Installing the VNC server on Ubuntu using Ansible

In this post,we’ll learn that how we can install the VNC server on Ubuntu 14.04 LTS using Ansible. If you don’t know about Ansible, please check this link.

If you want manual step by step procedure to install the VNC server on Ubuntu, please refer this post.

First, download this Repository from the GitHub:

git clone https://github.com/arbabnazar/ansible-roles.git

Note: If git is not installed then you can simply download the zip file.

Read more of this post

OpenVPN Server Setup on Mikrotik RouterOS

In this post, I’ll describe the step by step procedure to setup Mikrotik RouterOS as OpenVPN server. I’ll use the Ubuntu Server in order to create CA, server and client(s) certificates.

Read more of this post

InterVLAN Routing with Internet Access on Ubuntu

Scenario:

• Router: Ubuntu Server with 1 network card.
• Clients:  WindowsXP in VLAN10,Windows7 in VLAN20.
• Internet: Internet Router on VLAN30
• Switch: Cisco 2960

Read more of this post

OpenVPN server on Ubuntu 12.04 behind NAT

This tutorial describes that how to configure the OpenVPN Server in Ubuntu and clients in Windows XP/7.

I am taking the scenario of SOHO network, which is protected by Firewall, we’ll implement the OpenVPN on internal Ubuntu server to access the internal SOHO network (Server and PCs) through the internet from anywhere securely.

OpenVPN Server Installation:

Install the openvpn package using the following command:

 sudo apt-get install openvpn

On Ubuntu 14.04 LTS, please use the following command to install the openvpn package:

sudo apt-get install openvpn easy-rsa Read more of this post

How to setup vsftpd FTP with SSL on Ubuntu 12.04

This tutorial teaches you, how to setup vsftpd server on Linux based dedicated Web server. The tutorial also teaches you how to add the ftp users and lock the directory to individual users(In this scenario,lock the users into their individual web directory).

In Ubuntu 12.04, vsftpd with chrooted users gives the following error message:

500 OOPS: vsftpd: refusing to run with writable root inside chroot ()

To overcome this problem, we need to add the following vsftpd PPA:

sudo add-apt-repository ppa:thefrontiergroup/vsftpd

Updates the local repository (package list):

sudo apt-get update

Read more of this post

SVN Server on Ubuntu with https access

To install SVN server, run this command at the command prompt:

sudo apt-get install subversion apache2 libapache2-svn

Verify the installed version of Subversion software:

svn --version

Read more of this post

File Synchronization Between Two Ubuntu Servers using Unison

Unison is a file-synchronization tool for Unix and Windows. It allows two replicas of a collection of files and directories to be stored on different hosts (or different disks on the same host), modified separately, and then brought up to date by propagating the changes in each replica to the other.

This tutorial shows how to set up file synchronization between two Ubuntu 12.04 servers with Unison that are on the same network but you can use the same approach on the servers that are not placed on the same network.

Before installing the unison,generate the ssh key pair on PrimarySrv and copy the public key to the SecondarySrv:

ssh-keygen
scp ~/.ssh/id_rsa.pub arbab@192.168.1.203:

Read more of this post

Changing the MOTD in Ubuntu Server

Ubuntu server display a message everytime,when users log in at the terminal, this message is known as MOTD (the message of the day). Ubuntu Server generates this message automatically from a collection of scripts and motd contains the user’s last login time, the system version and information about available software updates.

Sometime, we don’t want to show all these informaitons to the login user and want to show customize message. To do this, we have to follow these steps.

First,we need to edit /etc/motd.tail file:

sudo nano /etc/motd.tail

Here is mine custom MOTD that I want to show to the users after login:

 ######################################
 # If you are not authorized to access#
 # or use this system, disconnect now #
 ######################################

Move to this directory:

cd /etc/update-motd.d

In order to disable all the unwanted information, we need to disable the execution of these scripts:

sudo chmod -x 00-header
sudo chmod -x 50-landscape-sysinfo
sudo chmod -x 10-help-text
sudo chmod -x 90-updates-available

Now, when we login to our Ubuntu Server, it will show us the MOTD that we just configured above:

Enjoy 🙂

Extra Info:

If you want that your server didn’t show MOTD at all after login, then just do this:

sudo dpkg-reconfigure landscape-common

Select “Do not display sysinfo on login”

Hope this will help you!

