VNC (Virtual Network Computing) is a program for logging into remote machines, starts some utilities and let them display on you local computer. (see Fig. 1 above). It is intended to replace other similar software like Xoftware Exceed, Chamaleon and others and provide secure encrypted communications between two hosts over an insecure network when used in with the Secure Shell (see Fig. 2 above and later on below).
Using VNC you can view, and even control, a PC from a SUN, a SUN from a PC,
a Mac from a PC, a Linux computer from a SUN, etc.
It is useful for working on one machine {SUN¦PC¦Mac¦Linux} from another one,
or for monitoring remote (e.g. lab or control) machines.
The "VNC" software consists of the following programs for each platform (see documentation):
| vncserver | this is a script which will start the actual (X-)VNC server on the remote host |
| vncviewer | the (X-)VNC viewer on your local machine |
| vncpasswd | we need to set a password for the session to guarantee your privacy |
| Xvnc | this is the real X-VNC server program. You will never use it directly |
I could discuss this matter (VNC) with the people
of the ISG.EE and we found the solution.
Basically here again how you must proceed:
---------------------------------------------------------------------
1) make sure that you have a subdirectory called ".vnc" in
your home directory. To check it log in into a Linux
machine and type:
ls -ld ~/.vnc
---------------------------------------------------------------------
2) make sure that in the directory mentioned above there is
a file called xstartup. I will suggest this content that
you can copy and paste into it tipping this command:
cat >~/.vnc/xstartup
<-- here copy and paste the following text:
#!/bin/sh
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#xsetroot -solid grey
vncconfig -iconic &
/usr/isgtc/bin/launchx2 kde &
xterm -geometry 80x24+10+10 -ls -title "Desktop on `uname -n`" &
Then press CTRL+D to end the insert (cat) process and close the file.
( CTRL+D means: keep both keys pressed at the same time: "Control" and "d").
---------------------------------------------------------------------
3) from your machine start a connection to the "server" machine using a secure
shell connection and on the server type the command "who" to see which
"display" numbers are already used by other people. Example:
cariddi:ballisti:[ballisti]:351 % who
ballisti pts/0 Aug 11 09:12 (scilla.ee.ethz.ch)
lrickard :3 Aug 12 09:54
thomaska :4 Oct 6 13:57
pascal pts/3 Aug 18 16:35 (:11.0)
pascal pts/4 Aug 19 15:15 (:11.0)
pascal :11 Aug 18 10:34
pascal pts/1 Aug 18 10:34 (:11.0)
pascal pts/2 Aug 18 16:33 (:11.0)
pascal pts/6 Aug 20 13:53 (:11.0)
pascal pts/5 Aug 21 08:31 (:11.0)
lyudylai :8 Sep 22 09:27
pascal pts/8 Aug 27 08:56 (:11.0)
matthewm pts/9 Oct 5 22:35 (localhost:14.0)
patrilei pts/10 Oct 2 15:07 (agena.ee.ethz.ch)
lliu :12 Oct 4 22:46
wangm :2 Oct 4 16:25
matthewm pts/16 Oct 5 21:21 (localhost:15.0)
thomaska pts/17 Oct 6 14:06 (:4.0)
wangm pts/12 Oct 4 16:25 (:2.0)
wangm pts/11 Oct 4 16:25 (:2.0)
thomaska pts/18 Oct 6 14:10 (:4.0)
The numbers in the ( ) are the "display" numbers (also 11,14,4,2).
Choose another number, say 71 and type the command:
vncserver :71
The computer should ask you to enter (define) your password.
This password will be asked to you when you will try to
connect from the client (your machine).
This will only happen the first time that you use vcnserver, and
this password will be stored into the server for later use.
exit now the connection to the server.
---------------------------------------------------------------------
4) On your machine establish the connection to the server
using now the VNC software. The command is:
vncviewer name_of_the_server:5971 &
the number 5971 should be calculate as follows: 5900 + display number
user in the vcnserver command. Here 71 was an example.
Now a new window should appears on your screen showing the environment
started in the xstartup file.
