Shulou(Shulou.com)06/02 Report--

Overview of VNC

VNC (Virtual Network Computing) is the abbreviation of virtual network computer. VNC is an excellent remote control tool software developed by the famous European research laboratory of AT&T. VNC is a free open source software based on UNIX and Linux operating system. Its remote control ability is powerful, efficient and practical, and its performance is comparable to that of any remote control software in Windows or MAC. In Linux, VNC includes the following four commands: vncserver,vncviewer,vncpasswd, and vncconnect. In most cases, only two of these commands are needed: vncserver and vncviewer. Currently, the original AT&T version is no longer in use because more branch versions with significant improvements have emerged, such as RealVNC, VNC tight, and UltraVNC. Real VNC is the most active and powerful mainstream application at present.

RealVNC official website: http://www.realvnc.com/

Tight VNC official website: http://www.tightvnc.com/

UltraVNC official website: http://www.uvnc.com/

VNC principle

The VNC system consists of a client, a server and a protocol. The purpose of the server of VNC is to share the screen of the machine it is running, and the server passively allows the client to control it. The VNC client (or Viewer) observes and controls the server side and interacts with the server side. VNC protocol Protocol (RFB) is a simple protocol that transmits the original image of the server to the client (a square lattice data at the location of XMagi Y), and the client sends event messages to the server.

The server sends the frame cache of small squares to the client. In the simplest case, the VNC protocol uses a lot of bandwidth, so a variety of methods have been invented to reduce communication costs. For example, there are a variety of coding methods to determine the most efficient way to transmit these lattice squares)

The protocol allows the client and the server to agree which encoding will be used, and the simplest encoding, supported by most clients and servers, is to scan the original encoding of the data from left to right pixels, when the original full screen is sent. Send only the changed square area. This coding works very well when only a small portion of the screen changes (such as moving the mouse button on the desktop, or tapping text at the cursor), but the bandwidth will increase very high if a large number of pixels change at the same time, such as dragging a window or watching a full-screen video.

VNC defaults to TCP ports 5900 to 5906, while JAVA's VNC clients use 5800 to 5806. A server can connect a client with a "monitoring mode" at port 5500. One advantage of using the monitoring mode is that the server does not need to set up a firewall.

VNC on UNIX is called xvnc and plays two roles, X server for X window applications and VNC server programs for VNC clients.

Experimental environment

VNC server:

Operating system: Red Hat Enterprise Linux Server release 5.7 (Tikanga)

VNC client:

Operating system: Windows 7 Professional 64-bit operating system

VNC installation configuration

1. Install the VNC package

[root@localhost /] # cd / depot/os/mnt/cdrom/Server

[root@localhost /] # rpm-ivh vnc-server-4.1.2-14.el5_6.6.x86_64.rpm

[root@localhost /] # rpm-ivh vnc-4.1.2-14.el5_6.6.x86_64.rpm

Verify that the vnc-server package is installed successfully:

[root@localhost /] # rpm-qa vnc-server

Vnc-server-4.1.2-14.el5_6.6

2. Configure the vncservers file

Modify the / etc/sysconfig/vncservers file, and the unmodified vncservers file is as follows:

[root@localhost ~] # more / etc/sysconfig/vncservers

# The VNCSERVERS variable is a list of display:user pairs.

#

# Uncomment the lines below to start a VNC server on display: 2

# as my 'myusername' (adjust this to your own). You will also

# need to set a VNC password; run 'man vncpasswd' to see how

# to do that.

#

# DO NOT RUN THIS SERVICE if your local area network is

# untrusted! For a secure way of using VNC, see

#.

# Use "- nolisten tcp" to prevent X connections to your VNC server via TCP

# Use "- nohttpd" to prevent web-based VNC clients connecting

# Use "- localhost" to prevent remote VNC clients connecting except when

# doing so through a secure tunnel. See the "- via" option in the

# `man vncviewer' manual page.

# VNCSERVERS= "2:myusername"

# VNCSERVERARGS [2] = "- geometry 800x600-nolisten tcp-nohttpd-localhost"

Uncomment the last two lines of configuration information and add the system account

VNCSERVERS= "1:root 2:etl"

VNCSERVERARGS [1] = "- geometry 1024x768-nolisten tcp-nohttpd"

VNCSERVERARGS [2] = "- geometry 1024x768-nolisten tcp-nohttpd"

VNCSERVERS is used to configure server accounts that can use VNC. You can set multiple accounts, such as root and etl above, but separated by spaces. When logging in with VNCVIEWER, 192.168.48.128 VNCVIEWER 1 indicates that you are logged in as a root account, and so on.

Instructions for parameter configuration:

1:-geometry represents the desktop resolution, and the default is 1024x768, so the above 1024x768 can also be left unwritten.

