VNC,全稱為Virtual NetworkComputing,它是一個桌面共享系統。它的功能,類似於windows中 的遠程桌面功能。VNC使用了 RFB(RemoteFrameBuffer,遠程幀緩沖)協議來實現遠程控制另外一台計算機。它把鍵盤、鼠標動作發送到遠程計算機,並把遠程計算機的屏 幕發回到本地。VNC技術與平台無關,VNC Viewer可以和VNCServer在不同的操作系統上。VNC幾乎支持所有的操作系統,也支持Java,甚至可以通過支持Java的浏覽器來訪問 VNCServer。多個VNC客戶端可以同時連接到一個VNC Server上。VNC最初由AT&T開發的,它的源代碼是開源。
1. 安裝vnc
檢查linux是否安裝有vnc
[root@localhost .vnc]# rpm -qa |grep vnc
vnc-4.1.2-14.el5_6.6
vnc-server-4.1.2-14.el5_6.6
[root@localhost .vnc]# rpm -q vnc
vnc-4.1.2-14.el5_6.6
[root@localhost .vnc]# rpm -q vnc-server
vnc-server-4.1.2-14.el5_6.6
若沒有安裝,安裝如下:
[root@localhost ~]# yum install vnc vnc-server
2. 需要在每個用戶下啟動vncserver,生成該用戶遠程桌面連接時的配置文件以及訪問密碼,方法就是切換到每個用戶,執行 vncserver
為root用戶創建
[root@localhost .vnc]# vncserver
You will require a password to access your desktops.
enter password: #首次運行會讓你設置密碼,密碼要求6位以上
verify password: #確認密碼
New 'localhost.localdomain:1 (root)' desktop is localhost.localdomain:1
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/localhost.localdomain:1.log
為binhoul用戶創建
[root@localhost .vnc]# su - binhoul
[binhoul@localhost ~]$ vncserver
You will require a password to access your desktops.
Password:
Verify:
Passwords don't match - try again
Password:
Verify:
xauth: creating new authority file /home/binhoul/.Xauthority
New 'localhost.localdomain:3 (binhoul)' desktop is localhost.localdomain:3
Creating default startup script /home/binhoul/.vnc/xstartup
Starting applications specified in /home/binhoul/.vnc/xstartup
Log file is /home/binhoul/.vnc/localhost.localdomain:3.log
[binhoul@localhost ~]$ exit
3. 編輯配置腳本文件
[root@localhost .vnc]# cat xstartup
#!/bin/sh
# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &
其中第13行代表文字模式,若將twm 替換為gnome-session 將會出現圖像界面。
4. 修改vnc配置文件
[root@localhost sysconfig]# cat vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see
# <URL:http://www.uk.research.att.com/archive/vnc/sshvnc.html>.
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
# Use "-nohttpd" to prevent web-based VNC clients connecting.
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
# VNCSERVERS="2:myusername"
# VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -nohttpd -localhost"
VNCSERVERS="1:root 2:binhoul"
VNCSERVERARGS[1]="-geometry 1024x768"
VNCSERVERARGS[2]="-geometry 1024x768"
其中第23行代表開機啟動幾個vnc server,實例是兩個
設置完成後就可以啟動vncserver服務了。
啟動失敗的原因有:
1./etc/sysconfig/vncservers文件參數不對
2.沒有為vncservers提到的用戶生成各自的配置文件
3.在生成配置文件後,沒有使用命令vncserver -kill :1 將那個進程殺死
5. 配置防火牆
VNC客戶端通過浏覽器或VNC Viewer連接至VNC Server。 其監聽端口分別從5800和5900開始,display1 為5801和5901
vi /etc/sysconfig/iptables
vi /etc/sysconfig/iptables 找到下面的語句:
-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
在此行之前,加上下面的內容:
-A RH-Firewall-1-INPUT -m state –-state NEW -m tcp -p tcp –-dport 5901 -j ACCEPT
允許其它機器訪問本機的5901端口,這樣,display:1的用戶就可以連接到本機或者關閉iptables。