# Recommended application to vnc from Windows to gentoo box??

## cgmd

Hello... 

Just wondering what my choices are for connecting with vnc through an ssh tunnel if the host is my gentoo box and the remote is my Windows pc at work? I've looked at x-win32... But it seems to be a pricey option!   :Sad: 

Any recommendations??

Thanks...

----------

## EneNL

I don't know if TightVNC supports VNC over SSH, but it sure is free.

----------

## thecooptoo

tight vnc on the windows client.#Putty on the windows client to establsih the SSH connection

----------

## cgmd

thecooptoo wrote:

 *Quote:*   

> tight vnc on the windows client.#Putty on the windows client to establsih the SSH connection

 

Thanks for the suggestion! I have it operating, but with one concern...

I first log on to my gentoo box using putty, and I start gentoo box's x11vnc. Then, to connect with TightVNC, I find I must first open port 5900 in my router. This gives me the access I am seeking, but is this open port a potential security risk??

Thanks, again...

----------

## tuxmin

VNC sucks compared to NX.

emerge =nxserver-freenx-0.4.0 (it's masked!) on your server and create an NX user with:

```

/usr/NX/bin/nxserver --adduser user # (the user has to exist and needs a homedir)

/usr/NX/bin/nxserver --passwd user

```

Get the windows client here:

http://www.nomachine.com/download_client_windows.php

Start the client and make sure you aktivate SSL encryption.

Voila -- a complete X11 desktop tunneld through one ssh session. And that at much better

quality and performance than VNC!

Alex!!!

----------

## HomerSimpson

 *cgmd wrote:*   

> thecooptoo wrote:
> 
>  *Quote:*   tight vnc on the windows client.#Putty on the windows client to establsih the SSH connection 
> 
> Thanks for the suggestion! I have it operating, but with one concern...
> ...

 Do you have the tunneling set up correctly in putty? I do this from work to my house and the only port forwarded is the ssh port.

----------

## cgmd

HomerSimpson wrote:

 *Quote:*   

> Do you have the tunneling set up correctly in putty? I do this from work to my house and the only port forwarded is the ssh port

 

...There's a very good chance I have tunneling set up incorrectly. This is my first experience with this, and I may be doing many things wrong...   :Sad: 

How do I tell if tunneling is set up correctly? What are the steps to setting it up? 

I would appereciate any advice you-re willing to give...   :Very Happy: 

Thanks...

----------

## cgmd

tuxmin wrote:

 *Quote:*   

> VNC sucks compared to NX.
> 
> emerge =nxserver-freenx-0.4.0 (it's masked!) on your server and create an NX user with: 
> 
> Code:
> ...

 

My "server" is a free standing gentoo box... To be accessed remotely just by me. The entire setup will require the following:

```
# emerge -pv =nxserver-freenx-0.4.0

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild  N    ] net-misc/nx-x11-1.4.0-r4  33,365 kB

[ebuild  N    ] net-misc/nxproxy-1.4.0-r2  73 kB

[ebuild  N    ] dev-tcltk/expect-5.42.1-r1  +X -doc 512 kB

[ebuild  N    ] net-analyzer/gnu-netcat-0.7.1  -debug -nls 318 kB

[ebuild  N    ] net-misc/nxserver-freenx-0.4.0  -commercial 41 kB

Total size of downloads: 34,311 kB

```

Is this something I should consider for just a single user system??

Thanks...

----------

## thecooptoo

start a vncserver on your linux box you want to get to  . You will need to do this logged in as a user who has access to X

eg

 *Quote:*   

> paul@dads ~ $ vncserver
> 
> New 'X' desktop is dads:1
> 
> Starting applications specified in /home/paul/.vnc/xstartup
> ...

 

 go to work 

in putty,  connection->tunnel 

put the source  port as 5900 

the destination is 192.168.XX.XX :5901 

(the machine you want to connect to )

Connect with putty then point the windows vncclient to localhost:5900  and your linux desktop should appear .

