1>Install VNC and VNC Server
2>=======
logon as root
[root@mylinux ~]# vncpasswd
Password:
Verify:
[root@mylinux ~]# useradd tiger
[root@mylinux ~]# useradd lion
[root@mylinux ~]#passwd tiger
[root@mylinux ~]#passwd lion
=============
logon as tiger
[tiger@mylinux ~]$ vncpasswd
Password:
Verify:
[tiger@mylinux ~]$
===
logon as lion
[lion@mylinux ~]$ vncpasswd
Password:
Verify:
[lion@mylinux ~]$
=====
3>define the VNC server instances in /etc/sysconfig/vncservers. These will be started by the vncserver initscript.
For multiple vnc instances /etc/sysconfig/vncservers:
VNCSERVERS="1:tiger 2:lion 3:root"
VNCSERVERARGS[1]="-geometry 800x600 -depth 16"
VNCSERVERARGS[2]="-geometry 800×600 -depth 8"
VNCSERVERARGS[3]="-geometry 1024×768 -depth 16"
These would listen on ports 5901, 5902, 5903 respectively.
The above defines a vnc server instance started as user root on display 3 and resolution and color depth. Each VNC server instance listens on port 5900 plus the display number on which the server runs. The root user VNC server instance would listen on port 5903.
chkconfig vncserver onservice vncserver start
===
open ports for vncviewer
Modify the iptables chain: RH-Firewall-1-INPUT
[root@mylinux ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT 0 -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (1 references)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
So you should modify the chain RH-Firewall-1-INPUT.
[root@mylinux ~]# iptables -I RH-Firewall-1-INPUT -p tcp --dport 5900:5904 -j ACCEPT
The -I option means INSERT. Because there is no rulenumber specified, it is inserted at the top of the chain.
[root@mylinux ~]#iptables -L
Chain RH-Firewall-1-INPUT (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpts:5900:5904
ACCEPT 0 -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
If you want to delete the rule, you type:
[root@mylinux ~]# iptables -D RH-Firewall-1-INPUT -p tcp --dport 5900:5904 -j ACCEPT
[root@mylinux ~]#iptables-save
===
At Windows 2003 server:
download and install the VNC viewer from http://www.realvnc.com/
you can connect to the vnc terminal.