---------------------------------------------------------------------
Please remember: try first here at the eth to see how it works.
From home you will probably have to start first a VPN connection to ETH,
see http://computing.ee.ethz.ch/Vpn
You are working on machine A (say a PC) and want to let some utility runs
on machine B which could be for instance a SUN.
You wish to have all the graphics from this application running on
machine B displayed on the screen of your local machine A.
Let your machine A be called the Display server and machine B is
then the application server.
The application server runs the software and display the graphic on the
display server (and you are sitting in front of this monitor).
Alternatively, and this is the interesting point for people who are doing some measurements controlled by a PC, you may starts the VNC server on a PC and connect to it from, say, your SUN machine and control the measurements from your office.
The command for killing the VNC server is:
vncserver -kill :n
where n is the same number used to start the server program.
PLEASE choose an appropriate machine as 'application server'
(definetely not our file server!!) for your applications.
See
Rules for remote jobs for more information.
Please do not forget to use the command top and check that there is
enough memory and CPU time for you.
Machine AA is the display server, i.e. your local one.
Machine BB is the application server, i.e. the remote one.
AA% ssh BB
BB% top <== check that there is enough memory and CPU power
BB% who <== you see which terminal numbers are already in use by
other users.
BB% vncserver :n where n is a number not yet used (see who)
Comment:
The ":n" here means DISPLAY no. n.
In some special cases
(for instance if you are running more then one vnc server)
there is a conflict with the display numbering: just enter an higher number.
Check your ~/.vnc/server_name:n.log file to see if everything is OK
For instance this is a possible log file's name:
The content of this file looks like this:
Tue Oct 7 15:10:16 2008 Connections: accepted: 129.132.3.63::39511 SConnection: Client needs protocol version 3.8 SConnection: Client requests security type VncAuth(2) Tue Oct 7 15:10:23 2008 VNCSConnST: Server default pixel format depth 16 (16bpp) little-endian rgb565 VNCSConnST: Client pixel format depth 6 (8bpp) rgb222 VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888 Former versions have another log appearance: ~/.vnc/sirrah.ee.ethz.ch:71.log for machine 'sirrah' and DISPLAY ':71' 24/11/03 15:05:04 Xvnc version 3.3.3r1 24/11/03 15:05:04 Copyright (C) AT&T Laboratories Cambridge. 24/11/03 15:05:04 All Rights Reserved. 24/11/03 15:05:04 See http://www.uk.research.att.com/vnc for information on VNC 24/11/03 15:05:04 Desktop name 'X' (sirrah.ee.ethz.ch:71) 24/11/03 15:05:04 Protocol version supported 3.3 24/11/03 15:05:04 Listening for VNC connections on TCP port 5971 24/11/03 15:05:04 Listening for HTTP connections on TCP port 5871 24/11/03 15:05:04 URL http://sirrah.ee.ethz.ch:5871
If this is the first time that you are using vncserver then you will be asked to enter (define) a password.
You may want to check if the server is really running. Do it with the command:
ps -ef | grep Xvnc | grep -v grep
you should see something like this (for user ballisti):
BB% ps -ef | grep Xvnc | grep -v grep (where BB is here "cariddi"
ballisti 25937 1 0 15:10 ? 00:00:17 Xvnc :73 -desktop cariddi:73
(ballisti) -httpd /usr/pack/realvnc-4.1.2-to/classes
-auth /home/ballisti/.Xauthority -geometry 1024x768 -depth 16
-rfbwait 30000 -rfbauth /home/ballisti/.vnc/passwd -rfbport 5973 -pn
in the case above we are using the display cariddi:73.0 (more about it later)
To kill the server program LATER on (but do NOT forget it), execute:
BB% vncserver -kill :n
you can now exit the application server leaving the VNC-server program running
BB% exit
Back on your local machine (here AA) starts the Viewer having the name
of the server and the DISPLAY number as parameter but adding 5900 to it:
In the example above m=5900 + n = 5973
AA % vncviewer BB:m
Here AA=scilla and BB=cariddi: scilla:ballisti:[ballisti]:358 % vncviewer cariddi:5973 & VNC Viewer Free Edition 4.1.2 for X - built Jun 20 2006 13:53:23 Copyright (C) 2002-2005 RealVNC Ltd. See http://www.realvnc.com for information on VNC. Tue Oct 7 18:05:57 2008 CConn: connected to host cariddi port 5973 CConnection: Server supports RFB protocol version 3.8 CConnection: Using RFB protocol version 3.8 Tue Oct 7 18:06:01 2008 TXImage: Using default colormap and visual, TrueColor, depth 24. CConn: Using pixel format depth 6 (8bpp) rgb222 CConn: Using ZRLE encoding CConn: Throughput 20000 kbit/s - changing to hextile encoding CConn: Throughput 20000 kbit/s - changing to full colour CConn: Using pixel format depth 24 (32bpp) little-endian bgr888 CConn: Using hextile encoding
On your screen you will see a big window which represent a desktop similar
to the one that you would have if you would have logged on the application
server's console.
