VNC and SSH Port Fowarding
To run graphical applications on ARSC systems remotely, the Virtual Network Computing (VNC) application is available and provides some advantages beyond using X Windows over SSH, such as a detachable session. This article provides basic set up information required for this approach.
***Important Note: Please follow all of these steps with each new VNC session.***
Step 1: Install VNC on your local system
There are many different VNC viewer programs available with unique interfaces and features. The application installed on ARSC systems is TigerVNC.
After installing the software, make sure ports 5900 and 5901 are open to allow VNC traffic through your local firewall.
Step 2: Connect to the ARSC system and start the VNC server
Log onto the ARSC system over SSH and specify the appropriate ports for VNC client (your local system) and server (remote ARSC system) communication.
Launch a VNC server instance on the remote ARSC system. The initial vncserver instance will prompt you for a password to protect your session.
localsystem $ ssh -L 5901:localhost:5901 firstname.lastname@example.org pacman13 % vncserver -localhost You will require a password to access your desktops. Password: Verify: New 'pacman13:1 (username)' desktop is pacman13:1 Creating default startup script /u1/uaf/username/.vnc/xstartup Starting applications specified in /u1/uaf/username/.vnc/xstartup Log file is /u1/uaf/username/.vnc/pacman13:1.log
Step 3: Open VNC on your local system
Launch your VNC viewer program and connect to host "localhost" and port 5901. The example below shows how to launch the client using TigerVNC.
localsystem $ vncviewer localhost:5901
If you are using the TigerVNC GUI, enter "localhost:5901" into the "VNC server:" box then click the "Connect" button. You will then be prompted for the password created in Step 2. If your local VNC client connects successfully, you will then see your desktop on the remote pacman login node.
Your circumstances might require the use of different ports due to firewall issues or if you are running more than one VNC server session on the remote system. (Other people on the system might be running their own sessions as well and occupying the ports.) If this is the case, you may need to specify port 5902 or 5903.
To determine whether the VNC viewer has successfully connected, check the log file noted when the vncserver was started on the remote system.
After starting the server, the options exists to log out and back in again using different port forwarding parameters.
Note that some VNC viewer programs can automatically set up the SSH port forwarding through a command-line flag such as "-via" or some option in a graphical configuration menu.
Step 4: When finished, close the VNC session
To close your VNC session, view the open sessions then close the appropriate open session on the remote ARSC system.
pacman13 % vncserver -list TigerVNC server sessions: X DISPLAY # PROCESS ID :1 252550 pacman13 % vncserver -kill :1
If a previous VNC session remains open on the remote ARSC system, that old session will need to be closed prior to establishing a new connection using the same port. To identify and kill the old session first obtain the processID of the "Xnvc" process, then issue the kill command.
pacman13 % ps -elf | grep username | grep Xvnc 0 S username 236193 1 0 80 0 - 24842 poll_s Nov09 ? 00:00:10 /usr/bin/Xvnc :1 -desktop pacman13:1 (username) -auth /u1/uaf/username/.Xauthority -geometry 1024x768 -rfbwait 30000 -rfbauth /u1/uaf/username/.vnc/passwd -rfbport 5901 -fp catalogue:/etc/X11/fontpath.d -pn -localhost pacman13 % kill 236193
Reset Server Password
To change the password for vnc server, run the 'vncpasswd' command on the system hosting the vnc server. The manual page for this command is available online at http://linux.die.net/man/1/vncpasswd
Run "vncserver --help" and "man vncserver" for more information on how to use the application.