Wiki
Clone wikiheadful_EPA_jumpbox_config / VNC_setup
part of the headful_EPA_jumpbox_config project
Table of Contents
summary
Install and configure a VNC connection from your client device to your jumpbox. The following has only been tested
- on a linode, but the procedure it should be easily transferable to jumpboxes from other vendors.
- using a Debian linode, but the procedure should be easily transferable to jumpboxes running other Linux OSs.
The following process
assumes that you have previously completed steps 1-2 in the main process: i.e., that you now have a working "base config" on your jumpbox.
contains essentially 5 steps:
- Decide which desktop and VNC packages to use on your jumpbox. (Since we'll probably need to run more than one application on the desktop (e.g., a terminal, the F5NAP'ed Firefox), we'll install a desktop instead of running bare X.) If not taking the defaults, edit your public properties.
- Create an ssh tunnel from the client device to the jumpbox.
- Install/configure the desktop and VNC server on your jumpbox.
- Install/configure a VNC viewer on the client device.
- Test the VNC connection from the client device to the jumpbox.
For definitions of terms special to these instructions, see the project glossary.
manual procedure
initial VNC setup
The following is adapted from this linode.com guide to Using VNC to Operate a Desktop on Ubuntu 12.04:
prepare a shell on your client device
Open a bash shell. For best reproducibility, and to avoid potential problems, open a separate, fresh one. You can do this by (e.g.) opening a fresh gnome-terminal tab or xterm.
Prepare the shell's environment:
set the environment variable PATH_TO_PROJECT appropriately for the client device.
load private properties and public properties:
source ${PATH_TO_PROJECT}/scripts/private.properties source ${PATH_TO_PROJECT}/scripts/public.properties
prepare an SSH shell on your jumpbox
From a prepared shell on your client device,
start a fresh, "normal" SSH shell on (aka connection to or session on) your jumpbox:
ssh ${JUMPBOX_USER_NAME}@${JUMPBOX_IPV4}Prepare the SSH shell's environment (which is not the same as the environment from which it was called on the client device!):
set the environment variable PATH_TO_PROJECT appropriately for the jumpbox.
load private properties and public properties:
source ${PATH_TO_PROJECT}/scripts/private.properties source ${PATH_TO_PROJECT}/scripts/public.properties
start SSH tunnel on client to jumpbox
From a prepared shell on your client device, start an SSH tunnel to the jumpbox (and keep it open for the remainder of the VNC session):
ssh -L ${CLIENT_VNC_PORT_N}:localhost:${CLIENT_VNC_PORT_N} ${JUMPBOX_USER_NAME}@${JUMPBOX_IPV4}
install packages on jumpbox
Prepare an SSH shell from your client device to your jumpbox. (If you already have a prepared, non-SSH-tunnel shell open on the jumpbox, reuse that and skip to next step.)
In that prepared shell, install desktop and VNC server from packages:
sudo aptitude update # may require authentication sudo aptitude install ${JUMPBOX_VNC_PACKAGE_LIST} ${JUMPBOX_DESKTOP_PACKAGE_LIST}
start VNC server on jumpbox
In a prepared SSH shell on your jumpbox (not the one running the previously-created SSH tunnel), start the VNC server (called using /etc/alternatives), and provide an 8-character-maximum password for your desktops:
vncserver :1 # trailing '&' is not necessary, nor is `sudo` > You will require a password to access your desktops. > > Password: > Verify: > > New 'it:1 (me)' desktop is it:1 > > Creating default startup script /home/me/.vnc/xstartup > Starting applications specified in /home/me/.vnc/xstartup > Log file is /home/me/.vnc/it:1.log
configure VNC server on jumpbox
Stop the VNC server so that we can restart it with a non-default configuration. (This is necessary because (AFAICS) one must start the VNC server once in order to create the config script= ~/.vnc/xstartup)
vncserver -kill :1
Configure the VNC server to launch the desktop (rather than just "vanilla X"):
JIC, backup installed ~/.vnc/xstartup to, e.g., ~/.vnc/xstartup.0
cp ~/.vnc/xstartup ~/.vnc/xstartup.0 chmod a-w ~/.vnc/xstartup.0
With your favorite editor (presumably installed as part of your base config), change tail of ~/.vnc/xstartup from
x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & x-window-manager &
(which launches "bare X") to
# from original ~/.vnc/xstartup.0 # x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & # x-window-manager & # Instead launch Xfce desktop (previously installed) startxfce4
Restart the VNC server to use the new configuration. It should still remember your password:
vncserver :1 > New 'krasia:1 (me)' desktop is krasia:1 > > Starting applications specified in /home/me/.vnc/xstartup > Log file is /home/me/.vnc/krasia:1.log
install VNC viewer on client device
In a prepared shell on your client device that is not sshing to the jumpbox, install a VNC viewer from packages on the client device:
sudo aptitude update # may require authentication
sudo aptitude install ${CLIENT_VNC_PACKAGE_LIST}
run VNC viewer on client device
Run a VNC viewer from your client device (reusing its previously-created SSH tunnel):
Start the VNC viewer (called using /etc/alternatives) in a shell on the client device, and authenticate to it using your previously-set VNC password:
vncviewer localhost:${CLIENT_VNC_PORT_N} # don't end with '&' > Mon Apr 20 17:45:20 EDT 2015 > Connected to RFB server, using protocol version 3.8 > Performing standard VNC authentication > Password: > Authentication successful > Desktop name "it:1 (me)" > VNC server default format: > 16 bits per pixel. > Least significant byte first in each pixel. > True colour: max red 31 green 63 blue 31, shift red 11 green 5 blue 0 > Using default colormap which is TrueColor. Pixel format: > 32 bits per pixel. > Least significant byte first in each pixel. > True colour: max red 255 green 255 blue 255, shift red 16 green 8 blue 0 > Same machine: preferring raw encodingAfter authenticating, you should see the jumpbox's desktop. If not, something's wrong!
Exit from the VNC viewer on the client device (but not the VNC server on the jumpbox) with the following sequence:
- On the client device, press key== F8
- From the popup menu, choose item== Quit viewer
TODO: turn off screensaver on Xfce!
subsequent VNC use
After you have setup VNC on both your client device and jumpbox, you will need only to do the following 3 steps to recreate a VNC connection from your client device to your jumpbox:
reuse SSH tunnel
If you do not already have one open in a shell/terminal on the client, start an SSH tunnel from your client to your jumpbox. Note you almost certainly want to reuse an existing SSH tunnel (IIUC) rather than starting a new one.
reuse VNC server
If you have not done so already, start a VNC server process on the jumpbox. Note you almost certainly want to reuse an existing VNC server (IIUC) rather than starting a new one.
use VNC viewer
You will probably want to exit from your VNC viewer whenever you are not actually using it, since (IIUC) an active VNC connection consumes
- network bandwidth
- compute cycles on the jumpbox
- compute cycles on the client device
Accordingly, each time you want to start a VNC connection from your client device to your jumpbox, repeat this procedure.
prepare a shell on your jumpbox via VNC
Create a VNC connection from your client device to your jumpbox showing the desktop on your jumpbox.
Open a shell/terminal on the remote desktop (i.e., the desktop running on your jumpbox, which you access via the VNC viewer).
- for Xfce4: click the terminal icon on the panel at bottom left of the desktop.
Prepare that shell's environment:
set the environment variable PATH_TO_PROJECT appropriately for the jumpbox.
load private properties and public properties:
source ${PATH_TO_PROJECT}/scripts/private.properties source ${PATH_TO_PROJECT}/scripts/public.properties
scripted procedure
Not currently available :-(
Updated