Tuesday, June 26, 2012

X11vnc on Centos 6.0 (insecure connection)

Installing X11vnc

Often you will need remote access to an already logged in GUI session on a "real" console. Or you will need to help another user remotely with an GUI or visual issue. You will need either "vnc-server" or "x11vnc". The vnc-server option will be a module added to X11 for "allways on" vnc support, while x11vnc will allow for adhoc vnc support. vnc-server install will require no third party repos or source building.

x11vnc is a way to view remotely and interact with real X displays (i.e. a display corresponding to a physical monitor, keyboard, and mouse) with any VNC viewer. In this way it plays the role for Unix/X11 that WinVNC plays for Windows.

1. Download the latest rpm install from http://dag.wieers.com/rpm/packages/x11vnc/ to the host you want the vnc-client to connect to:
[root@edp-01 ~]# wget http://dag.wieers.com/rpm/packages/x11vnc/x11vnc-0.9.3-1.el5.rf.i386.rpm
2. Install, as root, via the yum or rpm programs on the host you want the vnc-client to connect to:
[root@edp-01 ~]# rpm -ivh  x11vnc-0.9.3-1.el5.rf.i386.rpm
Or
[root@edp-01 ~]# yum install x11vnc-0.9.3-1.el5.rf.i386.rpm

Configuring firewall option


The iptables rules in /etc/sysconfig/ need to be amended to open the VNC ports; as needed, if a local ipv6 setup is being used, those need to be amended as well: 
[root@edp-01 ~]# mcedit /etc/sysconfig/iptables
add folowing line to the iptables file :
-A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 5900:5903,6001:6003 -j ACCEPT
So it look like : 
[root@edp-01 ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 5900:5903,6001:6003 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT ... and then restart the iptables:
[root@edp-01 ~]# /etc/init.d/iptables restart

Starting x11vnc

Start the x11vnc process on the host you want the vnc-client to connect to. Please take a long look at the possible options from the x11vnc website. A very simple/insecure example for a trusted network setup (local network or VPN) is to have the user with the GUI console issue the command:
[root@edp-01 ~]# x11vnc -nopw -display :0.0

Accessing x11vnc


Install VNC viewer on client computer next. Download from the site below to install. http://www.realvnc.com/products/free/4.1/download.html Start VNC viewer after installing. Then following scrren is shown. Input [(Server's hostname or IP address):(display number)] like following example.


Just choose continue if you asked for encrypted connection.

 

And the result is:

 

End

Referensi : Referensi 01

No comments: