | + | * From the example Dicks access ip address will be | 
|   192.168.1.10:2 |   192.168.1.10:2 | ||
| − | * For  | + | * For Harrys the access ip address will be   | 
|   192.168.1.10:3 |   192.168.1.10:3 | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| = Windows Client Software = | = Windows Client Software = | ||
| Line 412: | Line 312: | ||
| [[File:UltraVNC_Screen1.png]] | [[File:UltraVNC_Screen1.png]] | ||
| − | If connection is successful it will  | + | If connection is successful it will ask for a password, which is the password entered from the setup above. | 
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Latest revision as of 18:16, 7 May 2016
|   | WARNING | 
|---|---|
| Proceed with extreme caution. This guidance has not been tested nor will be supported by Amahi. Continuing could break your HDA and a reinstall from scratch may be necessary. | 
Contents
Desktop Installation Amahi 8/9
For TigerVNC to work a Desktop Environment must be installed even if the HDA does not boot to the selected Desktop Environment.
This guidance is based on a clean installation of Amahi 8 or 9, using the Fedora 21 Server DVD or Fedora 23 Server DVD install method.
Cinnamon (Amahi 8/Fedora 21)
- As root, install Cinnamon Desktop Environment:
yum groupinstall "Cinnamon Desktop" --skip-broken
The reason for --skip-broken is that Fedora Workstation contains several variant packages that would otherwise conflict with the Server versions. By passing this argument, we’re letting yum know that it is okay to skip those packages that would have conflicts.
If you wish to boot Fedora into a graphical mode instead of console, as root use the following
systemctl set-default graphical.target
LXDE (Amahi 9/Fedora 23)
- As root, install LXDE Desktop Environment:
dnf group install lxde-desktop
TigerVNC Server Installation
- These steps are the same for Amahi 8 and Amahi 9
- It is recommended to only use TigerVNC on a secure network or via a VPN.
- As root, install the server:
yum install tigervnc-server
Note: For Fedora 23, use dnf instead of yum
- Once install we need to create new configuration file, vncserver@.service is only a template file, from this we need to create a the following config file.
cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:1.service
- Open the new configuration file
nano /lib/systemd/system/vncserver@:1.service
- The configuration will look like this
# The vncserver service unit file
#
# Quick HowTo:
# 1. Copy this file to /etc/systemd/system/vncserver@:<display>.service
# 2. Edit <USER> and vncserver parameters appropriately
#   ("runuser -l <USER> -c /usr/bin/vncserver %i -arg1 -arg2")
# 3. Run `systemctl daemon-reload`
# 4. Run `systemctl enable vncserver@:<display>.service`
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted!  For a secure way of using VNC, you should
# limit connections to the local host and then tunnel from
# the machine you want to view VNC on (host A) to the machine
# whose VNC output you want to view (host B)
#
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
#
# this will open a connection on port 590N of your hostA to hostB's port 590M
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
# See the ssh man page for details on port forwarding)
#
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
# the help of ssh, you end up seeing what hostB makes available on port 590M
#
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
#
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel.  See the "-via" option in the
# `man vncviewer' manual page.
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=forking
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l <USER> -c "/usr/bin/vncserver %i"
PIDFile=/home/<USER>/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[Install]
WantedBy=multi-user.target
- Under [Service] replace with the <USER> with the user name setup in Amahi/Fedora. For this example we will use tom. The modified file will look like this.
[Service] Type=forking # Clean any existing files in /tmp/.X11-unix environment ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' ExecStart=/sbin/runuser -l tom -c "/usr/bin/vncserver %i" PIDFile=/home/tom/.vnc/%H%i.pid ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
- Once the config file vncserver@:1.service has been modified we next run the command as root.
systemctl daemon-reload
- We now have to modify the firewall and open port 5901 in the iptables, run the command as root.
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 5901 -j ACCEPT
Password Setup
- These are universal for both Amahi 8 and 9
- Set the VNC password for the user as defined in the vncserver@:1.service, this will create the .VNC folder for each user and place a file called passwd inside the folder.
- From the example log into terminal as the user, in this example it will be tom and run the following command
vncpasswd
- The following response will appear waiting for a password to be entered
Password:
- The following response will appear waiting to verify the password entered.
Verify:
Setup Desktop Environment Access
- Modification of the ~/.vnc/xstartup will be required to run the Desktop Environment. At this point the xstartup file doesn't exist so we do the following.
