A x11vnc setup
This is based on a configuration I did for a customer. They wanted the following:
- that users could remote-desktop into an already-running desktop running on the system console;
- that users could initiate a session running on the console if one wasn't already running, and then use that; and
- that other users could connect to an already-running desktop, sharing access with the user who was already logged in.
There are two "modes", one for taking control of the system console, and one for asking to be granted shared access to the desktop.
As such, we set up two separate services:
x11vnc-5900: this is for the user to remote-desktop in to the session. If there is a session running, the user will be prompted for a password; otherwise he will be shown the gdm login screen.
x11vnc-5901: this is for other users to connect to the running desktop. The connecting user will not be prompted for a password, however the user on the running desktop will be shown a dialog prompting them to grant view-only or full control, or alternatively, dropping the connection altogether.
Prerequisites
This is for CentOS 5.x
- x11vnc (from rpmforge)
- xinetd
Files:
/etc/services:
Add to the end:
x11vnc-5900 5900/tcp # vnc
x11vnc-5901 5901/tcp # vnc
/etc/xinetd.d/x11vnc-5900:
service x11vnc-5900
{
disable = no
port = 5900
socket_type = stream
protocol = tcp
wait = no
user = root
passenv = PATH
server = /usr/local/sbin/run-x11vnc.pl
server_args = -m 5900
}
/etc/xinetd.d/x11vnc-5901:
service x11vnc-5901
{
disable = no
port = 5901
socket_type = stream
protocol = tcp
wait = no
user = root
passenv = PATH
server = /usr/local/sbin/run-x11vnc.pl
server_args = -m 5901
}
/usr/local/sbin/run-x11vnc.pl: Attached to this page.
Setup
Ensure you've run
chkconfig xinetd on ; service xinetd start if this is a new installation of xinetd.
Each user should use
vncpasswd to create a ~/.vnc/remote.passwd file.
Problems
- After successfully logging into the gdm, the vnc session gets disconnected; the user must then re-connect, this time being prompted for his remote.passwd file.
Security issues
- This does nothing to deal with the problem that the desktop session is being run on the console; therefore anyone passing by the real desktop will be able to see what is going on, and possibly control the desktop (ie fight with the remote user). But x11vnc has this problem anyways.