Difference between revisions of "Using VNC To Access CS Linux Computers"
(20 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
VNC ([https://en.wikipedia.org/wiki/Virtual_Network_Computing Virtual Network Computing]) is supported as a method for remotely accessing our [[:Category:Linux Clients|Linux Clients]]. Because VNC does not, by default, provide a securely encrypted network connection, you will need to tunnel your connections through SSH. Instructions for doing so are below. | VNC ([https://en.wikipedia.org/wiki/Virtual_Network_Computing Virtual Network Computing]) is supported as a method for remotely accessing our [[:Category:Linux Clients|Linux Clients]]. Because VNC does not, by default, provide a securely encrypted network connection, you will need to tunnel your connections through SSH. Instructions for doing so are below. | ||
− | Please keep in mind that | + | Please keep in mind that our Linux clients are for everyone's use and graphical programs can use many system resources. Do not leave VNC sessions running unless you're actively using them. We reserve the right to terminate idle sessions in order to free up resources for others' use. |
+ | |||
+ | '''In the examples used below, we want to view the desktop of the remote system, ''ugradx'' by connecting as user ''joeuser''.''' | ||
== First Steps... Starting the VNC Service on the Remote Computer == | == First Steps... Starting the VNC Service on the Remote Computer == | ||
− | |||
− | + | To start a VNC server on the remote Linux system from your own Windows, Mac,or Linux system: | |
− | + | *Open Windows Powershell, Mac Terminal or Linux shell | |
− | + | * ssh ''joeuser''@''ugradx''.cs.jhu.edu | |
− | If this is the first time you' | + | * run “vncserver” |
− | + | **'''NOTE:''' If this is the ''first time you're running vncserver'', the first thing it will do is prompt you to enter a new password that will be used in later steps when accessing from a vnc client. You will also be asked if this new password is for view-only. You may say "n" for "no". (Note that the password is needed because of the way VNC works. Anyone who can log in to the system can connect to ''any'' VNC session running on the system, regardless of who started that session. The password ensures that only you can use your sessions.) | |
− | + | * Look for the line indicating a new desktop... '''New ''ugradx'':1 (''joeuser'') desktop is ugradx:1''' (or something similar.) | |
+ | * Notice what the number after the colon is. e.g. '''''ugradx'':1''' We'll call the number following the ''':''' the ''display number''. You might see a different number. That's ok. You'll need the display number you get for next step. | ||
+ | * '''''Add''''' the display number you noticed in the prior step to value of '''5900''' to create a new port number for vncserver to use in later steps. For example, using ''':1''' from the previous step, add that value of '''''1''''' to '''5900''' to get the new value of '''5901'''. This is a port number, and we'll need this during the upcoming "tunneling-through-ssh" section. | ||
== Tunneling Your VNC Session through SSH == | == Tunneling Your VNC Session through SSH == | ||
− | You must tunnel your VNC session through SSH for remote access to our our CS Linux computers so that your session is secured. To connect to the remote linux system, you will have to set up an SSH TCP tunnel to the port the server is listening on. That port number is '''5900''' '''''plus the X display number,''''' so it will most often be port '''5901 | + | You must tunnel your VNC session through SSH for remote access to our our CS Linux computers so that your session is secured. To connect to the remote linux system, you will have to set up an SSH TCP tunnel to the port the server is listening on. That port number is '''5900''' '''''plus the X display number,''''' so it will most often be port '''5901''', as in our earlier example. |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | The following steps to set up tunneling should work with Windows, Mac, and Linux clients. | |
− | + | On your '''local''' system: | |
− | + | * Open a new terminal (leaving the ''other'' terminal you ran earlier to start "vncserver" still open and running.) | |
+ | * From the new terminal, run '''ssh -L 5901:localhost:5901 ''joeuser''@''ugradx''.cs.jhu.edu''' and log in as you normally would to ''ugradx''. (Remember, use the port number you came up with in the earlier steps.) | ||
− | + | The tunnel is now set. Onto starting the vnc-type client on your local system... | |
− | + | == Starting the VNC client on your Local system== | |
− | ssh | + | <br> |
+ | '''''IMPORTANT:'' Leave those ''two'' ssh sessions from earlier running.''' | ||
− | + | ===Starting a Windows or Linux VNC Client=== | |
− | + | * Open your Windows or Linux VNC client on your local system. (If you don't have a VNC client, try [http://www.tigervnc.com/ TigerVNC] and the following steps will assume you're using TigerVNC.) | |
+ | * Connect to "localhost:1", where ":1" is the actual display number used by your VNC server. You might've used a different display number in earlier steps. And for this step, you do not need the 590x part. | ||
+ | * Type in the password you gave when setting up the VNC server for ugradx | ||
+ | * You are now connected, with the remote ugradx desktop now displayed securely on your local desktop. | ||
− | |||
− | + | ===Starting a Mac VNC Client=== | |
+ | * Point your mouse on the Mac desktop (not on a mac app or window), and click to make sure the desktop is activated. | ||
+ | * Press '''⌘ k''' | ||
+ | * A ''Connect to Server'' window pops up. | ||
+ | * In the empty field, type in the following: '''vnc://localhost:5901''' (or whichever ''port number'' you calculated from an earlier step.) | ||
+ | * A ''Screen Sharing'' window will open. | ||
+ | * Type in the password you gave when setting up the VNC server for ugradx | ||
+ | * You are now connected, with the remote ugradx desktop now displayed securely on your local desktop. | ||
− | == | + | ==When you are finished with your VNC connection== |
− | + | * Choose either ssh terminal window for which you have a connection to ''ugradx'' | |
+ | * Run: “vncserver -kill :1” (for the :number, use the display number from the earlier steps.) | ||
+ | * Close your VNC client on your local system. | ||
+ | * Close your SSH terminals. | ||
[[Category:Linux Clients]] | [[Category:Linux Clients]] | ||
[[Category:Software]] | [[Category:Software]] | ||
[[Category:Networking]] | [[Category:Networking]] | ||
+ | [[Category:SSH]] |
Latest revision as of 14:16, 15 March 2024
VNC (Virtual Network Computing) is supported as a method for remotely accessing our Linux Clients. Because VNC does not, by default, provide a securely encrypted network connection, you will need to tunnel your connections through SSH. Instructions for doing so are below.
