-1Petr Kulhanek kulhanek@chemi.muni.cz National Center for Biomolecular Research, Faculty of Science Masaryk University, Kamenice 5, CZ-62500 Brno Remote access to Linux (Unix) from Linux (macOS) TigerVNC (Remote Desktop) PS / 2020 Distance form of teaching: Rev3 -2- VNC Linux / macOS ssh tunnel DESKTOP DESKTOP vncserver vncviewer unix socket Remote Linux machine TCP port > = 5900 firewall -3- VNC 1. VNC implements the equivalent of a remote desktop. Unlike export of display, the transmission is very fast and does not suffer as much latency. 2. To eliminate security risks, ports 5900 and higher, which VNC uses by default and which can be exploited for unauthorized access, are disabled on the WOLF cluster by the firewall. This measure greatly complicates the use of VNC if the user wants to solve it on his/her own. 3. Use of VNC is made significantly easier by customized programs vncserver and vncviewer for TigerVNC: 1. vncserver 1. starts a VNC server that listens on a Unix socket (TCP network connections on 5900 ports do not open) 2. access to the Unix socket is restricted to the user running the VNC server only 3. the default desktop is JWM (works on all remote machines), on some machines it is possible to run full Ubuntu GNOME environment 2. vncviewer 1. establishes an ssh connection to the remote machine and creates a tunnel to the Unix socket on the remote machine 2. launches a VNC client that displays the remote desktop -4Installing VNC Client -5Ubuntu 18.04 / 20.04 0. This procedure assumes that you have an activated NCBR package repository (see previous presentations) 1. Package installation: 2. The vncviewer viewer is available as a standard command: [myPC]$ sudo apt-get update [myPC]$ sudo apt-get install ncbr-tigervnc [myPC]$ vncviewer installation is performed on your computer -6Linux - General 1. Download the program installation package ncbr-tigervnc to home directory: 2. Unpack the archive in your home directory: 3. The vncviewer browser is available as: [myPC]$ tar xvf ncbr-tigervnc-linux64.tgz space, dot [myPC]$ ~/ncbr-tigervnc-linux64/vncviewer >>> ERROR: TIGERVNC_PATH is not set! 1. open the file vncviewer and edit the line 2. export TIGERVNC_PATH = "$HOME/ncbr-tigervnc-linux64" enter the absolute path to the ncbrtigervnc-linux64 directory If you want to install to a different directory: installation is performed on your computer [myPC]$ scp username@wolf02.ncbr.muni.cz:~kulhanek/Documents/C2110/Software/ncbr-tigervnc-linux64.tgz . -7- macOS 1. Download the program installation package ncbr-tigervnc to home directory: 2. Unzip the archive in your home directory: 3. The vncviewer browser is available as: [macOS]$ tar xvf ncbr-tigervnc-macos.tgz space, dot [macOS]$ ~/ncbr-tigervnc-macos/vncviewer >>> ERROR: TIGERVNC_PATH is not set! 1. open the file vncviewer and edit the line 2. export TIGERVNC_PATH = "$HOME/ncbr-tigervnc-macos" enter the absolute path to the directory ncbr-tigervnc-macos If you want to install to a different directory: installation is performed on your computer [macOS]$ scp username@wolf02.ncbr.muni.cz:~kulhanek/Documents/C2110/Software/ncbr-tigervnc-linux64.tgz . -8- Usage https://wolf.ncbr.muni.cz » Internal part Actual overview of all GUI sessions on a WOLF cluster can be obtained here: To log in, use the e-INFRA account that you use to log in to the WOLF cluster. first run vncserver on unoccupied machines (green) and then on machines running fewer instances of the GUI sessions. -9Starting VNC Server 0. Verify • that you have valid krb5 tickets (klist) • or renew them • command kinit username@META 1. Log in to the remote machine using ssh, e.g., to the node wolf02.ncbr.muni.cz 2. Activate the tigervnc module 3. Start a VNC server with full Ubuntu GNOME or with a lightweight JWM desktop [myPC]$ ssh wolf02.ncbr.muni.cz [wolf02]$ module add tigervnc [wolf02]$ vncserver --fullgui [wolf02]$ vncserver vncserver runs on a remote machine -10Start the VNC server [kulhanek@wolf02 ~]$ vncserver >>> TigerVNC server started succesfully! Logs: ~/.vnc/wolf02.ncbr.muni.cz.1.startlog ~/.vnc/wolf02:1.log VNCID: kulhanek@wolf02.ncbr.muni.cz:1 to diagnose possible problems VNC session identifier Comments: • After starting the VNC server, it is possible to terminate the ssh connection to the remote machine. • It is not appropriate to run multiple VNC servers. • An overview of running servers can be obtained using: $ vncserver -list • The VNC server can be explicitly terminated (vncserver -kill , ID is printed by the -list option). ATTENTION! Any unsaved work will be lost. -11Start VNC Viewer 0. Verify • that you have valid krb5 tickets (klist) • or renew them • command kinit username@META 1. Launch the VNC viewer (depending on the type of installation). Use the VNCID listed when starting the VNC server as an argument. [ubuntu]$ vncviewer kulhanek@wolf02.ncbr.muni.cz: 1 vncviewer is running on your computer [macOS]$ ~/ncbr-tigervnc-macos/vnCviewer kulhanek@wolf02.ncbr.muni.cz:1 [linux]$ ~/ncbr-tigervnc-linux64/vnCviewer kulhanek@wolf02.ncbr.muni.cz:1 alternatively use the path where you installed the VNC browser -12Disconnect vs Exit 1. Disconnection from the VNC server occurs when • network connection is lost • VNC viewer window is closed 2. To re-establish the connection, you must restart the VNC viewer with the same VNCID of the server. 3. The VNC server terminates when • you log out from the desktop (Gnome: Logout; JWM: Exit) • server is explicitly killed (vncserver -kill) -13Showcase of Ubuntu desktop Starting the VNC server, terminal can be terminated Starting VNC viewer vmdRemote Desktop Ubuntu GNOME Remote Desktop Ubuntu GNOME