openSUSE 13.1 - VNC login errors

Hi

I’m am currently running openSUSE 13.1 64bit OS with GNOME on a LAN with various other Linux and Windows 7 PCs. I am trying to set up VNC on all the machines so I easily control the desktops of the other terminals. For Windows, I simply installed the TightVNC server package and logged in from openSUSE using

vncviewer <ip_address>

This process allows me to control the desktop any of the Win7 PCs from the openSUSE box.

Controlling the openSUSE box from either a Win7 PC or another openSUSE install is proving to be much more difficult. Ideally I want to be able to control the current desktop in openSUSE from another machine, not login to another (parallel) desktop.

I have enabled Remote Administration in yast and I’ve checked the the vncserver service (Xvnc) is running. I have disabled the firewall to avoid any port issues. From the TightVNC viewer on a Win7 PC I can login to my openSUSE box via VNC using

<ip_address>::5901

Similarly I can login to the openSUSE box from another linux install using

vncviewer <ip_address>:5901

However, in both cases I am granted with a prompt for the Administrator password. I type in my root password and it proceeds to the usual GNOME user login screen, as if I was logging on locally. If I click my usual username a password prompt appears but doesn’t allow me to enter a password - it immediately says “Authentication Failed” before I’ve even typed anything.

I have already set a vnc password on the openSUSE box using vncpasswd but I never get a chance to enter it. VNC’ing from openSUSE to a Win7 PC I am always prompted for the VNC authentication password I’ve set up in TightVNC.

Any advice on setting up simply VNC desktop sharing in openSUSE would be most appreciated as this problem is driving me mad!

Thanks

Reading around a little more, I’m wondering if x11vnc is more what I’m after? I can’t try it as I don’t have an openSUSE machine in front of me, but it looks to allow users to control the current desktop over VNC.

Does anyone know if it is included in the main openSUSE 13.1 DVD?

  1. You should replace TightVNC with TigerVNC because it works better and I don’t personally know if TightVNC offers a version of x0vncserver (or anything similar). That program allows you to access the running desktop session itself, as opposed to accessing your user account from a separate session of the same desktop on 5901 (:1 instead of :0).
  2. The server you want to run is x0vncserver, thusly “x0vncserver -PasswordFile ~/.vnc/passwd” because x0vncserver apparently does not point to a default password location. You are going to run this server from your user account, not from your root account. You also need to run vncpasswd from your user account, not your root account, to create the user login passwd file.
  3. Check to see that your passwd file is actually in ~/.vnc. That is the default location created by vncpasswd but you might have put it elsewhere.
  4. Make certain when you install TigerVNC that your install actually includes x0vncserver – I have installed some update tigervnc rpms that did not include it, thereby having the puzzling problem of x0vncserver suddenly not working any more. I am told TigerVNC is standard in 13.2, in 13.1 you may need to add the Xorg/X11 repositories from download.opensuse.org/repositories.
  5. I am told that the Yast “remote administration” will set up what you want, but I have not utilized it. I regularly run x0vncserver to access my running desktop.
  6. Authentication issues … hmm… Check that your passwd file is in ~/.vnc, that is the default where vncserver will look for it (unlike x0vncserver, which needs to be told where to look). If you are logging in from a computer where you are not running the same user, then you have to tell vncviewer what user, eg., vncviewer [you]@[IP]:1. Or for more clarity, in my case on my lan it would “vncviewer basd@192.168.1.55:1”.
  7. The TigerVNC install might not properly create /usr/bin/vncviewer. Vncviewer will be a symlink and it should point to a file that I think is called /usr/bin/tiger-vncviewer. So, you can rename vncviewer vncviewer_old and make a link from the tiger one. I do this on KDE desktop with “kdesu dolphin” because it is easy to make these changes then.
  8. I believe that even if you are using the same name, vncviewer used without parameters will check via user number. So, if my user is “basd” with user no. 1001 on one computer and quite correctly “basd” on another computer, but being the second user added, numbered 1002, the login will not recognize me and will fail.
  9. Of course, if you are logging in with a different user name, then that name will have to have its own user account on the server.
  10. If you are logging in from Windows, then your vnc viewer software should have an option for specifying user name and the server should respond with a password request.
  11. On Linux, Remmina provides a client frontend that makes it easy to store multiple server logins, usernames, passwords, etc. I no longer use Remmina because I like the fact that I can click’n’drag to resize tigervnc windows. (AFAIK this will work with vncserver, but not x0vncserver, because x0vncserver is mirroring an actual physical display. However, Remmina has some resizing options, so it works nicely with x0vncserver.)
  12. It sounds as though you are running your vncserver from root and therefore the vncpassword file is a root password. You should not do this. Vnc is not secure (I run it over a vpn and the other solution is to tunnel it through ssh). But, you should not run it as root, you should run it from your user shell and run vncpasswd in the user shell, as well, to create the password file in ~/.vnc. The normal protocol – and the default settings – are to run vnc as a normal user, login as a normal user and if you want administrative privileges use su to gain them. But, again, anyone scanning internet traffic can intercept anything you do via VNC because it is not encrypted. I’m not certain what you have set up, but what you describe is a server that is running as root, then it is serving up the gdm login system, but you can’t log in because it authenticates against the ~/.vnc/passwd file and you may only have one in root and not in your user area. Xinetd runs its vnc servers as “nobody”.

You can get tigervnc from a “one-click install” here http://software.opensuse.org/package/tigervnc?search_term=tigervnc. Make sure you select the 13.1 versions (the default might be 13.2, so you may need to follow the “select other versions” link, you will have to go select “unstable packages” and I recommend xorg / X11 version because it is the most current one. You may want to disable the new repository after the install, because there is risk the next time you update or zypper dup any other Xorg packages that are newer might replace your current versions – I say “might” because this requires allowing change of repository. (If you are asking about whether the packages are on the DVD and still running 13.1, I am guessing you are not obsessive about keeping your install updated to latest versions …)

I have not found any of these to be “unstable,” but they are not incorporated into the standard distro, so are treated as unstable.

Hope these hints help.

Thanks for your comprehensive reply.

I solved my problem by using x11vnc - it allowed me to “take over” and use the current desktop in openSUSE. I downloaded TigerVNC and X0vncserver but haven’t yet tried it.