VNC access to the server console, display :0
This document (000020784) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Linux Enterprise Desktop 15
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12
Situation
This is typically used for support of a user logged into the system so the administrator can view and control what the user is seeing.
It can also be used for general access to the server. However, since the console can also be viewed and controlled directly, it is not considered a secure method for access, unless the physical machine, or virtual machine console, is protected from other users. See "Remote Administration (VNC)" in yast2 for standard VNC access.
Resolution
There are two methods for remote console access:
The Xorg vnc module. Loaded via the Xorg configuration.
The x0vncserver application.
The preferred method is to use x0vncserver (see the Additional Information). Both methods are described here for reference.
For either method, install the vnc packages, if not already installed. Be sure to accept the installation any required dependencies.
For SLE 15:
# zypper in xorg-x11-Xvnc xorg-x11-Xvnc-module
For SLE 12:
# zypper in xorg-x11-Xvnc
*** Note ***
The following instructions assume there is no /etc/X11/xorg.conf file being used. With SLE 12 and up, this file is normally no longer used, or at least discouraged. All Xorg configuration should reside under the directory "/etc/X11/xorg.conf.d/".
VNC to console via the Xorg vnc module on SLE 15
1. Edit the Xorg conf file to load the vnc module.
# vi /etc/X11/xorg.conf.d/10-libvnc.conf
Uncomment the appropriate lines and change the PasswordFile to "/var/lib/gdm/.vnc/passwd". It should look similar to this:
====================
Section "Module"
Load "vnc"
EndSection
Section "Screen"
Identifier "Screen0"
Option "SecurityTypes" "VncAuth"
Option "PasswordFile" "/var/lib/gdm/.vnc/passwd"
EndSection
====================
2. As root generate the passwd file and copy to gdm's home directory.
# vncpasswd
Enter the password, and skip the read-only password unless desired.
Copy root's .vnc file to the gdm home directory:
# cp -R /root/.vnc/ /var/lib/gdm/
3. Modify the gdm display manager configuration.
When the gdm login screen is displayed, it is on display :0, however, when gdm launches Gnome, the display changes to :1. This causes the VNC client to get a black screen. The following file must be modified to correct the problem.
The entire file is displayed below. Add only the two lines under ### NOTE...
# vi /usr/lib/X11/displaymanagers/gdm
====================
gdm_vars() {
case "${DISPLAYMANAGER##*/}" in
gdm|GDM|Gnome|GNOME)
RELOADSIGNAL="-USR1"
DISPLAYMANAGER=/usr/sbin/gdm
PIDFILE=/run/gdm/gdm.pid
# let gdm run the Xserver as root if access to /dev/fb*
# is required (bsc#1075805)
# The GDM_DISABLE_USER_DISPLAY_SERVER variable is added by patch
# gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch
if [ ! -c /dev/dri/card0 -a \
! -c /dev/nvidiactl ]; then
export GDM_DISABLE_USER_DISPLAY_SERVER=1
fi
### NOTE Only the following 2 lines need to be added (everything else is standard) ###
# Setting for VNC access via Xorg
export GDM_DISABLE_USER_DISPLAY_SERVER=1
return 0 ;;
*) return 1 ;;
esac
return 1
}
====================
4. Reboot the server or restart the display manager (systemctl restart display-manager).
5. Access from the VNC client to display :0 or port 5900.
VNC to console via the Xorg vnc module on SLE 12
1. Edit the Xorg conf file to load the vnc module.
# vi /etc/X11/xorg.conf.d/10-libvnc.conf
Uncomment the appropriate lines. It should look similar to this:
====================
Section "Module"
Load "vnc"
EndSection
Section "Screen"
Identifier "Screen0
Option "SecurityTypes" "VncAuth"
Option "PasswordFile" "/root/.vnc/passwd"
EndSection
====================
2. As root generate the passwd file.
# vncpasswd
Enter the password, and skip the read-only password unless desired.
3. Reboot the server or restart the display manager (systemctl restart display-manager).
4. Access from the VNC client to display :0 or port 5900.
VNC to console via x0vncserver on SLE 15 and SLE 12
1. Generate the vnc passwd file for the user.
While logged in as the target user run:
vncpasswd
Enter the password for access and skip the read-only password, unless desired.
2. Create a .desktop file to launch x0vncserver.
*** Note***
Replace /home/user-name/ path in the following examples with the correct home directory location for the user. If this file is created by root, be sure to change the ownership to the user it is being created for. The user must have read and execute access to this file.
*** Note ***
The following is for SLE 15. SLE 12 requires a change to the end of the Exec line. Change "-display" to :0
vi /home/user-name/.config/autostart/x0vncserver.desktop
Add the following content to the file:
[Desktop Entry]
Name=x0vncserver
Comment=Remote access for display :0
Exec=x0vncserver -passwordfile /home/user-name/.vnc/passwd -display :1
Terminal=false
Type=Application
StartupNotify=true
3. Add the executable permission to the new file:
chmod +x /home/user-name/.config/autostart/x0vncserver.desktop
4. Logout and back in as the user for the autostart file to be executed.
5. Access from the VNC client to display :0 or port 5900.
Additional Information
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020784
- Creation Date: 22-Sep-2022
- Modified Date:02-Dec-2022
-
- SUSE Linux Enterprise Desktop
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com