VNC over SSH - m3

From AN!Wiki
Jump to: navigation, search

 AN!Wiki :: How To :: VNC over SSH - m3

Server setup:

Edit /etc/gdm/custom.conf and add (or modify appropriately) the line:
...
WaylandEnable=false
... </code>

This will disable the use of Wayland as the default display manager for login sessions.

Next, install the required packages

dnf install tigervnc-server tigervnc

New to 8.3 is the removal of configuration parameters from systemd service files and the
consolidation of vncserver configuration files in the /etc/tigervnc/ directory, within which you'll find:

- vncserver.users

The vncserver.users file is used to allot desktop session outputs to a given user. As per RedHat (see references), only a single user should be alloted to a given desktop output at a time.

- vncserver-config-defaults

The vncserver-config-defaults file is used to set the global session configuration for those started by VNC connections. For example:

session=gnome-xorg
securitytypes=vncauth
desktop=my-session-name
geometry=2000x1200
localhost
alwaysshared
</code>

...is a valid default config where:
'session' is set to a valid Xsession name as per configuration files in /usr/share/xsessions/
'securitytypes' denotes the authentication options presented to clients
'desktop' sets the name of the desktop session displayed by various components, including the vnc client
'geometry' denotes the aspect ratio and native resolution of the session
'localhost' denotes the host to which the server will bind
'alwaysshared' sets all incoming connections as shared, regardless of client settings

- vncserver-config-mandatory

This file will not need modification for the purposes of this guide.

Create password for vnc authentication:

su admin
vncpasswd (enter passwords)
Template note icon.png
Note: If vnc was previously configured prior to upgrade to 8.3, the user's .vnc folder may have had its selinux context changed.

To ensure changes can be rolled back, archive the current .vnc folder before running `vncpasswd` again while logged in as the

intended vnc user to recreate the .vnc directory with the correct context labels and basic configuration files.

Return to root user:

systemctl enable --now vncserver@:2.service

Connect;

ssh -L 5902:localhost:5902 -N -f -l $user $host_name
</table>

The port 5901 is usually already in use, so we default to 5902 in this guide.

To connect, start tigervnc and connect to localhost:2 (or :1, if using 5901).

Template note icon.png
Note: grep 590 to locate and kill these stale connections.</span>
Template note icon.png
Note: For an explanation of the reasoning behind the changes post-8.2, please refer to the Root Cause heading in the reference article.

References:

https://access.redhat.com/solutions/5544351#comments

 

Any questions, feedback, advice, complaints or meanderings are welcome.
Us: Alteeve's Niche! Support: Mailing List IRC: #clusterlabs on Freenode   © Alteeve's Niche! Inc. 1997-2019
legal stuff: All info is provided "As-Is". Do not use anything here unless you are willing and able to take responsibility for your own actions.
Personal tools
Namespaces

Variants
Actions
Navigation
projects
Toolbox