TigerVNC on Fedora 11

[DrewP]

EDIT: TigerVNC is now working for me on Fedora 12 and all the required files are in the Fedora 12 repositories.
I am using these versions:

Code:

tigervnc.i686                                1.0.1-1.fc12                   @updates
tigervnc-server.i686                         1.0.1-1.fc12                   @updates
tigervnc-server-module.i686                  1.0.1-1.fc12                   @updates
xorg-x11-server-Xorg.i686                    1.7.6-3.fc12                   @updates

[strike]EDIT: At time of writing TigerVNC is broken for Fedora 12. Please check here: https://bugzilla.redhat.com/show_bug.cgi?id=529295 for a resolution or workaround to avoid disappointment{/strike]



This is partially a dummy post:
I think Tiger VNC may still be evolving so if I am aware that my post below becomes outdated I will modify this post to indicate where better information may be found. If someone chooses to reply to this thread with some useful information I will also point to their reply from here.

I just got it working after scratching my head for a day or two. It's brilliant! It's very easy to do but I haven't found the instructions in one place yet. This post and the one below are just a collation of other people's knowledge and ideas in one place.

Why change from Vino to TigerVnc?

1) Tiger VNC is the way ahead for Fedora - http://fedoraproject.org/wiki/FWN/Is...Ship_Tiger_VNC
2) Cut and paste works (rough round the edges and with caveats but it works)
3) Great news for those who like to re-boot remote computers from time to time: VNC starts up with the login screen, so remotely you can login as a user and see their desktop as displayed on that PC's monitor. This is just what I have been waiting for!
4) ssh tunnelling is much simpler


Disadvantages
1) So far I have seen no indication (apart from moving cursor and typing) that there is an active connection on the 'server' computer
2) I have seen a thread that indicates that it does not work well with Compiz but have not tested this


Please go to the next post to see how to install it

[DrewP]

(This will also download and install the client)

This can all be done from a terminal window. I have done it on a remote computer using ssh, but I had to re-boot that computer remotely to re-start X. If anyone can suggest how I can restart X remotely without re-booting please let me know...

I found that a couple of computers that had been automagically upgraded from F10 to F11 already had all the required files on them - they just needed configuring. Only the computers I had installed from zero needed them downloading.

First uninistall vino if it is already installed:

For speed I am going to do everything as root. Those who prefer to use sudo please do so but be aware that setting the password and running the server for the first time should be done as root as it is preferable that the password and startup scripts for the entire machine end up in /root/.vnc/ rather than /home/yourusername/.vnc/

Code:

$ su - 
Password: 
# yum erase vino
Loaded plugins: dellsysidplugin, dellsysidplugin2, refresh-packagekit
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package vino.i586 0:2.26.2-1.fc11 set to be erased
--> Finished Dependency Resolution
.
.
.
Removed:
  vino.i586 0:2.26.2-1.fc11 

Complete!

You need to download and install the three tigerVNC modules and you need to be able to create the file /etc/X11/xorg.conf if it does not already exist.

The command below will download all the files and tools you need:

Code:

# yum install system-config-display tigervnc tigervnc-server tigervnc-server-module
Loaded plugins: dellsysidplugin, dellsysidplugin2, refresh-packagekit
Setting up Install Process
Package system-config-display-1.1.3-2.fc11.noarch already installed and latest version
Package tigervnc-0.0.91-0.12.fc11.i586 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package tigervnc-server.i586 0:0.0.91-0.12.fc11 set to be updated
---> Package tigervnc-server-module.i586 0:0.0.91-0.12.fc11 set to be updated
.
.
.
Installed:
  tigervnc-server.i586 0:0.0.91-0.12.fc11                    tigervnc-server-module.i586 0:0.0.91-0.12.fc11                   

Complete!

If the file /etc/X11/xorg.conf does not already exist create one with this command:

Code:

# system-config-display --noui

Now edit it (If you're doing this on a remote computer with ssh you will need to use vi or some other non-graphical editor)

Code:

# gedit /etc/X11/xorg.conf

Add this section:

Code:

Section "Module"
	Load "vnc"
EndSection

Add these lines to the "Screen" section

Code:

Section "Screen"
.
.
.
        Option "SecurityTypes" "VncAuth"
        Option "UserPasswdVerifier" "VncAuth"
        Option "PasswordFile" "/root/.vnc/passwd"
EndSection

The commands below must be done as root

Code:

[root@d400 drewp]# vncpasswd
Password:              (Enter your chosen password for VNC here - 8 characters max)
Verify:
[root@d400 drewp]# vncserver
xauth: (stdin):1:  bad display name "d400.hogwarts.local:1" in "add" command

New 'd400.hogwarts.local:1 (drewp)' desktop is d400.hogwarts.local:1

Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/d400.hogwarts.local:1.log

Log out and log back in again if you are working on a local computer and you are done.

