[Fedora] Run VNC and GDM for headless boxes

[Mojo]

You've probably heard of VNC - its a pretty standard remote desktop tool, works under Windows and Linux, amongst others.

GDM? GDM is the blue screen which greets you and takes a username and password to let you login to your Fedora box (and other distributions).

The purpose of this guide is to show you how to get GDM and VNC to play together so that you can VNC to your headless Linux server, login as normal using ANY account (including root), perform your tasks and log off again, killing the session and leaving the box more secure than standard VNC, which leaves your session open.

Firstly, get command-line access to your box, either from the real console or ssh. You'll need to be logged in as root for all the following.

Step 1 - change the X11 config file

The config file is located in /etc/X11/gdm/gdm.conf

Using a text editor, make the following changes:

Locate RemoteGreeter

Change the line to read
RemoteGreeter = /usr/bin/gdmgreeter

Locate [xdmcp]

Change the line following (after the comments) to read
Enable = true

Step 2 - add new services for VNC

The config file is /etc/services

Using a text editor, go to the end of the file and add the following under the comment "Local services"

Code:

vnc800           5900/tcp          #vnc & gdm @ 800x600 resolution
vnc1024          5901/tcp          #vnc & gdm @1024x768 resolution

Step 3 - define the new services

I've attached these files with a .txt extension (to keep the boards happy). They are in Linux format and so will look wierd under windows but if you drop them on your Linux box in /etc/xinetd.d/ and strip off the extension they'll work

Change directory to /etc/xinetd.d/
I used vi for the following, any plain-text editor will do

Create file vnc800

Contents:

Code:

service vnc800
{
disable		=	no
socket-type	=	stream
protocol	=	tcp
group           =       tty
wait		=	no
user		=	nobody
server		=	/usr/bin/Xvnc
server_args	=	-inetd -query localhost -geometry 800x600 -depth 16 -once -fp unix/:7100 -securitytypes=none
}

Or basically, when someone uses TCP to access port 5900 (which is basically what VNCViewer Server:0 does), fire up Xvnc, screen size/depth 800x600x16 and don't ask for VNC password - there's no need GDM will ask us for our login name & password.

Create file vnc1024

Contents:

Code:

service vnc1024
{
disable		=	no
socket-type	=	stream
protocol	=	tcp
group           =       tty
wait		=	no
user		=	nobody
server		=	/usr/bin/Xvnc
server_args	=	-inetd -query localhost -geometry 1024x768 -depth 16 -once -fp unix/:7100 -securitytypes=none
}

Exactly the same apart from the service name and screen geometry, so cp vnc800 vnc1024 save some typing

You could, of course, carry on with different screen resolutions and colour depths, just make sure the entries in /etc/services match the new service files in /etc/xinetd.d/. Port numbers would be 5902, 5903, 5904......

Step 4 - Turn off vncserver

We don't want a vnc server now, so make sure it doesn't run with

chkconfig --level 2345 vncserver off

And then instigate all this with

init 3
init 5
service xinetd restart

And all should be complete.

Step 5 - testing

Use your normal vncviewer to access the box. I'll use an example box with an IP of 192.168.0.20.

vncviewer 192.168.0.20:0 should not ask for a password, give you a normal Fedora login screen @ 800x600, and let you use any valid login for the box

vncviewer 192.168.0.20:1 should do exactly the same but at 1024x768


E&OE, tested and working on Fedora Core 2 & 3

Tip: Log in as root, remove desktop background, change colour to red, and then you'll know you're logged in as root for this session.
Tip2: If you run firewall you might need to open ports 5900 & 5901 to tcp access
Tip3: I've found sometimes FC2 needs a reboot, FC3 doesn't need one - anyway if you get a connection but blank screen under FC2 try a restart
Tip4: K12LTSP servers come pre-installed with this - servername:0 gives you 1024x768x16
Tip5: If your Linux server is not on a secure network (why not? Never heard of smoothwall?) you may not want to do this. SSH to the box and start your VNC server that way - much more secure.

[Mojo]

Update for Fedora Core 4

The above didn't work for me.
It appears on x86-64 Fedora Core 4 doesn't install xinetd

So, before running the above you need to install this.

Procedure:

1. Log into the machine as root and get to a console
2. Type in yum install xinetd
3. Answer yes when prompted
4. When yum exits successfully, type in chkconfig --level 2345 xinetd on
5. Type in service xinetd start

This should solve the problem, it did for me