2- enable remote access

Posted on July 31, 2005 by bturnip

Previous: [1-Building the server]

The previous journal entry talked about building the server. This entry is about remote access. I want to be able to access the server I have built (Heyday) from my everyday box.

I want to be able to pull up a terminal window as well as a remote desktop from my regular Gnome session. I would also like to be able to use FTP, but I haven’t worked this out yet.

Getting a terminal window using SSH
The first method of access is getting a terminal window on Heyday over SSH. This is the easiest and the most important method. I am hard pressed to think of something that can’t be done from a SSH terminal window. To accomplish this, I chose the option to “allow incoming SSH” during the setup process. I could have also enabled it after install.
For the record, to do this in Gnome:
– starting from the Applications toolbar, navigate to System Settings -> Security Level.
– select the checkbox next to SSH in the Trusted services section of the Firewall tab.
I haven’t had the need to track down how to do this from the command line, but I will try to remember to update this section if I ever work it out.

With that done, I can currently access Heyday from my everyday machine (Electric Lash). I set up Heyday to have a static IP address, so I technically access it like this: >ssh 192.168.0.100. I have a short script written up that handles some of the details for me:


#!/bin/bash
# bturnip
# July 31, 2005
# purpose: shortcut for getting an ssh session to the Heyday server

echo attempting to get ssh connection as bturnip to heyday...
ssh -l bturnip 192.168.0.100

Getting a Remote Desktop Connection
The second method gives me a Gnome Desktop from Heyday as a window on Electric Lash. Since I have SSH access, this is really an optional step. It was part curiosity and part the desire to make sure Heyday could be operated without a monitor or keyboard. It takes a little more work, but it will give me a crutch in the areas where I only know the GUI method of doing something. I will be using the VNC software that comes bundled into the Fedora distrubution. I could have used other methods, but this one seemed like the path of least resistance.
I break the task up into four sections: 1)getting the VNC server up and running, 2)setting up permissions for the user account running on the server, 3)adjusting the firewall, and 4)making the remote connection. There are several steps here- go slowly and carefully!

1- Make sure that the VNC Server is running. It is a good idea to make sure it is running at startup.

For the record, to do this in Gnome:
– starting from the Applications toolbar, navigate to System Settings -> Server Settings -> Services
– scroll down the list of services to vncserver, highlight it and choose Start.
– to make sure the service starts on boot, select the checkbox next to the service and choose Save.

2- Allow remote machines access the desktop on the server. Note that this has to be done on a per user basis. I have set up a standard user account that logs in at boot. This is the user account whose desktop I want to be able to control from a remote computer.

– On the server machine, starting from the Applications toolbar, navigate to Preferences -> Remote Desktop
– In the Sharing section, select both checkboxes to allow other users to see and control the desktop.
– In the Security section, uncheck the box about asking for confirmation and check the box for require password.
– Make a note of what the dialog box says in regards to the command for viewing the desktop, i.e. vncviewer heyday:0.

3- Adjust the firewall to let VNC traffic in and out. It is my understanding that, in general, VNC commonly operates on ports 5800, 5801, 5900, and 5901. In my case, I tried allowing 5900. I chose this one as the command syntax reported back to me from step 2 above was my server name with a 0 after the colon. I could have chose 5800, but I chose 5900. It worked and I chose to leave the issue alone until I need to learn more about it. To enable port 5900:

– starting from the Applications toolbar, navigate to System Settings -> Security Level
– in the box next to the Other Ports section of the Firewall tab, enter 5900:tcp. Make sure that any entries in this text area are seperated by commas. I had one other port open (443, for secure http).

4- Make the remote connection. The server should be ready to go at this point.

– from the remote computer, select Applications -> Internet -> Remote Desktop Connection.
– in the box provided for the remote host, enter the server and display. This translates into vnc:/192.168.0.100:0 for me. I don’t have DNS set up as of this writing, so I have to use the IP address (set to static on Heyday’s setup) instead of hostname. The syntax is vnc:/hostname:n, where hostname is something like “heyday” or “192.168.0.100” and n is the number of the display, which in this case is 0. The display is zero because that is what the Remote Desktop setup on Heyday told me back there in step 2.
– after entering vnc:/192.168.0.100:0, choose Connect.
– Heyday is on the same LAN as my main machine, so choosing “High Quality” is a good choice. I currently consider encryption unnecessary, as the network traffic never leaves the house, so that checkbox remains blank.
– Enter the password that was chosen in Step 2, and enjoy the full benefits, privileges and honors of a remote desktop session.

Getting an FTP connection
I stongly suspect bugs are at work here. I am unable to start the ftp servers on any machine. Chalk this one up as being on the todo list.

Next: [3-Making the network friendly]

This entry was posted in linux servers. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *