> > On 2/27/2014 15:37, Patrick Dupre wrote: > > OK, I restarted it: > > If you look below, I have removed all the chains that didn't reference > SSH. Notice that the VNC ports you were trying to access are not listed > in these chains. That's why you aren't getting access to them remotely. > > Now that we have solved that part of the problem, it's worth restating > that encrypting your VNC sessions is a really good idea I would strongly > recommend. Tunneling via SSH is an option and so is creating a VPN > tunnel between the server and your remote system. But then what? It appears that every time I have to change the owner of /run/user/1000/user! I need to do something for that. and this is the log file: Xvnc TigerVNC 1.2.80 - built Mar 14 2013 18:53:14 Copyright (C) 1999-2011 TigerVNC Team and many others (see README.txt) See http://www.tigervnc.org for information on TigerVNC. Underlying X server release 11303000, The X.Org Foundation Initializing built-in extension Generic Event Extension Initializing built-in extension SHAPE Initializing built-in extension MIT-SHM Initializing built-in extension XInputExtension Initializing built-in extension XTEST Initializing built-in extension BIG-REQUESTS Initializing built-in extension SYNC Initializing built-in extension XKEYBOARD Initializing built-in extension XC-MISC Initializing built-in extension XFIXES Initializing built-in extension RENDER Initializing built-in extension RANDR Initializing built-in extension COMPOSITE Initializing built-in extension DAMAGE Initializing built-in extension MIT-SCREEN-SAVER Initializing built-in extension DOUBLE-BUFFER Initializing built-in extension RECORD Initializing built-in extension DPMS Initializing built-in extension X-Resource Initializing built-in extension XVideo Initializing built-in extension XVideo-MotionCompensation Initializing built-in extension VNC-EXTENSION Initializing built-in extension GLX Thu Feb 27 22:45:21 2014 vncext: VNC extension running! vncext: Listening for VNC connections on all interface(s), port 5901 vncext: created VNC server for screen 0 GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1 GNOME_KEYRING_PID=849 GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1 GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1 SSH_AUTH_SOCK=/run/user/1000/keyring-6F9GPG/ssh GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1 SSH_AUTH_SOCK=/run/user/1000/keyring-6F9GPG/ssh (gnome-settings-daemon:835): power-plugin-WARNING **: Failed set DPMS mode: Display is not DPMS capable Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading configurations from ~/.fonts.conf is deprecated. gnome-session[589]: WARNING: Application 'gnome-settings-daemon.desktop' failed to register before timeout Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading configurations from ~/.fonts.conf is deprecated. gnome-session[589]: WARNING: Application 'pulseaudio.desktop' failed to register before timeout (gnome-settings-daemon:835): power-plugin-WARNING **: Unable to inhibit lid switch: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Operation not permitted (gnome-settings-daemon:835): media-keys-plugin-WARNING **: Unable to inhibit keypresses: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Operation not permitted (gnome-settings-daemon:835): color-plugin-WARNING **: failed to get edid: unable to get EDID for output (gnome-settings-daemon:835): color-plugin-WARNING **: failed to create device: failed to obtain org.freedesktop.color-manager.create-device auth (gnome-settings-daemon:835): color-plugin-WARNING **: failed to obtain org.freedesktop.color-manager.create-profile auth The XKEYBOARD keymap compiler (xkbcomp) reports: > Warning: Type "ONE_LEVEL" has 1 levels, but <RALT> has 2 symbols > Ignoring extra symbols Errors from xkbcomp are not fatal to the X server The XKEYBOARD keymap compiler (xkbcomp) reports: > Warning: Compat map for group 2 redefined > Using new definition > Warning: Compat map for group 3 redefined > Using new definition > Warning: Compat map for group 4 redefined > Using new definition Errors from xkbcomp are not fatal to the X server Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: Failed to play sound: File or data not found Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading configurations from ~/.fonts.conf is deprecated. reading configurations from ~/.fonts.conf is deprecated. ** Message: applet now removed from the notification area (gnome-shell:968): Bluetooth-WARNING **: Could not open RFKILL control device, please verify your installation Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading configurations from ~/.fonts.conf is deprecated. > > Chain IN_dmz_allow (1 references) > > target prot opt source destination > > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW > > > > Chain IN_external_allow (1 references) > > target prot opt source destination > > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW > > > > Chain IN_home_allow (1 references) > > target prot opt source destination > > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW > > ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm ctstate NEW > > > > Chain IN_internal_allow (1 references) > > target prot opt source destination > > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW > > ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm ctstate NEW > > > > Chain IN_public_allow (1 references) > > target prot opt source destination > > ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW > > ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW > > ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW > > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW > > > > Chain IN_work_allow (1 references) > > target prot opt source destination > > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW > > ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW > > ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW > > Tom > -- > users mailing list > users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org =========================================================================== Patrick DUPRÉ | | email: pdupre@xxxxxxx Laboratoire de Physico-Chimie de l'Atmosphère | | Université du Littoral-Côte d'Opale | | Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44 189A, avenue Maurice Schumann | | 59140 Dunkerque, France =========================================================================== -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org