Virtual Network Computing (VNC) server, aka remote desktop
From NAS-Central Buffalo - The Linkstation Wiki
|Line 62:||Line 62:|
Revision as of 17:28, 29 June 2006
1. Download the free Real VNC viewer from http://www.realvnc.com. Then install the VNC server, remote desktop, and related packages. Use the command:
apt-get install vnc4server xfonts-base icewm menu grun iceme icewm-themes iceconf icemc icepref xfe
2. Install Mozilla Firefox for web browsing:
apt-get install mozilla-firefox
3. Install the graphical package manager, Synaptic. You can use this instead of running apt-get or aptitude from the command line. Use the command:
apt-get install synaptic
4. Configure a VNC password. This setting is unique for each account on the Linkstation. If you are logged in as root, it will set the root password. If you are logged in as yourusername, it will set the password for yourusername. Use the command:
5. To start the VNC server use the command:
6. The VNC server will create a desktop for the user who started the server.
7. You can connect to the LinkStation using a VNC viewer. Connect to linkstation.ip.here:5901 if you are on the same (home) network or your.public.ip.here:5901 if you are accessing it via the Internet. This will require having the appropriate ports (5900 and 5901) forwarded on your router.
8. A more secure method of connection is to tunnel the VNC session over an encrypted SSH session.
a) Linux Client:
ssh -l root -L 5900:192.168.0.30:5900 -L 5901:192.168.0.30:5901 192.168.0.30
This would log into your linkstation 192.168.0.30 (replace by your real address) as root and forward the VNC ports 5900 and 5901 from your local machine to the linkstation. You may also use another user, it should work with any. Then launch vncserver in the terminal. Afterwards connect with a VNC viewer to "127.0.0.1:5901", note: you must connect to your LOCAL machine, not directly to your server, else the communication is not going over the secure tunnel!
A good idea would be to block VNC access from other machines on your linkstation and allow only localhost, as your tunnel would look like a local connect on the linkstation.
b) Windows client: A variation to tunnel over the internet using Vnc wrapped in SSH: Firstly install OpenSSH for windows (my preferred choice over Putty), then one can use the ssh command in the dos command line. Also install tightvnc -I just tend to use this one. Client setups only are necessary for SSH and VNC. Now type in a dos box:
ssh -L 5902:localhost:5901 firstname.lastname@example.orgORlocal.ip
NB. you don't need a high security risk exposed vnc port 5901 on the internet side of your router for ssh tunneling; only an ssh port. Also if you use non-standard ssh port-forwarding (e.g. 5922(say) instead of 22) to keep things more confusing (if not secure) then:
ssh -L 5902:localhost:5901 email@example.com -p externalsshport
Keeping the dos session running, now start up tightvnc (or other) and connect to localhost:2 and type in the linkstation's vnc password and you should be away. If it doesn't come up check that the LS vncserver is up
Here the LS's (ssh serving) port 5901 (vncserver:1) is relayed to 5902 on your client PC, then connecting to localhost:2 in the vnc client connects to port 5902 on the client PC. If you first started the vncserver as root then root's desktop will be vncserver:1 on LS's port 5901 ..and say the 3rd vncserver (say a user) will be on vncserver:3, port 5903. Change the second port number (ssh server) from 5901 to the desired user/desktop's port when ssh'ing in.
Relaying to another local network machine (e.g. a win box) bouncing through the linkstation is also possible -and is left for homework.. ;-) Further reading at:
This also extends to Linux and probably a Mac if there are suitable ssh and vnc clients. Maybe all a bit confusing at first but could(?) eventually ssh wrap any comms.
9. The remote desktop will remain as you left it even after you close the VNC viewer. To close your remote desktop, stop the VNC server. Use the command:
vncserver -kill :1
10. You may wish to update the remote desktop "start menu" by running the command: