Portál AbcLinuxu, 8. května 2024 19:56
Niekolko kratkych postrehov, ktore som na tomto portale nasiel mi nedalo odpoved na tento problem:
Mam siet s 10 WinXP pocitacmi a linuxovym serverom (Mandrake 9.2). Chcem umoznit uzivatelom z WinXP dialkove pripojenie pracovnej plochy Linuxu (KDE), cize graficky login ako na lokale - pri grafickej vyzve uvadza uzivatel svoj login a heslo, po prihlaseni pracuje v svojom vlastnom domovskom adresari - teda ziadne VNC display password rovnake pre vsetkych a pod.!
Server je bez monitora a klavesnice, zavrety v skrinke a pripojeny do siete (runlevel 5), lokalne sa nik neprihlasuje, ani nic nespusta, ani neexportuje desktop, vsetko potrebne ma byt v startovacich skriptoch - po starte tam stale ma byt len okno s vyzvou na prihlasenie, ktore nik neuvidi koli chybajucemu monitoru.
Ked som si pripojil monitor, prihlasil sa v KDE, manualne spustil VNC server (sluzba DrakeServices v Konfiguracii pocitaca mi tento neumozni spustit automaticky pocas startu, preco ?), tento si vypytal 1 heslo (ako sa potom ma prihlasit viac uzivatelov do samostatnych prostredi - KDE, GNOME?) a spustil program x0rf..
Mohol som sa prostrednictvom VNC klientov pripojit z inej stanice, ale bolo to dost pomale v slabom rozliseni a co hlavne nechcem - na uz spustenu (iba jednu!) prac. plochu.
Ako teda zabezpecit dialkovy graficky login pre kazdeho uzivatela systemu, bez akehokollvek lokalneho prihlasovania ?
Udajne ma KDE poskytovat moznost takehoto dialkoveho grafickeho loginu, ale netusim, kde ju mozem aktivovat, ani ktore porty na firewalle mam otvorit a ci vobec VNC klient umoznuje prihlasenie do KDE na dialku.
V oblasti WinNT som videl administraciu prostrednictvom prac. plochy zobrazenej v IExploreri cez https. Je to mozne aj v Linuxe?
Za kazdu pomoc budem velmi vdacny!
/usr/x11r6/bin/startxdmcp.bat
), staci doplnit adresu display manageru.
BTW na tom serveru staci aby bezel display manager, X server tam bezet nemusi (nastavi se to v /etc/X11/xdm/Xservers
).
Ktore porty na firewalle mam koli tomu otvorit? Dakujem.
(BTW: Ako prinutit DrakeServices zobrazovat dalsie sluzby, ktore chcem startovat? Je pohodlnejsie vybrat si zo zoznamu sluzieb, ci vlastnosti, ako hladat v manualoch vsetky parametre pre nejaky prikaz alebo zistovat co treba v ktorom konfiguraku zeditovat.)
No a k tomu este potrebujem vediet, ako to pravidlo nasukat do firewallu cez prikazovy riadok, tak, aby mi tam ostalo aj po restarte - jedno kliknutie by usetrilo hodiny casu, ved prave vdaka tomu si Windoze ziskali popularitu.
Viem, administracia produkcneho servera je pre profikov a je holt pravda, ze ak si to uz raz nastudujem, nikdy viac nie som odkazany na graficke prostredie - ten cas teda nie je strateny ... len ho treba proste mat.