If you are working on a remote computer and it's ok to reboot it then this will do it.

EDIT:
Warning: TigerVNC starts up with X so in principle you can connect as soon as the X Login prompt appears. Note however that on a typical notebook installation THE WIFI CONNECTION DOES NOT COME UP UNTIL A USER HAS LOGGED IN.
So if you remotely reboot a Wifi connected notebook you will lose all control of it until someone logs in. This is not a TigerVNC problem, it's just how the system works.
/EDIT

Code:

# shutdown -r now
You have new mail in /var/spool/mail/root
[root@c600 ~]# 
Broadcast message from drewp@c600.hogwarts.local
	(/dev/pts/0) at 15:59 ...

The system is going down for reboot NOW!
Connection to 192.168.11.109 closed by remote host.
Connection to 192.168.11.109 closed.

After re-booting you should be able to connect with the TigerVnc viewer to the machine and log in.

EDIT:
The example below is how it might be used in a heterogeneous (Linux/Windows) environment and is not recommended for a Linux-only environment. (see the section on Firewall/Tunnelling below to see how a more secure link can be obtained very simply using Linux's SSH utilities. For the example below to work it would be necessary to disable any firewall or (infinitely more preferable) open port 5900. Unix Gurus would probably do this by manipulating iptables directly but mere mortals would probably prefer to use the simplifed GUI which can be found in Gnome at System | Administration | Firewall. If it is not there it can be installed using

# yum install system-config-firewall

In a homogeneous *nix only environment this step is not necessary, but it would be necessary to allow port 22 (SSH) through the firewall. This is so useful for any kind of remote management that I didn't think to mention it. However I realised a noob - like me not so very long ago - may not realize this step is necessary and get frustrated - so I have added that information here.
/EDIT

Code:

[drewp@d400 ~]$ vncviewer 192.168.11.109

TigerVNC Viewer for X version 0.0.91 - built Aug 14 2009 09:53:29
Copyright (C) 2002-2005 RealVNC Ltd.
Copyright (C) 2000-2006 TightVNC Group
Copyright (C) 2004-2009 Peter Astrand for Cendio AB
See http://www.tigervnc.org for information on TigerVNC.

Tue Sep  8 16:05:51 2009
 CConn:       connected to host 192.168.11.109 port 5900
 CConnection: Server supports RFB protocol version 3.8
 CConnection: Using RFB protocol version 3.8

Tue Sep  8 16:05:59 2009
 TXImage:     Using default colormap and visual, TrueColor, depth 24.
 CConn:       Using pixel format depth 24 (32bpp) little-endian rgb888
 CConn:       Using Tight encoding

(You don't have to launch it from a terminal. On Gnome the icon for the TigerVNC viewer is in the Applications | Internet menu


Copying and pasting.
The VNC protocol only supports copying of Latin-1 characters. No graphics, no unicode. You have been warned.

To make it work you need to launch vncconfig on the server machine. It creates a small dialog box which is not very pretty. While it is running, copy and paste will work. Close the dialog and copy and paste stop working. At the moment I just wait until I need to copy/paste then type vncconfig into a terminal window on the server.
It seems to me that vncconfig has to be running before the text is copied. My experience is that if I copy something on my machine, and then launch vncconfig I cannot paste the data into the server.

Firewall / tunnelling
If you are only going to use this on a network you trust you could just open up port 5900 on the server's firewall and you can use any version of vnc viewer to access it.
As the VNC password is a maximum of 8 characters long you really shouldn't have the VNC port open if you are connected directly to the internet. If you are only going to be accessed by linux boxes it is common practice to set up an ssh tunnel which will allow you first to use a strong password which is not sent in cleartext and secondly to encrypt all data transferred between server and viewer.

