linux下vnc配置详解

VNC，全称为Virtual NetworkComputing，它是一个桌面共享系统。它的功能，类似于windows中的远程桌面功能。VNC使用了 RFB(RemoteFrameBuffer，远程帧缓冲）协议来实现远程控制另外一台计算机。它把键盘、鼠标动作发送到远程计算机，并把远程计算机的屏幕发回到本地。VNC技术与平台无关，VNC Viewer可以和VNCServer在不同的操作系统上。VNC几乎支持所有的操作系统，也支持Java，甚至可以通过支持Java的浏览器来访问 VNCServer。多个VNC客户端可以同时连接到一个VNC Server上。VNC最初由AT&T开发的，它的源代码是开源。

1. 安装vnc

检查linux是否安装有vnc

[root@localhost .vnc]# rpm -qa |grep vnc
vnc-4.1.2-14.el5_6.6
vnc-server-4.1.2-14.el5_6.6
[root@localhost .vnc]# rpm -q vnc
vnc-4.1.2-14.el5_6.6
[root@localhost .vnc]# rpm -q vnc-server
vnc-server-4.1.2-14.el5_6.6

若没有安装，安装如下：

[root@localhost ~]# yum install vnc vnc-server

2. 需要在每个用户下启动vncserver，生成该用户远程桌面连接时的配置文件以及访问密码，方法就是切换到每个用户，执行 vncserver

为root用户创建

[root@localhost .vnc]# vncserver
You will require a password to access your desktops.
enter password: #首次运行会让你设置密码，密码要求6位以上
verify password: #确认密码
New 'localhost.localdomain:1 (root)' desktop is localhost.localdomain:1
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/localhost.localdomain:1.log

为binhoul用户创建

[root@localhost .vnc]# su - binhoul
[binhoul@localhost ~]$ vncserver

You will require a password to access your desktops.

Password:
Verify:
Passwords don't match - try again
Password:
Verify:
xauth: creating new authority file /home/binhoul/.Xauthority

New 'localhost.localdomain:3 (binhoul)' desktop is localhost.localdomain:3

Creating default startup script /home/binhoul/.vnc/xstartup
Starting applications specified in /home/binhoul/.vnc/xstartup
Log file is /home/binhoul/.vnc/localhost.localdomain:3.log

[binhoul@localhost ~]$ exit

3. 编辑配置脚本文件

[root@localhost .vnc]# cat xstartup
#!/bin/sh

# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &

其中第13行代表文字模式，若将twm 替换为gnome-session 将会出现图像界面。

4. 修改vnc配置文件

[root@localhost sysconfig]# cat vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see
# <URL:http://www.uk.research.att.com/archive/vnc/sshvnc.html>.

# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.

# Use "-nohttpd" to prevent web-based VNC clients connecting.

# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.

# VNCSERVERS="2:myusername"
# VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -nohttpd -localhost"
VNCSERVERS="1:root 2:binhoul"
VNCSERVERARGS[1]="-geometry 1024x768"
VNCSERVERARGS[2]="-geometry 1024x768"

其中第23行代表开机启动几个vnc server,实例是两个
设置完成后就可以启动vncserver服务了。
启动失败的原因有：
                      1./etc/sysconfig/vncservers文件参数不对
                      2.没有为vncservers提到的用户生成各自的配置文件
                      3.在生成配置文件后，没有使用命令vncserver -kill :1 将那个进程杀死

5. 配置防火墙

VNC客户端通过浏览器或VNC Viewer连接至VNC Server。其监听端口分别从5800和5900开始，display1 为5801和5901
vi /etc/sysconfig/iptables
vi /etc/sysconfig/iptables 找到下面的语句：
-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
在此行之前，加上下面的内容：

-A RH-Firewall-1-INPUT -m state –-state NEW -m tcp -p tcp –-dport 5901 -j ACCEPT

允许其它机器访问本机的5901端口，这样，display:1的用户就可以连接到本机或者关闭iptables。

转载请保留固定链接： https://linuxeye.com/configuration/814.html

热门标签: