远程桌面有两种,一种是通过XDMCP,另一种是通过VNC的远程桌面,两者的区别是
XDMCP登录是新开了一个session,退出登录后这个session就关闭了。
VNC是运行当前的session,退出后原session继续,比较适合在一台机器上长时间运行一个有图形界面的程序,而且需要中间通过图形登录上去查看,比如我在办公室的机器上一直运行着email的图形客户端,回家后想上去看看有什么新的email。
vnc协议缺省是TCP 5900,文本传输,没有任何保密性可言,我们可以把SSH和VNC结合起来,提高VNC的保密性。下面假定远端和本地都运行ubuntu。
远端:
首先打开vnc server,ubuntu缺省安装的是vino-server, system-> preferences -> remote desktop,钩上Allow other users to view your desktop就立刻打开了vino server,把ask for confirmation的钩去掉。如果愿意,也可以设置密码保护。
到现在,可以通过本地的xvncviwer访问远端,当然没有任何保密性。
apt-get install openssh-server,安装ssh服务器,在本地通过ssh访问远端测试是否安装成功
ssh remote-server -l user
通过防火墙,将5900端口关闭,一定要把ssh端口打开,缺省是tcp 22。
到此为至,远端已经设置完毕,通过xvncviewer已经不能访问远端了。
本地:
缺省已经安装了xvncviewer,如果没有则安装之。
打开两个窗口,
首先在第一个窗口运行
ssh -L 5900:localhost:5900 user@remote-server
如果能够登录,则在第二个窗口运行
xvncviewer localhost
[分享]用ssh加密vnc通信
-
aloha
- 帖子: 375
- 注册时间: 2006-10-11 20:41
-
eexpress
- 帖子: 58428
- 注册时间: 2005-08-14 21:55
- 来自: 长沙
-
laborer
- 帖子: 1016
- 注册时间: 2005-10-25 11:15
- 联系:
-
aloha
- 帖子: 375
- 注册时间: 2006-10-11 20:41
一定要ssh成功后,再进行vncviewer localhost. ssh -L的作用就是把某个本地端口和远端绑定并转发过去。
-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host is to be
forwarded to the given host and port on the remote side. This
works by allocating a socket to listen to port on the local side,
optionally bound to the specified bind_address. Whenever a con‐
nection is made to this port, the connection is forwarded over
the secure channel, and a connection is made to host port
hostport from the remote machine. Port forwardings can also be
specified in the configuration file. IPv6 addresses can be spec‐
ified with an alternative syntax:
[bind_address/]port/host/hostport or by enclosing the address in
square brackets. Only the superuser can forward privileged
ports. By default, the local port is bound in accordance with
the GatewayPorts setting. However, an explicit bind_address may
be used to bind the connection to a specific address. The
bind_address of “localhost” indicates that the listening port be
bound for local use only, while an empty address or ‘*’ indicates
that the port should be available from all interfaces.
-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host is to be
forwarded to the given host and port on the remote side. This
works by allocating a socket to listen to port on the local side,
optionally bound to the specified bind_address. Whenever a con‐
nection is made to this port, the connection is forwarded over
the secure channel, and a connection is made to host port
hostport from the remote machine. Port forwardings can also be
specified in the configuration file. IPv6 addresses can be spec‐
ified with an alternative syntax:
[bind_address/]port/host/hostport or by enclosing the address in
square brackets. Only the superuser can forward privileged
ports. By default, the local port is bound in accordance with
the GatewayPorts setting. However, an explicit bind_address may
be used to bind the connection to a specific address. The
bind_address of “localhost” indicates that the listening port be
bound for local use only, while an empty address or ‘*’ indicates
that the port should be available from all interfaces.
-
冲浪板
- 论坛版主
- 帖子: 7513
- 注册时间: 2007-05-06 8:19
-
xautofzx
- 帖子: 315
- 注册时间: 2005-05-11 20:14
- 来自: 西安理工大学
-
zw88168
- 帖子: 2
- 注册时间: 2007-10-16 18:44
用此法能否实现多用户远程桌面?
用此法能否实现多用户远程桌面?
-
xautofzx
- 帖子: 315
- 注册时间: 2005-05-11 20:14
- 来自: 西安理工大学
-
spiritfrog
- 帖子: 274
- 注册时间: 2007-08-04 13:04
也不是的了, vnc可以支持多用户登录,多session的。只不过你用的是ubuntu自带的,只能单session了。xautofzx 写了:不行,这只能是当前登录的桌面,要多用户就得用XDMCP
http://wiki.ubuntu.org.cn/index.php?tit ... B.E5.BD.95
通过XDMCP 远程登录