[TriLUG] VNC questions -- check /etc/host.allow

H Brett Bolen wingedlizard at nc.rr.com
Fri Jan 11 18:30:13 EST 2002


I have this working on mandrake 8.1.  initally it failed
for me also.

I ran `tail -v /var/log/messages` on the vncserver box and
attempted to connect to the port ( `vncviewer it:50` or even
`telnet it 5950` ).  I noticed that the log said there was a
libwrap error on vnc.

I went into /etc/hosts.allow and made a quick hack:  I added
ALL:ALL to the file ( it was the only line in the file), and
it started working.

If your box is exposed to the internet this is *Not A Good Idea*,
but you can modify the /etc/hosts.allow file for your network.

Sometimes it is easier to debug tcp connections using
`telnet ip port` than using the real application.  Telenet will
attempt a tcp connection to the ip given on the given port.

If telnet connection is established, and the client doesn't
connect, then you know someting is up with the client.

b\375

Janyne Kizer wrote:

> Unfortunately I'm still not having much luck with this. 
> 
> I added the following to /etc/services
> 
> vnc-640x480x8   5950/tcp                        # vnc server IP
> vnc-800x600x8   5951/tcp                        # vnc server IP
> vnc-800x600x16  5952/tcp                        # vnc server
> IP                
> 
> And then I added this to /etc/xinetd.d/vnc-640x480x8 (similar files also
> for vnc-800x600x8 and vnc-800x600x16)
> 
> # default: off
> # description: The vnc server allows connection via the vnc protocol
> #
> #       server                  = /usr/bin/Xvnc
> 
> service ftp
> {
>         disable                 = no
>         socket_type             = stream
>         protocol                = tcp
>         wait                    = no
>         user                    = nobody
>         server                  = /usr/bin/Xvnc
>         server_args             = -inetd -broadcast -once -geometry
> 640x480 -depth 8
>         log_on_success          += USERID
>         log_on_failure          += USERID
> }
>                                    
> When I reboot the server, though, still no VNC. 
> 
> Then I decided not to use the "user = nobody" and changed it to
> "user=root" (I have had some problems with tftp running as nobody and I
> need to fix that too).  Anyway, when I rebooted after this change, still
> no VNC.  Any additional pointers would be appreciated.
> 
> John Beimler wrote:
> 
>>On Tue, 2002-01-08 at 15:57, Janyne Kizer wrote:
>>
>>>I have been messing with VNC and I like it a lot but I have run into a
>>>few configuration issues.  The first one is that I would like to run it
>>>as a service/have it start automatically.  I'm pretty new to Linux
>>>(Novell background actually) and I've had some problems getting this
>>>going.  I created
>>>a symbolic link from /etc/init.d/vncserver to /etc/rc3.d and called it
>>>S99vncserver.  I thought that starting it last would be "safe" but I was
>>>wrong.  When I restarted the server with this link in place, I could not
>>>log in at the console when XDM started.  When I removed the link, I
>>>could log in just fine.  In both cases, I could login fine when (via
>>>XDMCP) from the diskless xterm that I am testing with.  I guess I missed
>>>another step in there.
>>>
>>I don't run it as a service, but I do run it from inetd on one of my
>>servers like so:
>>
>>n /etc/services I added:
>>
>>vnc-640x480x8   5950/tcp
>>vnc-800x600x8   5951/tcp
>>vnc-800x600x16  5952/tcp
>>
>>in inetd.conf I have:
>>
>>#:VNC:
>>
>>vnc-640x480x8   stream tcp nowait nobody /usr/X11R6/bin/Xvnc Xvnc -inetd
>>-broadcast -once -geometry 640x480 -depth 8
>>vnc-800x600x8   stream tcp nowait nobody /usr/X11R6/bin/Xvnc Xvnc -inetd
>>-broadcast -once -geometry 800x600 -depth 8
>>vnc-800x600x16  stream tcp nowait nobody /usr/X11R6/bin/Xvnc Xvnc -inetd
>>-broadcast -once -geometry 800x600 -depth 16
>>
>>You also have to set up your login manager to use xdmcp, with gdm all
>>you have to do is set Enable=true in the [xdmcp] section
>>(/etc/gdm/gdm.conf)
>>
>>it doesn't work thru a firewall but anyone internally can connect to the
>>host on :50,:51,:52 from vncviewer and get a new session. Pretty quick
>>and easy once you set it up.
>>
>>Peace.
>>
>>john
>>
>>--
>>John Beimler
>>john at radiomind.com
>>919-465-9707
>>
>>_______________________________________________
>>TriLUG mailing list
>>http://www.trilug.org/mailman/listinfo/trilug
>>
> 






More information about the TriLUG mailing list