2:-nohttpd means that the HTTP port (58xx) is not listening.

3:-nolisten tcp indicates that the TCP port (60xx) is not listening.

4:-localhost runs only from native access.

5:AlwaysShared allows only one VNCVIEWER connection by default. This parameter means that the same display port allows multiple users to log in at the same time.

6:-depth stands for dark color, and the parameters are 81.16pm 24j32.

7: password authentication is not required for SecurityTypes None login, but password authentication is required.

3. Set the VNC user password

If you start the vncserver service without setting the VNC user password at this time, the following error will be reported:

[root@localhost ~] # service vncserver start

Starting VNC server: 1:root [FAILED]

[root@localhost /] # vncpasswd

Password:

Verify:

[root@localhost /] # su-etl

[etl@localhost ~] $vncpasswd

Password:

Verify:

[etl@localhost ~] $

4. Start the vncserver service

[root@localhost ~] # service vncserver start

Starting VNC server: 1:root

New 'localhost.localdomain:1 (root)' desktop is localhost.localdomain:1

Creating default startup script / root/.vnc/xstartup

Starting applications specified in / root/.vnc/xstartup

Log file is / root/.vnc/localhost.localdomain:1.log

2:etl

New 'localhost.localdomain:2 (etl)' desktop is localhost.localdomain:2

Creating default startup script / home/etl/.vnc/xstartup

Starting applications specified in / home/etl/.vnc/xstartup

Log file is / home/etl/.vnc/localhost.localdomain:2.log

[OK]

VNC generates a series of files under the ".vnc" folder under the user's root directory ($HOME). Where passwd is the vnc user password file, generated by vncpasswd. The rest is generated when vnc starts for the first time, and xstartup is the script that starts when the VNC client connects

5. Configure the xstartup file

Cancel some of the fuchsia comments below as shown below.

#! / bin/sh

# Uncomment the following two lines for normal desktop:

Unset SESSION_MANAGER

Exec / etc/X11/xinit/xinitrc

[- x / etc/vnc/xstartup] & & exec / etc/vnc/xstartup

[- r $HOME/.Xresources] & & xrdb $HOME/.Xresources

Xsetroot-solid grey

Vncconfig-iconic &

Xterm-geometry 80x24+10+10-ls-title "$VNCDESKTOP Desktop" &

Twm &

Switch to the etl account and make it according to law.

[root@localhost ~] # su-etl

[etl@localhost ~] $vi / home/etl/.vnc/xstartup

[root@localhost ~] # service vncserver restart

Shutting down VNC server: 1:root 2:etl [OK]

Starting VNC server: 1:root

New 'localhost.localdomain:1 (root)' desktop is localhost.localdomain:1

Starting applications specified in / root/.vnc/xstartup

Log file is / root/.vnc/localhost.localdomain:1.log

2:etl

New 'localhost.localdomain:2 (etl)' desktop is localhost.localdomain:2

Starting applications specified in / home/etl/.vnc/xstartup

Log file is / home/etl/.vnc/localhost.localdomain:2.log

[OK]

6. Configure the firewall

If you do not configure a firewall and use VNC Viewer to connect at this time, you will generally report a "connect:Connection timed out (10060)" error, as shown below:

In general, in this case, either the firewall is turned off or the firewall needs to be configured.

[root@localhost ~] # service iptables stop

Flushing firewall rules: [OK]

Setting chains to policy ACCEPT: filter [OK]

Unloading iptables modules: [OK]

After turning off the firewall, there is no problem connecting to the server with VNCView, but it is generally not recommended to turn off the firewall.

[root@localhost ~] # service iptables restart

Flushing firewall rules: [OK]

Setting chains to policy ACCEPT: filter [OK]

Unloading iptables modules: [OK]

Applying iptables firewall rules: [OK]

Loading additional iptables modules: ip_conntrack_netbios_ns [OK]

[root@localhost] # iptables-I INPUT-p tcp-- dport 5901-j ACCEPT

[root@localhost] # iptables-I INPUT-p tcp-- dport 5902-j ACCEPT

OK, you can connect to the server through VNC

The port number used by the VNC service is related to the desktop number. VNC uses the TCP port starting from 5900, and the corresponding relationship is as follows

The desktop number is "1"-the port number is 5901

The desktop number is "2"-the port number is 5902

The desktop number is "3"-the port number is 5903

……

Java-based VNC client program Web service TCP port starts from 5800, which is also related to the desktop number, and the corresponding relationship is as follows

The desktop number is "1"-the port number is 5801

The desktop number is "2"-the port number is 5802

The desktop number is "3"-the port number is 5803

Based on the above description, if Linux enables the firewall function, you need to open the corresponding port manually. Take the corresponding port with desktop number "1" as an example, the command is as follows

Boot self-starting vncserver service

# chkconfig vncserver on

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.