VNC的安装与配置
一,安装tigervnc-server VNC软件包
[root@localhost ~]# yum install tigervnc-server设置开机自启动
[root@localhost ~]# chkconfig --level 35 vncserver on
查看配置文件所在位置
[root@localhost ~]# rpm -qc tigervnc-server
/etc/sysconfig/vncservers
二.目的:以vistor用户启动第一个端口,即5901,以student用户启动第二个端口,即5902
[root@localhost ~]# vim /etc/sysconfig/vncservers
VNCSERVERS="1:visitor 2:student"
VNCSERVERARGS[1]="-geometry 1400x900 -nolisten tcp -localhost
VNCSERVERARGS[2]="-geometry 1400x900 -nolisten tcp -localhost
以vnc使用用户登录系统,创建vnc密码,vncpasswd
[root@localhost ~]# su - visitor
[visitor@localhost ~]$ vncpasswd
Password: 输入密码
Password must be at least 6 characters - try again
Password: 再次输入密码
Verify:
启动服务一次,生成 /home/visitor/.vnc/xstartup
[visitor@localhost ~]$ vncserver
New 'localhost.localdomain:1 (visitor)' desktop is localhost.localdomain:1
Starting applications specified in /home/visitor/.vnc/xstartup
Log file is /home/visitor/.vnc/localhost.localdomain:1.log
查看已经打开的vnc服务,关闭服务
[visitor@localhost ~]$ vncserver -list
TigerVNC server sessions:
X DISPLAY # PROCESS ID
:1 5567
[visitor@localhost ~]$ vncserver -kill :1
Killing Xvnc process ID 5567
[visitor@localhost ~]$ exit
logout
[root@localhost ~]# su - student
[student@localhost ~]$ vncpasswd
Password:
Verify:
[student@localhost ~]$ vncserver
xauth: creating new authority file /home/student/.Xauthority
New 'localhost.localdomain:1 (student)' desktop is localhost.localdomain:1
Creating default startup script /home/student/.vnc/xstartup
Starting applications specified in /home/student/.vnc/xstartup
Log file is /home/student/.vnc/localhost.localdomain:1.log
[student@localhost ~]$ vncserver -list
TigerVNC server sessions:
X DISPLAY # PROCESS ID
:1 8764
[student@localhost ~]$ vncserver -kill :1
Killing Xvnc process ID 8764
[student@localhost ~]$ exit
logout
三,启动服务
[root@localhost ~]# /etc/init.d/vncserver start
正在启动 VNC 服务器:1:visitor
New 'localhost.localdomain:1 (visitor)' desktop is localhost.localdomain:1
Starting applications specified in /home/visitor/.vnc/xstartup
Log file is /home/visitor/.vnc/localhost.localdomain:1.log
2:student
New 'localhost.localdomain:2 (student)' desktop is localhost.localdomain:2
Starting applications specified in /home/student/.vnc/xstartup
Log file is /home/student/.vnc/localhost.localdomain:2.log
[确定]
四.添加防火墙配置
[root@localhost ~]# vim /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5902 -j ACCEPT
[root@localhost ~]# service iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
五.远程访问
六.使用安全的SSH进行连接
VNC 是明文的,不安全的.连接过程可能会被窃听,干扰.可以使用SSH通道加密,然后再由远程主机的回环地址通信,加大了安全性.
[root@localhost ~]# vim /etc/sysconfig/vncservers
VNCSERVERARGS[1]="-localhost"
[11:30:18 talen@BJB0300 ~ ]$ vncviewer -via visitor@172.31.0.128 localhost:1
这里的localhost是远程主机的回环地址,由远程主机解析
七.生成密码文件,无输入密码登录
[root@localhost ~]# vncpasswd virtual
Password:
Verify:
[13:43:02 talen@BJB0300 study ]$ vncviewer -passwd ~/study/virtual -via root@172.31.0.128 localhost:3
八.多用户配置
VNCSERVERS="3:root 2:student"
VNCSERVERARGS[2]="-geometry 800x600 -localhost"
VNCSERVERARGS[3]="-geometry 1024x768 -localhost"