----------

## cgmd

@thecooptoo:

I'm sorry, but I'm somewhat lost...

 *Quote:*   

> start a vncserver on your linux box you want to get to . You will need to do this logged in as a user who has access to X
> 
> eg 

 

What is the sequence? First connect from remote to host, using putty, and start a vnc server:

```
$ vncserver 

New 'X' desktop is cgmd:3

Starting applications specified in /home/cg/.vnc/xstartup

Log file is /home/cg/.vnc/cgmd:3.log
```

Then must I leave that ssh session open and start a second putty connection with tunnel settings as you suggested?

Must I open a port (5900) through the firewall of my router first? Or will this vnc connection tunnel through the port used for ssh (22)?

Sorry for these lame questions..   :Sad: 

----------

## thecooptoo

Ive not done the whole thing from the remote end before  but I think you now neeed to close this putty connection and set up a new tunnel when you re-open it 

Your new 'virtual' desktop is no 3.

To connect to it you will need a tunnel that goes from  your windowsPC:5900 to your linuxPC:5903

So in putty config it is 

local port 5900

remote port 192.168.xx.xx:5903

 in the tunnels setting , so configure  and then save that config and then click on 'open', & log into your server 

Start the windows VNC client pointing to localhost:5900 and

----------

## cgmd

@ thecooptoo:

Thank you for that explanation... I'll give it a try when I'm next at my remote, and I'll post the outcome.

I appreciate your help!   :Smile: 

----------

## tuxmin

@cgmd: If you intent to work on a regular basis I urge you to give NX a try. It's performance compared to VNC is incredible, even with a low bandwidth connection. There are NX clients for nearly any platform and no need to fiddle around with ssh port forwarding -- all done automagically.

Besides, the nx-x11 binaries and libs are only a few MB in size. The size of the source package is misleading:

```

sh-3.00# epm -ql net-misc/nx-x11-1.4.0-r4 | xargs ls -l

-rwxr-xr-x  1 root root 1904016 Nov 14 08:18 /usr/NX/bin/nxagent

-rwxr-xr-x  1 root root   32844 Nov 14 08:18 /usr/NX/bin/nxauth

-rwxr-xr-x  1 root root  162272 Nov 14 08:18 /usr/NX/bin/nxdesktop

-rwxr-xr-x  1 root root   12684 Nov 14 08:18 /usr/NX/bin/nxpasswd

-rwxr-xr-x  1 root root  127428 Nov 14 08:18 /usr/NX/bin/nxviewer

lrwxrwxrwx  1 root root      13 Nov 14 08:18 /usr/NX/lib/libX11.so -> libX11.so.6.2

lrwxrwxrwx  1 root root      13 Nov 14 08:18 /usr/NX/lib/libX11.so.6 -> libX11.so.6.2

-rw-r--r--  1 root root  882592 Nov 14 08:18 /usr/NX/lib/libX11.so.6.2

lrwxrwxrwx  1 root root      17 Nov 14 08:18 /usr/NX/lib/libXcomp.so -> libXcomp.so.1.4.0

lrwxrwxrwx  1 root root      17 Nov 14 08:18 /usr/NX/lib/libXcomp.so.1 -> libXcomp.so.1.4.0

-rw-r--r--  1 root root 1126084 Nov 14 08:18 /usr/NX/lib/libXcomp.so.1.4.0

lrwxrwxrwx  1 root root      20 Nov 14 08:18 /usr/NX/lib/libXcompext.so -> libXcompext.so.1.4.0

lrwxrwxrwx  1 root root      20 Nov 14 08:18 /usr/NX/lib/libXcompext.so.1 -> libXcompext.so.1.4.0

-rw-r--r--  1 root root   66284 Nov 14 08:18 /usr/NX/lib/libXcompext.so.1.4.0

lrwxrwxrwx  1 root root      14 Nov 14 08:18 /usr/NX/lib/libXext.so -> libXext.so.6.4

lrwxrwxrwx  1 root root      14 Nov 14 08:18 /usr/NX/lib/libXext.so.6 -> libXext.so.6.4

-rw-r--r--  1 root root   61348 Nov 14 08:18 /usr/NX/lib/libXext.so.6.4

lrwxrwxrwx  1 root root      17 Nov 14 08:18 /usr/NX/lib/libXrender.so -> libXrender.so.1.2

lrwxrwxrwx  1 root root      17 Nov 14 08:18 /usr/NX/lib/libXrender.so.1 -> libXrender.so.1.2

-rw-r--r--  1 root root   28400 Nov 14 08:18 /usr/NX/lib/libXrender.so.1.2

-rw-r--r--  1 root root    3399 Nov 14 08:18 /usr/X11R6/include/NX.h

```

Alex!!

----------

## cgmd

@tuxmin:

OK... I'd like to try it out.  Is there also a linux client available in portage for my gentoo laptop??

Also... A bit of a problem emerging the packages: 

```
127.0.0.1 /var/tmp/portage/nxserver-freenx-0.4.0/image//usr/NX/home/nx/.ssh/kno                                                       n_hostsman:

prepallstrip:

strip: i686-pc-linux-gnu-strip --strip-unneeded

strip: i686-pc-linux-gnu-strip --strip-unneeded

>>> Completed installing nxserver-freenx-0.4.0 into /var/tmp/portage/nxserver-f                                                       eenx-0.4.0/image/

--------------------------- ACCESS VIOLATION SUMMARY --------------------------

LOG FILE = "/var/log/sandbox/sandbox-net-misc_-_nxserver-freenx-0.4.0-10250.log

open_wr:   /root/.ssh2/random_seed

```

Any thoughts??

Thanks...

----------

## tuxmin

Of course there is a client: emerge -v nxclient

Unfortunately I have no idea what causes your error. You should try freenx-0.2.8 which isn't masked. I installed 0.4 on seeveral machines without any problems... Sorry for the inconvenience...

Hth, Alex!!!

----------

## cgmd

@tuxmin:

Same problem with the stable version. I'll use a new thread to try to resolve it...

Thanks...

----------

## cgmd

@tuxmin:

Having resolved the nxserver install problem, I'm now at another stumbling block with connection by my clients both on linux and windows.

Linux first... connection appears to authenticate, but then fails with:

```

Server not installed or NX remote access disabled

Detail:

NX> 203 NXSSH running with pid: 22359

NX> 285 Enabling check on switch command

NX> 285 Enabling skip of SSH config files

NX> 200 Connected to address: 69.26.133.402 on port: 22

NX> 202 Authenticating user: nx

NX> 208 Using auth method: publickey

HELLO NXSERVER - Version 1.4.0-04-CVS OS (GPL)

NX> 105 hello NXCLIENT - Version 1.4.0

NX> 134 Accepted protocol: 1.4.0

NX> 105 SET SHELL_MODE SHELL

NX> 105 SET AUTH_MODE PASSWORD

NX> 105 login

NX> 101 User: cg

NX> 102 Password: 

NX> 103 Welcome to: cgmd user: cg

NX> 105 listsession --user="cg" --status="Suspended","Running" --geometry="1024x768x24+render" --type="unix-kde"

NX> 127 Sessions list of user 'cg' for reconnect:

Display Type             Session ID                       Options  Depth Screen         Status      Session Name

 ------- ---------------- -------------------------------- -------- ----- -------------- ----------- ------------------------------

NX> 148 Server capacity: not reached for user: cg

NX> 105 startsession --session="gen2box" --type="unix-kde" --cache="8M" --images="32M" --cookie="2dc86a75c549dbfd4a3bccbd6b71e5ba" --link="adsl" --kbtype="pc102/us" --nodelay="1" --encryption="1" --backingstore="when_requested" --geometry="1023x751" --media="0" --agent_server="" --agent_user="" --agent_password=""  --screeninfo="1023x751x24+render"

Permission denied (publickey,keyboard-interactive).

NX> 105 

```

As for the windows client... Authentication appears to succeed, but I get a window entitled NX - Available sessions, and showing a list of sessions, but with no "Session Name" entries, many entries for "Type", nothing under "Geometry" or Status", and full listings under "Services" and "Display". No remote linux desktop appears, however...   :Sad: 

I'm not sure how to put this all together.   :Question: 

Perhaps a permissions issue involving keys?? I'm at a loss right now.

