Hi ya'll,
I built a new CentOS 5.1 server for a client, housing a Lotus Notes / Domino server, and various other virtualized IBM software server guests, and soon will have to physically move that server to another distant location.
My question is that I will need secure access to those servers via X, not just the C/L terminal. What do you recommend for a good secure CentOS program which would do this. Would also want to access via a high port, but I am sure just about any program will allow this to be manually configured.
Thanks for your help and input.
Gary wrote:
Hi ya'll,
I built a new CentOS 5.1 server for a client, housing a Lotus Notes / Domino server, and various other virtualized IBM software server guests, and soon will have to physically move that server to another distant location.
My question is that I will need secure access to those servers via X, not just the C/L terminal. What do you recommend for a good secure CentOS program which would do this. Would also want to access via a high port, but I am sure just about any program will allow this to be manually configured.
Thanks for your help and input.
Gary,
You can run X apps over ssh if you use the >> -Y << option. You can also configure ssh to use a non-standard port in it's config page.
I also believe you can port (tunnel?) VNC through ssh, but I have only heard about that, so I may be off here. VNC is part of the standard CentOS distribution.
HTH,
Monty
On Wed, 18 Jun 2008 13:41:00 -0500 Monty Shinn montys@videopost.com wrote:
I also believe you can port (tunnel?) VNC through ssh, but I have only heard about that, so I may be off here.
You can indeed do that. It's very easy to set up and any number of web pages contain step-by-step instructions for how to make it work.
on 6-18-2008 12:13 PM Frank Cox spake the following:
On Wed, 18 Jun 2008 13:41:00 -0500 Monty Shinn montys@videopost.com wrote:
I also believe you can port (tunnel?) VNC through ssh, but I have only heard about that, so I may be off here.
You can indeed do that. It's very easy to set up and any number of web pages contain step-by-step instructions for how to make it work.
And with putty and XMing you can even do it from a (cough, duck) Windows machine.
Hi Scott,
On Wed, 18 Jun 2008 12:58:09 -0700 UTC (6/18/2008, 2:58 PM -0500 UTC my time), Scott Silva wrote:
You can indeed do that. It's very easy to set up and any number of web pages contain step-by-step instructions for how to make it work.
S> And with putty and XMing you can even do it from a (cough, duck) Windows machine.
yep, that's what I was thinking too....... sometimes have to use Windows depending on physically where I am.
thanks for your input
Hi Frank,
On Wed, 18 Jun 2008 13:13:12 -0600 UTC (6/18/2008, 2:13 PM -0500 UTC my time), Frank Cox wrote:
I also believe you can port (tunnel?) VNC through ssh, but I have only heard about that, so I may be off here.
F> You can indeed do that. It's very easy to set up and any number of web pages F> contain step-by-step instructions for how to make it work.
Thanks also to Nate and Monty for your input. This is probably the best way to go, as anyone can sniff the wire without it.
I see I can run this as a service also, but I can't seem to find the VNC client (for Windows) in any directory. Would I get this off of the realvnc site, or is it included in the CentOS 5.1 distro?
On Wed, 18 Jun 2008 15:02:53 -0500 Gary gv-centos@letric.net wrote:
I see I can run this as a service also, but I can't seem to find the VNC client (for Windows) in any directory. Would I get this off of the realvnc site, or is it included in the CentOS 5.1 distro?
Why would you expect to find a VNC client for Windows on a Centos distribution?
"yum install vnc" will get you the Centos client, and "yum install vnc-server" will get you the Centos vnc server, if that's what you meant to ask. You probably already have vnc-server installed if you see it in the list of available services, though.
Monty Shinn wrote:
Gary wrote:
Hi ya'll,
I built a new CentOS 5.1 server for a client, housing a Lotus Notes / Domino server, and various other virtualized IBM software server guests, and soon will have to physically move that server to another distant location.
My question is that I will need secure access to those servers via X, not just the C/L terminal. What do you recommend for a good secure CentOS program which would do this. Would also want to access via a high port, but I am sure just about any program will allow this to be manually configured.
Thanks for your help and input.
Gary,
You can run X apps over ssh if you use the >> -Y << option. You can also configure ssh to use a non-standard port in it's config page.
I also believe you can port (tunnel?) VNC through ssh, but I have only heard about that, so I may be off here. VNC is part of the standard CentOS distribution.
HTH,
Monty
Personaly, i use TightVNC and portable PuTTY (USB Key) for Winblows. It works ok. And the port forwarding thing is easy. I'm not sure if the CentOS' vncserver support compression though (performance is OK for what i do).
On the server, edit the file ~/.vnc/xstartup and uncomment the lines (as indicated in the first line comment):
# Uncomment the following two lines for normal desktop: unset SESSION_MANAGER <=== This exec /etc/X11/xinit/xinitrc <=== and This
Then start the VNC server on the server (first time, it will ask for a password which you will use when connecting with TightVNC viewer), for example:
vncserver :20 -depth 16 -geometry 1152x864 -name ServerName:MyUserName
where
:20 = the # of the terminal (i arbitrarly choose 20, you can start multiple on the same machine and choose whatever you want)
-depth 16: Color bit depth
-geometry 1152x864 = Whatever you see fit
-name = A string that will appear in the window title of the VNC client.
Then, while connected with PuTTY, connect TightVNC viewer to: "localhost:20" (without quotes).