Please keep in mind that our Linux clients are for everyone's use and graphical programs can use many system resources. Do not leave VNC sessions running unless you're actively using them. We reserve the right to terminate idle sessions in order to free up resources for others' use.
In the examples used below, we want to view the desktop of the remote system, ugradx by connecting as user joeuser.
First Steps... Starting the VNC Service on the Remote Computer
To start a VNC server on the remote Linux system from your own Windows, Mac,or Linux system:
- Open Windows Powershell, Mac Terminal or Linux shell
- ssh joeuser@ugradx.cs.jhu.edu
- run “vncserver”
- NOTE: If this is the first time you're running vncserver, the first thing it will do is prompt you to enter a new password that will be used in later steps when accessing from a vnc client. You will also be asked if this new password is for view-only. You may say "n" for "no". (Note that the password is needed because of the way VNC works. Anyone who can log in to the system can connect to any VNC session running on the system, regardless of who started that session. The password ensures that only you can use your sessions.)
- Look for the line indicating a new desktop... New ugradx:1 (joeuser) desktop is ugradx:1 (or something similar.)
- Notice what the number after the colon is. e.g. ugradx:1 We'll call the number following the : the display number. You might see a different number. That's ok. You'll need the display number you get for next step.
- Add the display number you noticed in the prior step to value of 5900 to create a new port number for vncserver to use in later steps. For example, using :1 from the previous step, add that value of 1 to 5900 to get the new value of 5901. This is a port number, and we'll need this during the upcoming "tunneling-through-ssh" section.
Tunneling Your VNC Session through SSH
You must tunnel your VNC session through SSH for remote access to our our CS Linux computers so that your session is secured. To connect to the remote linux system, you will have to set up an SSH TCP tunnel to the port the server is listening on. That port number is 5900 plus the X display number, so it will most often be port 5901, as in our earlier example.
The following steps to set up tunneling should work with Windows, Mac, and Linux clients.
On your local system:
- Open a new terminal (leaving the other terminal you ran earlier to start "vncserver" still open and running.)
- From the new terminal, run ssh -L 5901:localhost:5901 joeuser@ugradx.cs.jhu.edu and log in as you normally would to ugradx. (Remember, use the port number you came up with in the earlier steps.)
The tunnel is now set. Onto starting the vnc-type client on your local system...
Starting the VNC client on your Local system
IMPORTANT: Leave those two ssh sessions from earlier running.
Starting a Windows or Linux VNC Client
- Open your Windows or Linux VNC client on your local system. (If you don't have a VNC client, try TigerVNC and the following steps will assume you're using TigerVNC.)
- Connect to "localhost:1", where ":1" is the actual display number used by your VNC server. You might've used a different display number in earlier steps. And for this step, you do not need the 590x part.
- Type in the password you gave when setting up the VNC server for ugradx
- You are now connected, with the remote ugradx desktop now displayed securely on your local desktop.
Starting a Mac VNC Client
- Point your mouse on the Mac desktop (not on a mac app or window), and click to make sure the desktop is activated.
- Press ⌘ k
- A Connect to Server window pops up.
- In the empty field, type in the following: vnc://localhost:5901 (or whichever port number you calculated from an earlier step.)
- A Screen Sharing window will open.
- Type in the password you gave when setting up the VNC server for ugradx
- You are now connected, with the remote ugradx desktop now displayed securely on your local desktop.
When you are finished with your VNC connection
- Choose either ssh terminal window for which you have a connection to ugradx
- Run: “vncserver -kill :1” (for the :number, use the display number from the earlier steps.)
- Close your VNC client on your local system.
- Close your SSH terminals.