Fedora 14+ and KDE4 over VNC

April 25, 2011 Cody KDE4

It appears that in Fedora 14 on-ward that the package ‘system-config-display’ has been removed and is no longer packaged. Many of the guides that deal with Fedora VNC point people to this package and tell them to run the following command ‘system-config-display -noui’ to generate an Xorg.conf file. I am going to show you how to install Tiger-VNC server on a Fedora14 box that will load when X starts up. This means that when you connect via VNC you will be presented with your login manager such as ‘gdm’ or ‘kdm’.

I chose to use VNC with the KDE4 desktop as a test, when KDE4 was originally released there were issues with VNC support and graphics. I had alot of graphical corruption that made the experience awful. I wanted to follow up on this experience and see if KDE4 could now once again be used with VNC.

This guide will assume you are currently using a base Fedora system with no current gui. So first up lets install our needed packages.

*Yum TIP of the Day*

Maybe you are new to YUM or you just have never used its package group options.

To list all installed and available package groups you can run the following command.

yum grouplist

Let me quickly show you how to list what packages are included in a package group.

yum groupinfo 'X Window System' <-- Pay attention to the quotes could the package name. ———————

Installing ‘X Window System’ and TigerVNC

Now we will install our packages in two steps. The first step will install the default Fedora ‘X Window System’ package group and the second step will install our VNC packages.

yum -y groupinstall 'X Window System'

yum -y install tigervnc-server* xorg-x11-drv-* xorg-x11-fonts-*

Configuring Xorg and TigerVNC-Server

1. Generate a default Xorg.conf file which will output to the users home directory as “xorg.conf.new”

Xorg -configure

2. Move the xorg.conf.new file from the users home directory to the system location.

mv /root/xorg.conf.new /etc/X11/xorg.conf

3. Edit the file /etc/X11/xorg.conf and add the following lines to the relevant sections.

nano /etc/X11/xorg.conf

Insert the following lines, you should be able to tell the layout from the file:
Inside –> Section ‘Module’
Load “vnc”

Inside –> Section ‘Screen’
Option “SecurityTypes” “VncAuth”
Option “UserPasswdVerifier” “VncAuth”
Option “PasswordFile” “/root/.vnc/passwd”

Save the file and exit.

4. Generate your VNC password – This password will be used when you attempt to establish a VNC connection to TigerVNC-server.

Then enter your password when prompted

Installing your X Windows Desktop

In Fedora you can easily install any major desktop environment via the Yum Package Group. I will quickly list the commands to install KDE4 or Gnome2.

yum -y groupinstall 'KDE Software Compilation'

yum -y groupinstall 'GNOME Desktop Environment'

Restart you box or launch X and your login manager of choice to continue on. We need X to load the VNC module to make the magic happen.

Testing your VNC connection

The default TigerVNC port is port 5900 and I do not suggest exposing this port openly to the internet. What I suggest is at the very least a SSH Tunnel or VPN connection that will ensure the VNC data is encrypted. The 8 character limit password can also be bruteforce attacked which is another reason not to openly expose your VNC port. Imagine if a user is left logged into their desktop and VNC is compromised, now the attacker has access to the desktop without a second login password and if that user left a root terminal session open then the attacker has gained full access to the system. I highly recommend disabling an auto-login and DO NOT ALLOW root logins. Also force a password prompt after a few minutes of inactivity to protect the user if they walk away with a VNC connection open.

If a VPN or SSH tunnel is out of the picture, then at the very least restrict your firewall to only allow your ip to connect to port 5900 like my example. To test out your VNC setup via an exposed public port, run the following command to open port 5900 in the iptables firewall. Replace the ‘ip.ip.ip.ip’ with the real ip of the machine you are connecting from. You can always log in via SSH and update the rule with your current ip if it changes since you will only need to do this when it requires VNC access.

iptables -A INPUT -s ip.ip.ip.ip/32 -m state --state NEW -m tcp -p tcp --dport 5900 -j ACCEPT

To connect to the remote computer you will need a client called a VNC Viewer. Install one then point it at you IP and login to your desktop and start working.
Image of KDE4 over VNC

Grab a copy of your favorite VNC viewer or head over to http://tigervnc.org/

Use the provided VNC viewer with KDE4(Krdc)/Gnome2 or you can install the tigervnc package and use the TigerVNC Viwer.

yum install tigervnc

To enable copy and paste between the remote computer and the VNC viewer client will require ‘vncconfig’ to be running on the remote computers desktop.
You can launch vnconfig with the following from a terminal. This command will start the application ‘vncconfig’ in the background due to the ‘&’ at the end of the statement if you are using bash.

vncconfig &

Just leave vncconfig open and running when you need Copy & Paste features.

Hope you enjoyed this Post! If you found this useful please consider donating a few Bitcoins (BTC).

You can send your donations to the following BitCoin address: 1oRHAuF9m2BEfjq8t2zfkX9Ab6CMthW72

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by WordPress. Designed by elogi.