There is an ssh command that you can use to establish an encrypted tunnel but with tigerVNC there is a simplified command that is much easier to remember

Code:

[drewp@d400 ~]$ vncviewer -via 192.168.11.107 192.168.11.107

TigerVNC Viewer for X version 0.0.91 - built Aug 14 2009 09:53:29
Copyright (C) 2002-2005 RealVNC Ltd.
Copyright (C) 2000-2006 TightVNC Group
Copyright (C) 2004-2009 Peter Astrand for Cendio AB
See http://www.tigervnc.org for information on TigerVNC.
drewp@192.168.11.107's password:   (Enter your long, complex machine password here)

If your password was good the familiar dialog for the VNC password should pop up now 

Tue Sep  8 16:47:28 2009
 CConn:       connected to host localhost port 5599
 CConnection: Server supports RFB protocol version 3.8
 CConnection: Using RFB protocol version 3.8

Tue Sep  8 16:47:33 2009
 TXImage:     Using default colormap and visual, TrueColor, depth 24.
 CConn:       Using pixel format depth 24 (32bpp) little-endian rgb888
 CConn:       Using Tight encoding

Tue Sep  8 16:47:41 2009
 CConn:       Throughput 2412 kbit/s - changing to quality 6 
 CConn:       Using Tight encoding

See the man pages for TigerVNC viewer to understand the syntax, basically the address after -via is the address of the machine at the other end of the encrypted tunnel - call this machine the gateway - and the second address is the name/address of the machine that you wish to connect to. The name has to be known to the gateway computer.

These two commands would normally do the same thing
vncviewer -via 192.168.11.107 192.168.11.107
vncviewer -via 192.168.11.107 localhost



Enjoy

[robertmaessen]

I think the way to restart the X-server = gdm-safe-restart

You mentioned ssh and tigervnc for secure access, I'm trying to make that work via ipsec, did you tried that?

[thesun]

Does anyone know how to get TigerVNC server to display a preferred desktop? I'd like to use KDE and it defaults to Gnome. I suspect it must be a pretty simple edit in the xstartup file in .vnc...no?

[scottro]

I believe it would be as simple as doing something like adding a line under the commented SESSION and exec xinitrc lines, something like

exec start-kde

This is untested by me though, and I'm sure there's a more elegant way to do it.

[Ujeen]

to DrewP thanks a lot for this info. Really usefull.

[thesun]

@scottro

Yes! That's what I thought too and in the "olden" days I remember doing that. But now the .vnc/xstartup file is a lot more complex:

Quote:

#!/bin/sh

vncconfig -iconic &
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
OS=`uname -s`
if [ $OS = 'Linux' ]; then
case "$WINDOWMANAGER" in
*gnome*)
if [ -e /etc/SuSE-release ]; then
PATH=$PATH:/opt/gnome/bin
export PATH
fi
;;
esac
fi
if [ -x /etc/X11/xinit/xinitrc ]; then
exec /etc/X11/xinit/xinitrc
fi
if [ -f /etc/X11/xinit/xinitrc ]; then
exec sh /etc/X11/xinit/xinitrc
fi
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &

Would I be replacing the "twm &" line? Or perhaps change the "*gnome*" part to "*kde*"?

I don't care if it's "elegant." :-) I just want it to work!

[scottro]

I see. It seems that on mine, I just used the old file (that is, for ultra, or real, or whatever it was) and it works without problem.

Code:

#!/bin/sh

vncconfig -iconic &
# Uncomment the following two lines for normal desktop:
 unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
exec openbox-session


[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey

[thesun]

I tried that file and tried it with a line "exec startkde" and another with "exec start-kde" (wasn't sure of the syntax) appended below the "exec openbox-session" line (should it have been in place of it?!!) and both gave me a VNC window of impenetrable blackness. I also tried swapping out *gnome* and *kde* in the original, which didn't have any effect at all. Back to square one, apparently...any other thoughts?

[scottro]

You should have replaced exec openbox with exec startkde

(That's the correct syntax, and sorry for not being clearer.)
I just tried it and it worked for me.

[thesun]

Nope. Still a black, unusable screen. :-(

[scottro]

Hrrm. I'm stuck, I fear. There may be some other settings that I'm overlooking, but I can't find them.

[thesun]

I got it solved. The solution was to "yum install switchdesk" and then run "switchdesk kde" and now it uses the regular default xstartup and boots a beauteous KDE desktop right from the start. Yay!

[scottro]

Ahh, ok, that makes sense. Glad it's working.

[tnfno]

Great instructions !

I have one question: on the 'old' VNC I could set the port that VNC listened to in the vncserver file. How can I change the port in tigervnc ?