2 Replies Latest reply: Aug 7, 2012 11:17 PM by 806917 RSS

    problems w remote access of gnome desktop

      I am using RHEL 5.8.

      From my desk
      I use the physical terminal to access the gnome desktop. Works great.

      When I am remote
      I connect to the corporate network over VPN. I access RHEL as follows:
      - I use the command line over ssh as much as possible. Works great.
      - When I need a GUI over X, for example to run the Oracle dbms installer, dbca, netca, etc., I use an X Server and ssh with X11 forwarding. Works great.
      - If I need to access the gnome desktop, then I have problems.

      1) I realize that Windows vnc clients such as Ultra VNC are unsafe, so I prefer not to use Windows vnc clients. Do any secure Windows vnc clients exist? Do any alternative vnc-like protocols exist that provide the same type of functionality but with appropriate security?
      2) When I use a vnc client over vpn, the vnc client can connect sometimes, and other times the vnc client cannot connect. I cannot determine why. SELinux is off. Port 5900 is open. I have even shutoff the firewall. I have tried multiple clients. Still I cannot connect at certain times, despite that all other network services on RHEL are working perfectly. Any troubleshooting recommendations?
      3) I have tried running the X Server and ssh with X11 forwarding, and then launching vncviewer from the ssh terminal window. The graphics refresh VERY slowly. Often, the refresh rate is so slow that the user interface is not usable. Others on the web have reported the same experience.

      I would appreciate your thoughts and recommendations.


        • 1. Re: problems w remote access of gnome desktop
          You can tunnel VNC over ssh. For this solution you do not need to open any firewall ports beside TCP port 22 for ssh and should have no trouble with network address translation (NAT). You will need to have the X window system and vncserver installed on the remote server, but you do not need to run a X window server on your local (client) workstation.

          For instance:

          Connect to the remote server system and start the vncserver:

          ssh oracle@vm014.example.com

          *$ vncserver*

          You will require a password to access your desktops.

          xauth: creating new authority file /home/oracle/.Xauthority

          New 'vm014.example.com:1 (oracle)' desktop is vm014.example.com:1

          Creating default startup script /home/oracle/.vnc/xstartup
          Starting applications specified in /home/oracle/.vnc/xstartup
          Log file is /home/oracle/.vnc/vm014.example.com:1.log

          *$ logout*

          From your local workstation, connect to the remote server and specify that the given port on the local host is to be forwarded to the given host and port on the remote side.

          ssh -L 5901:localhost:5901 -N -f -l oracle vm014.example.com

          Open your VNC viewer on your local workstation and connect to: localhost:5901

          You can then run the Oracle installer. No need to use "xhost" authentication or set the DISPLAY variable.

          Edited by: Dude on Jun 16, 2012 10:27 PM
          • 2. Re: problems w remote access of gnome desktop
            Dude -

            Sorry for the delayed response. I had not forgotten about this, but it took me a while to circle back.

            I had to read your note a few times to understand what you were saying, but it finally sunk in. : )

            I don't have ssh installed on my local Windows machine. I use putty instead. I figured out how to do the same thing w putty, and it worked beautifully. Now my local vncviewer works again, AND I can tunnel securely over the ssh protocol.

            The steps I executed on Windows 7 for putty.
            1) put putty directory in Windows path.
            2) open DOS window
            3) plink -ssh <remote host> -l <remote user> -i <private key> -L <local port>:<remote host>:<remote port>
            4) run local vnc viewer and connect to localhost:local port.

            THANK YOU!!!