[CentOS] Making VNC run on port 8080 on Centos 3.4

Randy Zagar jrzagar at cactus.org
Sat Mar 3 18:21:11 UTC 2007

This is part of my documentation for VNC under RHEL-4.  All of the
configuration file changes below were originally formatted as "diff
-u" patches.  Email may have mangled them, so beware.

I assume standard gnome desktop packages have been installed, if you
want another desktop manager you'll have to figure out how to configure
that yourself.

I frequently use

    vncviewer -via secure.vnc.host localhost:50

to tunnel VNC over an SSH session

Here's the text:

=Managing VNC Sessions With Xinetd=

There is an old protocol for managing remote displays on X-Terminals
called XDMCP (X11 Display Manager Control Protocol).  Never heard of
an X-Terminal? Well, that's no surprise...  X-Terminals are sooo 20-th
century...  Everybody calls them Thin Clients now.  Fortunately, old
protocols never die and every once in a while we get to recycle them.

What we are going to do is configure a VNC service that's controlled
by XInetd.  That way, a VNC server process only gets started when
somebody asks for one...  And since we're enabling XDMCP support for
the Gnome Display Manager (GDM), each VNC client connection will get a
graphical gdm login screen.  It doesn't result in a persistent
session, but it's much easier to configure and maintain.

==Linux Configuration Files==

 --- /etc/X11/xdm/xdm-config    2006/02/14 04:33:24     1.1
 +++ /etc/X11/xdm/xdm-config    2006/02/14 04:33:58
 @@ -29,4 +29,4 @@

  ! SECURITY: do not listen for XDMCP or Chooser requests
  ! Comment out this line if you want to manage X terminals with xdm
 -DisplayManager.requestPort:   0
 +!DisplayManager.requestPort:  0


 --- /etc/X11/xdm/Xaccess       2006/02/14 04:36:27     1.1
 +++ /etc/X11/xdm/Xaccess       2006/02/14 04:36:39
 @@ -37,7 +37,7 @@
  # right hand sides can match.

 -# *                                   #any host can get a login window
 +*                                     #any host can get a login window

  # To hardwire a specific terminal to a specific host, you can


====Enabling XDMCP access for VNC clients====

 --- gdm.conf   2006/02/14 04:39:09     1.1
 +++ gdm.conf   2006/04/05 17:07:05     1.2
 @@ -207,7 +207,7 @@
  # allow local access is another alternative but not the safest.
  # Firewalling port 177 is the safest if you wish to have xdmcp on.
  # Read the manual for more notes on the security of XDMCP.
  # Honour indirect queries, we run a chooser for these, and then redirect
  # the user to the chosen host.  Otherwise we just log the user in locally.

====Supporting X11 connections over TCP====

This is normally disabled, but as long as you're on a protected
network it's convenient to run X11-based programs on remote hosts and
display them locally.  It is possible to do this over SSH, but there
is some overhead...

 --- gdm.conf   2006/04/05 17:07:05     1.2
 +++ gdm.conf   2006/04/05 17:07:52
 @@ -187,7 +187,7 @@
  # Note: Anytime we find a -query or -indirect on the command line we do
  # not add a "-nolisten tcp", as then the query just wouldn't work, so
  # this setting only affects truly local sessions.
  # By default never place cookies if we "detect" NFS.  We detect NFS
  # by detecting "root-squashing".  It seems bad practice to place
  # cookies on things that go over the network by default and thus we


 --- /etc/services      2006/02/14 04:40:03     1.1
 +++ /etc/services      2006/02/14 04:40:51
 @@ -577,4 +577,6 @@
  fido          60179/udp                       # Ifmail

  # Local services
 +vnc-1280x1024 5950/tcp                        # VNC @ 1280x1024


 service vnc-1280x1024
     protocol    = tcp
     socket_type = stream
     wait        = no
     user        = nobody
     server      = /usr/bin/Xvnc
     server_args = -inetd -query localhost -once -geometry 1280x1024
-depth 24 securitytypes=none

==Restarting The Gnome Display Manager==

The easiest way to do this is to log into a text console (Ctrl-Alt-F1), and running these commands

 init 3
 init 5
 /sbin/service xinetd stop
 /sbin/service xinetd start

More information about the CentOS mailing list