Aaron Bliss wrote:
Hi everyone,
I have a user who would like to connect to x windows on one of our linux
servers. I'm not use to offering up x windows to any end users (I'm a
command line guy) so I'm struggling with this a bit. I've installed x
font server, daemon is running, and I installed xfce. Server is running
at run level 5 right now. I'm not sure what ports I need to open on the
firewall to allow them to connect to the server or what other config
files that might be preventing them from displaying an x session on
their desktop (they have a windows x server running on their machines).
I know that x windows sessions are insecure, so I would also be in favor
of forwarding the session over ssh, but I would like to know how to
connect with and without ssh to the xfs server. Thanks for your help.
Aaron
You will want to make sure you have a display manager running, this
takes care of the actual X environment, the process is called (off the
top of my head) gdm.
xfs is the font server, this allows a local server/remote server to
display the correct fonts, you will need to make sure this is publically
accessable, netstat -anp | grep xfs should give you the port you will
need to open up, and the X server will need to support a remote font
server. The downside to no support here is that things will look really
screwed up on the X Server when running applications that require fonts
that the X Server doesn't know about. (generally it will revert to a
generic font with interesting results)
The X server will then need to make a direct XDMCP query to the server,
this should be in the options somewhere in the X server and will depend
on the server being used. You will know if this works as you should be
presented with a GUI login screen. Again, no idea what port this works
on, doing a netstat -anp | grep gdm should give this to you.
Once a session has been established, connections from the xclients to
the X server will need to be allowed, these happen as pointed out
earlier on port 6000 (and possibly higher in some circumstances - but I
forget what these are)
If there is just a single X application that the user wants to use. then
get them to run the X server locally accepting all connections from
localhost, then using ssh (putty is good) turn on X forwarding in the
client, make sure that 'X11Forwarding' is set to 'Yes' in the
/etc/ssh/sshd_config file (you will need to restart sshd for this to
take effect) and then ssh to the box. The ssh server will automagically
setup your environment and the user can just run X apps and it will work
[tm], as an example, try typing 'xterm' in the ssh window, and you
should find an xterm appears.
Note as well, that these days, X is not really ment to run across a
network with the full desktop/gnome/KDE/bells and whistles like window
animations and stuff enabled, if you want this stuff - then sometimes
you CAN get it, but its a pain and you will probably end up having to
put an any/any allow rule in your firewall to cater for the random ports
things will open up (sound daemons etc etc) or expect random brokeness.
HTH,
--
Steve.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