In this big windows one xterm is already open and there you can
start all the utilities you wish on the server.
You may need to write such a file "~/.vnc/xstartup" with the following content:
#!/bin/sh [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources #xsetroot -solid grey vncconfig -iconic & /usr/isgtc/bin/launchx2 kde & xterm -geometry 80x24+10+10 -ls -title "Desktop on `uname -n`" &
The following is no more valid but kept here for reference:
For X11 (tested and OK):
#!/bin/sh
xrdb $HOME/.Xdefaults
xsetroot -solid grey
xterm -geometry 80x24+10+10 -ls -title "Desktop" &
twm & <== this command does not exist anymore
This wwould have started a X-Desktop.
But you may want KDE or others. Here a list (please tell me your experience with it):
The two lines:
xsetroot -solid grey
xterm -geometry 80x24+10+10 -ls -title "Desktop" &
can be added to each of the files below.
For KDE (well this was in year 2000....):
#!/bin/sh
xrdb $HOME/.Xdefaults
/usr/sepp/bin/startkde-1.1 &
ATTENTION: recently we got problems with the command above.
PLEASE substitute the line with startkde-1.1 with:
launchx2 kde
For fvwm2 :
#!/bin/sh
xrdb $HOME/.Xdefaults
/usr/sepp/bin/fvwm2 &
For CDE :
#!/bin/sh
xrdb $HOME/.Xdefaults
/usr/dt/bin/dtwm
AA% ssh BB
But the secure shell software has more possibilities than this.
There is a option ( -L ) which allows to listen to a local port and
forward the connection done there to a given port by a remote machine:
ssh -L local_port :remote_host :remote_port remote_host
Note: no blancks in the string following "-L"!!
Above command will listen to port "local_port" and forward any connection done there using encryption to the port "remote_port" on the remote machine "remote_host".
By now I could not test the following procedure which also has a mere theoretical value and is just a raw description. I hope for feedback ...
Start a VNC server on machine DD (the application server ) which is listening to port 5900 (DISPLAY 0):
DD% vncserver :0
machine CC needs only to have its SSH daemon running, which should be without any intervention from your part (just kindly ask your system administrator).
Now the interesting part is on machine BB: we will set a SSH connection between BB and CC but telling SSH to listen on port 5901 for incoming connection into machine BB and transssferring those signals to machine DD on port 5900 through machine CC:
BB% ssh -g -L 5901:DD:5900 CC
"-g" allows remote hosts to connect to local port forwarding.
The target of the ssh is actually machine CC, but the parameter in "
-L" says that the whole message has to be forwarded to port 5900 on
machine "DD".
Now SSH is listening on machine BB for connections to port 5901, and such
connection is what we will obtain in running the viewer on machine AA:
AA% vncviewer BB:1
This last command send a connection request to port 5900 + 1 on machine BB
which, thanks to the ssh command shown before, will be encrypted and forwarded
to machine CC, which will decrypt it and forward it to machine DD.
On the display of AA we will see the application running on DD.