[daemon] AutomaticLoginEnable=false AutomaticLogin= # If you are having trouble with using a single server for a long time and # want gdm to kill/restart the server, turn this on AlwaysRestartServer=false Configurator=/usr/bin/gdmconfig --disable-sound --disable-crash-dialog GnomeDefaultSession=/etc/gnome/default.session Chooser=/usr/bin/gdmchooser --disable-sound --disable-crash-dialog DefaultPath=/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games DisplayInitDir=/etc/gdm/Init Greeter=/usr/bin/gdmgreeter Group=gdm HaltCommand=/sbin/shutdown -h now \"Halted from gdm menu.\" KillInitClients=true LogDir=/var/log/gdm PidFile=/var/run/gdm.pid PostSessionScriptDir=/etc/gdm/PostSession/ PreSessionScriptDir=/etc/gdm/PreSession/ # Distributions: If you have some script that runs an X server in say # VGA mode, allowing a login, could you please send it to me? FailsafeXServer= XKeepsCrashing=/etc/gdm/XKeepsCrashing RebootCommand=/sbin/shutdown -r now \"Rebooted from gdm menu.\" RootPath=/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11:/usr/local/sbin:/usr/local/bin:/usr/games ServAuthDir=/var/lib/gdm SessionDir=/etc/gdm/Sessions/ SuspendCommand=/usr/bin/apm --suspend User=gdm UserAuthDir= UserAuthFBDir=/tmp UserAuthFile=.Xauthority TimedLoginEnable=false TimedLogin= TimedLoginDelay=30 StandardXServer=/usr/bin/X11/X FlexibleXServers=5 Xnest=/usr/bin/X11/Xnest -name Xnest -xkb RemoteGreeter=/usr/bin/gdmgreeter [security] AllowRoot=false # If you want to be paranoid, turn this one off AllowRemoteRoot=false AllowRemoteAutoLogin=false RelaxPermissions=0 RetryDelay=3 UserMaxFile=65536 SessionMaxFile=524388 [xdmcp] # Distributions: Ship with this off. It is never a safe thing to leave # out on the net. Alternatively you can set up /etc/hosts.allow and # /etc/hosts.deny to only allow say local access. Enable=true HonorIndirect=0 MaxPending=4 MaxPendingIndirect=4 MaxSessions=16 MaxWait=15 MaxWaitIndirect=15 DisplaysPerHost=1 Port=177 # Willing script, none is shipped and by default we'll send # hostname system id Willing=/etc/gdm/Xwilling [gui] GtkRC=/usr/share/themes/Default/gtk/gtkrc MaxIconWidth=128 MaxIconHeight=128 [greeter] TitleBar=true ConfigAvailable=true Browser=false DefaultFace=/usr/share/pixmaps/nobody.png DefaultLocale=cs_CZ # These are things excluded from the face browser, not from logging in Exclude=bin,daemon,adm,lp,sync,shutdown,halt,mail,news,uucp,operator,nobody,alias,backup,games,gnats,irc,list,majordom,man,msql,postgres,proxy,qmaild,qmaill,qmailp,qmailq,qmailr,qmails,sys,www-data,fetchmail,xpilots Font=-*-helvetica-bold-r-normal-*-*-180-*-*-*-*-*-*-* GlobalFaceDir=/usr/share/faces/ Icon=/usr/share/pixmaps/gdm.xpm LocaleFile=/etc/locale.alias Logo=/usr/share/pixmaps/gdmDebianLogo.xpm Quiver=true SystemMenu=true Welcome=Welcome to %n Welcome[es]=Bienvenido a %n Welcome[de]=Willkommen auf %n Welcome[fr]=Bienvenue sur %n Welcome[cs]=Vítejte na %n Welcome[no]=Velkommen til %n Welcome[nn]=Velkomen til %n Welcome[ru]=äĎÂŇĎ ĐĎÖÁĚĎ\327ÁÔŘ ÎÁ %n LockPosition=false SetPosition=false PositionX=0 PositionY=0 XineramaScreen=0 #Type can be 0=None, 1=Image, 2=Color BackgroundType=2 BackgroundImage= BackgroundScaleToFit=true BackgroundColor=#007777 BackgroundRemoteOnlyColor=true BackgroundProgram= ShowGnomeChooserSession=true ShowGnomeFailsafeSession=true ShowXtermFailsafeSession=true Use24Clock=true UseCirclesEntry=true GraphicalTheme=industrial GraphicalThemeDir=/usr/share/gdm/themes/ [chooser] DefaultHostImg=/usr/share/pixmaps/nohost.png HostImageDir=/usr/share/hosts/ ScanTime=3 Hosts= Broadcast=true [debug] # This will enable debugging into the syslog, usually not neccessary # and it creates a LOT of spew of random stuff to the syslog Enable=false [servers] #0=Standard vt7 #1=Standard vt8 -dpi 100 [server-Standard] name=Standard server command=/usr/bin/X11/X -deferglyphs 16 -nolisten tcp flexible=true
uran:~# nmap -sU localhost Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ ) Interesting ports on localhost (127.0.0.1): (The 1441 ports scanned but not shown below are in state: closed) Port State Service 53/udp open domain 67/udp open bootps 69/udp open tftp 111/udp open sunrpc 137/udp open netbios-ns 138/udp open netbios-dgm 177/udp open xdmcp 514/udp open syslog 1009/udp open unknown 2049/udp open nfs
Tiskni Sdílej:
ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.