Grinder and VNC

January 15, 2021

VNC at the SOML Casting Lab

See the instructions below that describe how to make a basic connection from a Windows machine. If you are coming from a linux machine, contact me, things are much simpler and I can provide details, some of which are below. I put those commands in a script "vnccrater" and that is all I need now that the script is set up.

First note that special port numbers must be used. I don't give them explicitly here for security reasons, but when you know the first 3 digits, it goes like this:

xxx3 is crater
xxx2 is dorado
xxx8 is "linuxpilot"

In general, you probably only want a VNC session to crater.

Due to a Fedora bug, we cannot set up user pilot to use VNC without losing the ability to login at the console. This may be solved someday, but for the time being, the following is a workaround. VNC sets up a session for the user "vncpilot" which causes no conflict with the console. This does cause some limitations. The VNC session for "vncpilot" is a read-only session that only allows the oven to be observed. In general this is a good thing, but sometimes it is desired to actually change things remotely. There are two ways to do that:

Run oven in a putty window logged in as pilot.
Bring up a terminal and change to pilot in that window.

Here is a detailed explanation of option 2. In the VNC session, bring up a new window. Bring up a terminal window from the system menu. In that window, do this:

su - pilot
oven

The "su" command will change your identity (in that window only) from vncpilot to pilot and that will allow you to run oven without being forced into readonly mode.

This brings up the issue of using iraf/oven versus plain oven. The above has you start the native oven rather than the original oven that must run inside of an IRAF cl session. They are identical with one exception. The native oven cannot launch the donut graphic cursor on the ximtool display. If you need that, use oven run under cl in the green window.

VNC basics - circa 11-20-2020

We access our computers remotely through a firewall that proxies ssh onto a special port. So we have to use the firewall IP address and some odd port running ssh. From linux, the following works, and is probably somewhat overcomplicated.

ssh -p 1776 -f -L 38999:localhost:5901 clamdigger.org sleep 20
vncviewer localhost::38999

What about Windows?

The above 2 line script turns the trick on linux, but how can we do this from a Windows 10 machine running some kind of vnc client? What Windows vnc client should we choose?

RealVNC

The expert I consult with recommends "RealVNC".

RealVNC download

Installing it was easy enough. It doesn't have a clue about ssh tunnels, so that has to be handled separately (see below).

TightVNC

There is also "TightVNC". It is nice and small and has a windows installer. It seems just fine, but like RealVNC it has no built in knowledge of SSH tunnels.

TigerVNC

Forget this.

This was recommended, but I was not satisfied. Both a server and client are available for download and not clearly labeled. I ended up downloading the server package by mistake and then it kept popping up until I went into my Downloads directory, found it and deleted it.

The viewer package seems to just be a bare .exe, not an installer and required me to enter an admin password whenever I want to run it, so I find this pretty obnoxious.

Use RealVNC or TightVNC.

Windows and ssh tunnels

First, be sure you have a VNC server running on the machine you want to connect to. Older Fedora systems required you to start this by hand, newer machines have a nicer, but poorly documented process to run the server as a system service.

Here is a process for bouncing the VNC connection through Putty (the typical Windows ssh client).

Download putty (see above)
Run putty
Enter your server name into the "Host name" field.
Enter your port (probably 22, but maybe 1776 or ...) into the "Port" field just to the right.
Don't try to open a connection yet, be patient.
Enter a name for the session into the "Saved Sessions" field.
Click on "save" so you won't have to do all this again every time.
In the tree to the right, do the following:
Select –-Connection–-SSH–-Tunnels
In “Add new forwarded port” –> Enter source port as 5901 and Destination as server-ip:5901
Important note! If you are going through a firewall, the server-name here is the name of the server behind the firewall (beef or pork or ham), not clamdigger.
Click on Add button
Go back to the top of the tree to "Session" (where you started) and click Save.
Click "Open" and give your user name and password
Open VNC viewer and connect to localhost:1

Try this with RealVNC

Here is the play by play.

I did this first to a linux machine that simply runs ssh on port 22 (the normal default).

You can make the actual ssh connection, then a right mouse click on the title bar will give you the menu that includes "Change Settings". Given that menu, navigating to "Connection--SSH--Tunnels" is easy enough.

Note that when you set up putty as an ssh tunnel, it continue running the ssh session also.

I fire up RealVNC viewer, enter localhost:1 into the entry field and voila, it asks me for my VNC password and away I go.

If you get the following message from RealVNC, it means your VNC server is not running.

The connection closed unexpectedly.

If the VNC server is not running and you try TightVNC, you will immediately get the "Connection gracefully closed" message.

Have any comments? Questions? Drop me a line!

Tom's home page / tom@mmto.org