For this example we need to login as the user.
- Create the xstartup file using the command below then copy/paste the required xstartup for the chosen desktop enviroment.
nano ~/.vnc/xstartup
Amahi 8 (Fedora 21)
For the Cinnamon Desktop on Amahi 8 (Fedora 21), modify the xstartup to the below.
#!/bin/sh # exec /usr/bin/cinnamon-session
Amahi 9 (Fedora 23)
For the LXDE Desktop on Amahi 9 (Fedora 23), modify the xstartup to the below.
#!/bin/sh # unset SESSION_MANAGER unset DBUS_SESSION_BUS_ADDRESS lxterminal & /usr/bin/lxsession -s LXDE &lxterminal &
Starting Tiger VNC
- Log back in as root and run the following the commands below to enable and start the vncservice.
systemctl enable vncserver@:1.service systemctl start vncserver@:1.service
TigerVNC Server Commands
- The following commands will allow you to start on boot and start the vncserver service.
systemctl enable vncserver@:1.service systemctl start vncserver@:1.service
- The following commands will allow you to disable start on boot and stop the vncserver service.
systemctl disable vncserver@:1.service systemctl stop vncserver@:1.service
- The following command will restart the vncserver service.
systemctl restart vncserver@:1.service
- The following command will display the status of the vncserver service.
systemctl status vncserver@:1.service
- The following command will stop the vncserver.
pkill vnc
Multiple User Setup
- It is possible to setup multiple user login's. For this example with will create 2 other users, Dick & Harry.
- First we need to create these user, either using the Amahi Dashboard under the USER setting or by the following commands under root control.
adduser <user name>
- For the example the commands will be
adduser dick adduser harry
- Then create a password for that user using the following command
passwd <user name>
- For this example the command will be
passwd dick passwd harry
- When requested enter a password and renter the password to verify it for each user created.
- Once the user are created we will need to assign configuration files for each user. For this will assign the following config files as followed. Carry out the below as root.
- Dick will be assigned the following config file using the following.
cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:2.service
- Harry will be assigned the following config file.
cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:3.service
- Once the config files are created we will need to modify them for the correct user access. Accessing the files using your favourite editor the config files need to be modified under [Service] to reflect the assigned user. For this example the files should look like the following.
- For Dick (under root control)
nano /lib/systemd/system/vncserver@:2.service
- Then modify the [Service] as followed
[Service] Type=forking # Clean any existing files in /tmp/.X11-unix environment ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' ExecStart=/sbin/runuser -l dick -c "/usr/bin/vncserver %i" PIDFile=/home/dick/.vnc/%H%i.pid ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
- For Harry (under root control)
nano /lib/systemd/system/vncserver@:3.service
- Then modify the [Service] as followed
[Service] Type=forking # Clean any existing files in /tmp/.X11-unix environment ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :' ExecStart=/sbin/runuser -l harry -c "/usr/bin/vncserver %i" PIDFile=/home/harry/.vnc/%H%i.pid ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
- Once all the vncserver@:#.service files have been created and modified we then run the following command (as root)
systemctl daemon-reload
- We need to assign password to access vnc-server for each user, for this each user needs to login in via terminal and run the the command as below, this will be the same procedure as described under the password section
vncpasswd
- Once each user has created a password, then each user needs to login in via terminal and modify the xstarup file to reflect the chosen desktop environment as listed above. As above the xstartup file doesn't exist yet so each user will need make a xstartup file.
- Log in as each user and run the following command to create the xstartup file.
nano ~/.vnc/xstartup
- Again modify the xstartup file as above to use the cinnamon desktop environment.
- Once each xstartup file is modified we need to start each service. Login as root and run the following commands.
systemctl enable vncserver@:2.service systemctl enable vncserver@:3.service systemctl start vncserver@:2.service systemctl start vncserver@:3.service
- Once the services are running then each user can access their remote desktop using a client software as listed below. The ip address will depend on how you have setup your HDA.
- From the example Dicks access ip address will be
192.168.1.10:2
- For Harrys the access ip address will be
192.168.1.10:3
Windows Client Software
Download the latest Windows Client Software
Using UltraVNC for this example enter in the VNC Server text Box your hda ip address location with :1 as per the example picture below
The :1 refers to the vncserver@:1.service file that was modified
If connection is successful it will ask for a password, which is the password entered from the setup above.

