On 01/28/2016 11:10 AM, Jonathan Billings wrote:
On Thu, Jan 28, 2016 at 10:30:03AM -0500, ken wrote:
When someone is sitting at their linux machine which is running
gnome, and if that machine is running at 'init 5', and if they
aren't yet logged in, they'll have something on their screen called
the Greeter. If they successfully log in they'll have displayed on
their monitor a 'gnome desktop'. If they've logged in before,
normally gnome (or more properly 'gdm') will display those apps
which were open that last time (at the time they logged out from
gnome). By 'remote display' I mean that all of that, beginning
with the Greeter, can be seen and used, it functions, not on the
machine which one is sitting at, at that moment called the local
machine, but another machine, a remote machine.
just add an [xdmcp] section to /etc/gdm/custom.conf.
And that would be what exactly and on which machine?
However, the real question is how do you want to have clients
contact gdm via XDMCP? X11 isn't a secure protocol, so just running
'X -query remotehost' isn't really the best idea. You'd have to open
up the port on the server in the firewall too.
Let's recall from my original post:
two CentOS boxes, one headless running v.5.9 and the other a new
laptop running v.7.2. Since the one machine is headless, it should
be obvious which is to display the desktop of the other.
and use the terms "headless machine" and "laptop". It is a little
counter-intuitive which of the two machines is the client and which is
the server and many people mix it up, a critical mix-up when doing
configurations and running commands. I'd go with (and am accustomed to
following) the traditional X/XDMCP model, but would prefer not to
explain (or argue)it to everyone who might participate in this thread,
so let's talk (unambiguously) in terms of the "headless machine" and the
"laptop".
I wouldn't suggest using this. It'd probably be better to use VNC
and forward all traffic over SSH.
Both of these machines are on a private network-- it's just two hops
from one to the other--, they're both in the same room and no physical
intrusion is feasible, connected only by cable, and both are behind
firewalls. Encryption, then, isn't necessary.
My experience with remote displays in the past is that they are quite
sluggish in response. Encryption would add to overhead, making
responsiveness even worse. So, in that it's also unnecessary, I'd also
prefer not to use it.
A sloppy or inaccurate configuration (which I'm sure we've all seen
enough of) is a security risk as well, one which passwords don't always
fix. Simplicity mitigates against that. For this reason, again, I'd
prefer not to complicate things with an encryption system.
If it's the only way you know how to do it, and if no one else here
knows either, then I'd consider it. But it would be better without it.
Which port are you saying should be opened up?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