To kill the VNC server: vncserver -kill :20
Some more infos there:
http://lists.centos.org/pipermail/centos/2006-November/072254.html
Guy Boisvert, ing. IngTegration inc.
Gary wrote:
Hi ya'll,
I built a new CentOS 5.1 server for a client, housing a Lotus Notes / Domino server, and various other virtualized IBM software server guests, and soon will have to physically move that server to another distant location.
My question is that I will need secure access to those servers via X, not just the C/L terminal. What do you recommend for a good secure CentOS program which would do this. Would also want to access via a high port, but I am sure just about any program will allow this to be manually configured.
Thanks for your help and input.
How about tunneling X11 over ssh (ssh -X). Or one of the VNC variants (I think one or more support encryption, or you could do ssh port forwarding).
If you go the SSH route make sure that X forwarding is enabled on your server(/etc/ssh/sshd_config), from what I can tell the default in CentOS 4.6 is enabled, I imagine it is enabled in 5.1 as well.
nate
Gary wrote:
My question is that I will need secure access to those servers via X, not just the C/L terminal. What do you recommend for a good secure CentOS program which would do this. Would also want to access via a high port, but I am sure just about any program will allow this to be manually configured.
I use NX and find it amazing. I downloaded the RPMs from nomachine.com because I had not found that they are built in one of the repos (testing if memory serves).
On Wed, Jun 18, 2008 at 4:28 PM, John Thomas gmane-2006-04-16@jt-socal.com wrote:
I use NX and find it amazing. I downloaded the RPMs from nomachine.com because I had not found that they are built in one of the repos (testing if memory serves).
I second that.
NX works over SSH so its connection is encrypted by default (you don't have to mess with tunnels).
Also, NX response time is hard to beat, and its graphics are better than VNC a long shot.
And you have clients for Linux, Windows and Mac OS X. The clients are really easy to set up (unlike XMing for instance).
I would suggest you give it a try.
HTH, Filipe
on 6-18-2008 9:17 PM Filipe Brandenburger spake the following:
On Wed, Jun 18, 2008 at 4:28 PM, John Thomas gmane-2006-04-16@jt-socal.com wrote:
I use NX and find it amazing. I downloaded the RPMs from nomachine.com because I had not found that they are built in one of the repos (testing if memory serves).
I second that.
NX works over SSH so its connection is encrypted by default (you don't have to mess with tunnels).
Also, NX response time is hard to beat, and its graphics are better than VNC a long shot.
And you have clients for Linux, Windows and Mac OS X. The clients are really easy to set up (unlike XMing for instance).
Xming was pretty easy to set-up. Run the windows installer, set putty sessions to forward X, and it just worked. But NX is a better option, but not necessarily an easier one. What I like about XMing and putty is just getting the remote window I am running, and not a whole scaled desktop. And I was already using putty on a daily basis, so it was the least complicated for me.
John Thomas wrote:
Gary wrote:
My question is that I will need secure access to those servers via X, not just the C/L terminal. What do you recommend for a good secure CentOS program which would do this. Would also want to access via a high port, but I am sure just about any program will allow this to be manually configured.
I use NX and find it amazing. I downloaded the RPMs from nomachine.com because I had not found that they are built in one of the repos (testing if memory serves).
I second the recommendation for NX, especially if you want a full desktop.
There is a better version of NX in the upcoming 5.2 release in the extras repo.
The major difference between nx/freenx and vnc is that NX is compressed, so the desktop is pretty much like running it on the machine, where vnc (and normal X forwarding via ssh) are much slower. I use a remote NX desktop all the time, and it really is just like being on the machine.
On Thu, Jun 19, 2008 at 03:52:27AM -0500, Johnny Hughes wrote:
John Thomas wrote:
Gary wrote:
My question is that I will need secure access to those servers via X, not just the C/L terminal. What do you recommend for a good secure CentOS program which would do this. Would also want to access via a high port, but I am sure just about any program will allow this to be manually configured.
I use NX and find it amazing. I downloaded the RPMs from nomachine.com because I had not found that they are built in one of the repos (testing if memory serves).
I second the recommendation for NX, especially if you want a full desktop.
There is a better version of NX in the upcoming 5.2 release in the extras repo.
The major difference between nx/freenx and vnc is that NX is compressed, so the desktop is pretty much like running it on the machine, where vnc (and normal X forwarding via ssh) are much slower. I use a remote NX desktop all the time, and it really is just like being on the machine.
Yeah in all the tests i've done personally i've found FreeNX to be a bit faster.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi Johnny and crew,
On Thu, 19 Jun 2008 03:52:27 -0500 UTC (6/19/2008, 3:52 AM -0500 UTC my time), Johnny Hughes wrote:
I use NX and find it amazing. I downloaded the RPMs from nomachine.com because I had not found that they are built in one of the repos (testing if memory serves).
J> I second the recommendation for NX, especially if you want a full desktop.
J> There is a better version of NX in the upcoming 5.2 release in the J> extras repo.
J> The major difference between nx/freenx and vnc is that NX is compressed, J> so the desktop is pretty much like running it on the machine, where vnc J> (and normal X forwarding via ssh) are much slower. I use a remote NX J> desktop all the time, and it really is just like being on the machine.
Cool stuff. Thanks guys for all your input. I appreciate it.
-
Filipe Brandenburger -
Frank Cox -
Gary -
Guy Boisvert -
John Thomas -
Johnny Hughes -
Monty Shinn -
nate -
Ryan Lewon -
Scott Silva