Please Remember me in your prayers!

Name(required)

Email(required)

Website

Comment(required)

Submit

Δ

How to enable ssh warning banner in Ubuntu 12.04

For legal reasons, Some people need to display a warning banner on their Ubuntu machine before login so that a person requires to acknowledge the contents of the banner before entering the password. To do this, defines a text file location in sshd_config file which contains the warning messages.

Open /etc/ssh/sshd_config file:

sudo nano /etc/ssh/sshd_config

Locate the line, that contains Banner and uncomment it as given below:

Banner /etc/issue

Edit the /etc/issue file for adding the banner:

sudo nano /etc/issue

Here is mine banner as a sample, you can add your’s here:

###############################################################
#               Authorized access only!                       # 
# Disconnect IMMEDIATELY if you are not an authorized user!!! #
#       All actions Will be monitored and recorded            #
###############################################################

Restart the ssh service:

sudo service ssh restart 

Now, If we try to login, it will show us the warning banner that we just configured:

Hope this will help you!

Please Remember me in your prayers!

Enjoy 🙂

Name(required)

Email(required)

Website

Comment(required)

Submit

Δ

How to install VNC server on Ubuntu Server 12.04

   VNC is a protocol that is used to share the desktop with other users/computers over the network/Internet.In order to share a desktop, VNC server must be install and configure on the computer and VNC client must be run on the computer that will access the shared desktop.

When we install the fresh copy of Ubuntu Server, it only gives us the “Command Line” interface.

But some people prefer GUI instead and for this they install Full version of Gnome on Ubuntu Server. Actually there is a better way and that is to install VNC. VNC provides a lightweight virtual desktop than full blown version of Gnome.

To install the core components of gnome, use this command:

sudo apt-get install gnome-core 

To install a virtual desktop, use this command:

sudo apt-get install vnc4server

In order to use VNC, we need to setup a password using the following command:

vncserver

To make a tweak in startup script, we need to kill the session that we just created:

vncserver -kill :1

Now open up the file that we need to edit:

cd ~
nano .vnc/xstartup

And Modify the file so it looks like this:

#!/bin/sh
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
gnome-session --session=gnome-classic &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
#x-terminal-emulator -geometry 1280x1024+10+10 -ls -title "$VNCDESKTOP Desktop" &
#x-window-manager &

Next, create the VNC Session once more:

vncserver -geometry 1024x600

Now, download VNCViewer onto our desktop computer from which we want to access the shared desktop. Connect using ServerIP/Name:1 (:1 is for the VNC server window), In my case it is tendo:1.

Enter the password that we created using the vncserver command:

We now have GUI access to our server.

After reboot the server, we will not be able to connect to the server with VNC, this is because the “vncserver -geometry 1024×600” command that we typed above is not persistent. To solve this problem, we will use an excellent script of Justin Buser.

As sudo user create the file (and directory if it doesn’t exist):

sudo mkdir -p /etc/vncserver
sudo touch /etc/vncserver/vncservers.conf
sudo nano /etc/vncserver/vncservers.conf

Add servers as needed for each user by adding something like the following to the vncservers.conf file we just created:

VNCSERVERS="1:arbab"
VNCSERVERARGS[1]="-geometry 1024x600 -depth 24"

Next, create an empty init script and make it executable:

sudo touch /etc/init.d/vncserver
sudo chmod +x /etc/init.d/vncserver
sudo nano /etc/init.d/vncserver

Add the following to /etc/init.d/vncserver:

#!/bin/bash
unset VNCSERVERARGS
VNCSERVERS=""
[ -f /etc/vncserver/vncservers.conf ] && . /etc/vncserver/vncservers.conf
prog=$"VNC server"
start() {
 . /lib/lsb/init-functions
 REQ_USER=$2
 echo -n $"Starting $prog: "
 ulimit -S -c 0 >/dev/null 2>&1
 RETVAL=0
 for display in ${VNCSERVERS}
 do
 export USER="${display##*:}"
 if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
 echo -n "${display} "
 unset BASH_ENV ENV
 DISP="${display%%:*}"
 export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
 su ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
 fi
 done
}
stop() {
 . /lib/lsb/init-functions
 REQ_USER=$2
 echo -n $"Shutting down VNCServer: "
 for display in ${VNCSERVERS}
 do
 export USER="${display##*:}"
 if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
 echo -n "${display} "
 unset BASH_ENV ENV
 export USER="${display##*:}"
 su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
 fi
 done
 echo -e "\n"
 echo "VNCServer Stopped"
}
case "$1" in
start)
start $@
;;
stop)
stop $@
;;
restart|reload)
stop $@
sleep 3
start $@
;;
condrestart)
if [ -f /var/lock/subsys/vncserver ]; then
stop $@
sleep 3
start $@
fi
;;
status)
status Xvnc
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
exit 1
esac

