前言
想在win10中使用服务器的桌面. 想起以前的服务器,自己用vnc连过。这次也装个vnc试试。
实验
apt search vnc
...
vnc4server/stable 4.1.1+X4.3.0+t-1 amd64
transitional package
...
在debian9中,vncserver叫 vnc4server
apt-get install vnc4server
安装完后,看到叫vnc的程序有3个
root@debian9:/home/lostspeed# vnc
vncconfig vncpasswd vncserver
设置vcn连接口令
vncpasswd
运行vnc服务
root@debian9:/home/lostspeed# vncserver
Warning: debian9:1 is taken because of /tmp/.X11-unix/X1
Remove this file if there is no X server debian9:1
New 'debian9:2 (root)' desktop at :2 on machine debian9
Starting applications specified in /etc/X11/Xvnc-session
Log file is /root/.vnc/debian9:2.log
Use xtigervncviewer -SecurityTypes VncAuth -passwd /root/.vnc/passwd :2 to connect to the VNC server.
用VNC-5.2.1-Windows的客户端去链debian9.6不好使
realvn客户端也不好使
停掉vncserver服务,白忙活了...
vncserver -list
vncserver -kill :2
查资料,有人用tightvnc好使。
apt-get install tightvncserver
root@debian9:/home/lostspeed# tightvnc
tightvncconnect tightvncpasswd tightvncserver
root@debian9:/home/lostspeed# tightvncserver
Warning: debian9:1 is taken because of /tmp/.X11-unix/X1
Remove this file if there is no X server debian9:1
New 'X' desktop is debian9:2
Starting applications specified in /etc/X11/Xvnc-session
Log file is /root/.vnc/debian9:2.log
没看见tightvncserver在进程列表中驻留…
ps aux | grep vnc
重启计算机,再试试vncserver
root@debian9:~# vncserver
New 'debian9:1 (root)' desktop at :1 on machine debian9
Starting applications specified in /etc/X11/Xvnc-session
Log file is /root/.vnc/debian9:1.log
Use xtigervncviewer -SecurityTypes VncAuth -passwd /root/.vnc/passwd :1 to connect to the VNC server.
看日志vncserver已经起来了
root@debian9:~# tail -100f /root/.vnc/debian9:1.log
Xvnc TigerVNC 1.7.0 - built Apr 9 2017 14:38:13
Copyright (C) 1999-2016 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 11903000, The X.Org Foundation
Sun Dec 16 21:46:06 2018
vncext: VNC extension running!
vncext: Listening for VNC connections on local interface(s), port 5901
vncext: created VNC server for screen 0
mesg: ttyname failed: 对设备不适当的 ioctl 操作
看5901端口是否在监听
root@debian9:~# lsof -i:5901
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
Xtigervnc 2207 root 7u IPv4 16285 0t0 TCP localhost:5901 (LISTEN)
Xtigervnc 2207 root 8u IPv6 16286 0t0 TCP localhost:5901 (LISTEN)
vnc的进程也在
root@debian9:~# ps aux | grep vnc
root 2207 0.0 0.5 278044 46840 pts/1 Sl 21:46 0:00 /usr/bin/Xtigervnc :1 -desktop debian9:1 (root) -auth /root/.Xauthority -geometry 1900x1200 -depth 24 -rfbwait 30000 -rfbauth /root/.vnc/passwd -rfbport 5901 -pn -localhost -SecurityTypes VncAuth
root 2214 0.0 0.1 40568 8800 pts/1 S 21:46 0:00 /usr/bin/perl /usr/bin/vncserver
root 2215 0.0 0.0 4288 704 pts/1 S 21:46 0:00 /bin/sh /etc/X11/Xvnc-session
root 2216 0.0 0.0 76876 6324 pts/1 S 21:46 0:00 vncconfig -iconic
root 2887 0.0 0.0 6084 724 pts/1 S+ 21:47 0:00 tail -100f /root/.vnc/debian9:1.log
root 2896 0.0 0.0 12992 968 pts/0 S+ 21:50 0:00 grep vnc
放开5901端口
iptables -I INPUT -p tcp --dport 5901 -j ACCEPT
查看iptables策略列表
root@debian9:~# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:5901
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
删掉配置文件
cd /root/.vnc
rm -f ./*
看资料中反复强调,要用sudo 操作,切换到普通用户
apt-get install sudo
visudo (将普通用户lostspeed加入/etc/sudoers)
root@debian9:~# cat /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
lostspeed ALL=(ALL) NOPASSWD:ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
su - lostspeed
sudo apt install tigervnc-standalone-server tigervnc-common
已经装上了,啥也没干。
lostspeed@debian9:~$ vncserver -list
TigerVNC server sessions:
X DISPLAY # PROCESS ID
lostspeed@debian9:~$ vncserver
You will require a password to access your desktops.
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
New 'debian9:1 (lostspeed)' desktop at :1 on machine debian9
Starting applications specified in /etc/X11/Xvnc-session
Log file is /home/lostspeed/.vnc/debian9:1.log
Use xtigervncviewer -SecurityTypes VncAuth -passwd /home/lostspeed/.vnc/passwd :1 to connect to the VNC server.
lostspeed@debian9:~$ vncserver -list
TigerVNC server sessions:
X DISPLAY # PROCESS ID
:1 4345
lostspeed@debian9:~$ tail -100f /home/lostspeed/.vnc/debian9:1.log
Xvnc TigerVNC 1.7.0 - built Apr 9 2017 14:38:13
Copyright (C) 1999-2016 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 11903000, The X.Org Foundation
Sun Dec 16 22:33:02 2018
vncext: VNC extension running!
vncext: Listening for VNC connections on local interface(s), port 5901
vncext: created VNC server for screen 0
好像以非root用户启动vnc,启动的很正常。
最后,用客户端连接192.168.2.222:5901,还是没连上.
换了好几个vnc客户端.
客户机这边,已经将防火墙都关了。无力了。
最后服务器装了xrdp,在win10这边用mstsc, 连上,选xvnc连上了…
切到非root用户
sudo apt install -y xrdp tigervnc-standalone-server
sudo systemctl restart xrdp
lostspeed@debian9:/etc/xrdp$ netstat -a | grep rdp
unix 2 [ ACC ] STREAM LISTENING 50615 /var/run/xrdp/sockdir/xrdp_chansrv_audio_out_socket_10
unix 2 [ ACC ] STREAM LISTENING 50617 /var/run/xrdp/sockdir/xrdp_chansrv_audio_in_socket_10
unix 2 [ ACC ] STREAM LISTENING 50146 /var/run/xrdp/sockdir/xrdpapi_10
unix 3 [ ] STREAM CONNECTED 48571 /var/run/xrdp/sockdir/xrdp_chansrv_socket_10
win10这边运行运行mstsc, 连接时,选xvnc, 输入非root用户的登录信息,就能登入了。
刚安装好xrdp服务后,多次连接xrdp服务器,就会在输入完口令后,在debian桌面登录那卡住。
重启服务器后,都正常了,等多次,每次都等登入。
试了一下,重启xrdp服务也行
service xrdp restart