Any thoughts??

Thanks...

----------

## tuxmin

OK, 

Linux first  :Smile: 

You did "/usr/NX/bin/nxserver --adduser user" and ""/usr/NX/bin/nxserver --passwd user", didn't you?

And there were no error messages?

You can get a list of registered users with "/usr/NX/bin/nxserver --listuser"

/usr/NX/bin/nxserver --help 

gives you a list of command line options. Check for orphanded sessions that have to be removed manually.

Hth, Alex!!!

----------

## cgmd

Yes, user setup seemed ok: 

```
~ # /usr/NX/bin/nxserver --listuser

NX> 100 NXSERVER - Version 1.4.0-04-CVS OS (GPL)

NX> 146 NX users list

Username

---------------

cg

NX> 999 Bye

```

Just terminated a bunch of orphaned sessions... but still get same connection error.

----------

## tuxmin

OK, check this:

The content of /usr/NX/etc/users.id_dsa.pub and /home/cg/.ssh/authorized_key2

should be the same (or at least contained).

If this does not help I recommend opening a new thread about this. I'm running out of ideas  :Sad: 

Regards, Alex!!!

----------

## cgmd

@Alex...

You wrote:  *Quote:*   

> The content of /usr/NX/etc/users.id_dsa.pub and /home/cg/.ssh/authorized_key2
> 
> should be the same (or at least contained).
> 
> 

 

You may be on to something... These 2 keys are very different!

I find the use of keys to be very confusing. What should I do to straighten it out??

Thanks...

----------

## cgmd

Alex...

Thank you for your patience.

Success!! 

After regenerating all keys, I'm able to open and use the host desktop in my remote linux laptop!! It certainly looks to be worth the effort!   :Very Happy: 

Windows pc still not connecting...   :Confused: 

Thanks, again...

----------

## tuxmin

Nice, nice  :Smile: 

I'll try to give you some help on the Windows client tomorrow. Right now I'm too challenged by my offsprings  :Smile: 

cu

Alex!!!

----------

## cgmd

@Alex...

 *Quote:*   

> Right now I'm too challenged by my offsprings 

 

NP... The children are much more important!!   :Wink: 

I do, however, have an additional success to report... Finally, I have the windows client working too! I guess that problem was also related to an error in the setup of keys, because new keys seemed to fix things.

So far, I'm quite impressed with the NX performance! Great suggestion!

One further question, though... Best way to quit the connection without leaving an orphaned session? My guess is: 

```
$ nxserver --terminate cg
```

Do you have a better suggestion??

Thanks, once more, for getting me going with this!   :Very Happy: 

----------

## tuxmin

Good news!

Depending on which WM you use the normal logout shouldn't leave any sessions behind.

Another way ist pressing ALT-F4. You should get a popup wich gives you to choice to either suspend or terminate your session.

Hth, Alex!!!

----------

## HomerSimpson

I have a question about NX. When you generate the keys it creates a file called authorized_keys2 (if you already have the authorized_keys file?). I assume the NX server knows to look at this file. On the client side do I need to import the public key?

When I try it, the client says the server is not even running. According to NXserver it is running as well as checking with ps aux | grep NX.

Thanks

----------

## cgmd

HomerSimpson wrote: *Quote:*   

> 
> 
> I have a question about NX. When you generate the keys it creates a file called authorized_keys2 (if you already have the authorized_keys file?). I assume the NX server knows to look at this file. On the client side do I need to import the public key?
> 
> 

 

I finally resolved my key problem following, exactly, this HOWTO.

The client needs client.id_dsa.key, as stated by m27315 in the referenced HOWTO...  :Smile: 

Hope that helps!

----------