We’ll need to run vncserver command AT LEAST ONCE AS EACH USER that want to login as. I put that in caps because if you skip that step none of it will work.

Finally, do the following:

sudo update-rc.d vncserver defaults 99

Now, restart the service by typing:

sudo service vncserver restart

Ability to connect for multiple users:

Create a local user, using the following command:

sudo adduser hussain

Switch to the newly created user and run vncserver command for it:

su hussain
vncserver

Move to the home directory and edit the xstartup file:

cd ~
nano .vnc/xstartup

Modify the file so it looks like this:

 
#!/bin/sh
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
gnome-session --session=gnome-classic &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
#x-terminal-emulator -geometry 1280x1024+10+10 -ls -title "$VNCDESKTOP Desktop" &
#x-window-manager &

Now open up the /etc/vncserver/vncservers.conf file as sudo user:

sudo nano /etc/vncserver/vncservers.conf

Add servers for newly created user by adding something like this:

VNCSERVERS="1:arbab 2:hussain"
VNCSERVERARGS[1]="-geometry 1024x600 -depth 24"
VNCSERVERARGS[2]="-geometry 1024x600 -depth 24"

Restart the service:

sudo service vncserver restart

Connect with newly created user using tendo:2, Where tendo is my server name:

Enter the password that we created using the vncserver command:

We now have GUI access to our server for newly created user.

Preventing Gnome to start on boot on the server:

Gnome is automatically started on boot in Ubuntu 12.04 LTS, if we connect a monitor to our server we will see that GUI sitting there waiting for us to log in.

To prevent it, edit the gdm.conf file:

sudo nano /etc/init/gdm.conf

Comment these six lines:

#start on ((filesystem
# and runlevel [!06]
# and started dbus
# and (drm-device-added card0 PRIMARY_DEVICE_FOR_DISPLAY=1
# or stopped udev-fallback-graphics))
# or runlevel PREVLEVEL=S)

Reboot the server and that GUI log-in screen will no longer appear:

VNC encrypted through the ssh tunnel:

By default, VNC is not secure protocol.VNC uses encryption during initial connection and login (passwords are not sent in plain-text). Once, we connected then all the VNC data is unencrypted and hacker could sniff our VNC session. It is better (safer) to start VNC server only on 127.0.0.1(localhost) and tunnel it over secure SSH tunnel (For this,there are options in Putty).

On Ubuntu, edit /etc/vncserver/vncservers.conf:

sudo nano /etc/vncserver/vncservers.conf

Add the option “-localhost“:

VNCSERVERS="1:arbab 2:hussain"
VNCSERVERARGS[1]="-geometry 1024x600 -depth 24 -localhost"
VNCSERVERARGS[2]="-geometry 1024x600 -depth 24 -localhost"

Restart the service:

sudo service vncserver restart

Here is visual, how to connect to VNC Server through PuTTY(SSH) from Windows Machine.

Run PuTTY,enter the IP address or hostname of the VNC Server:

On the left-hand panel, Go to Connection -> SSH -> Tunnels:

Source Port:590x(Where x is a value that we set in vncservers.conf,like 1 for arbab)
Destination:localhost:590x(Same x value that we used above in source port)

Click Open button in order to connect to the Server via SSH:

Login to the Ubuntu (VNC Server) with username and password:

Upon successful connection to VNC Server, we’ll find port 5901 is in listening mode on localhost:

netstat -a

Run VNC Viewer and enter the localhost:1(:1 is for arbab user, that we defined in vncservers file):

Enter the password, in order to connect to the VNC Server:

Now, we are connected to remote VNC Server through ssh tunnel:

Hope this will help you!

Please Remember me in your prayers!

Enjoy 🙂

Name(required)

Email(required)

Website

Comment(required)

Submit

Δ