running vncservver on opensuse leap - cant connect

[matthew....@gmail.com]

Evening,

im having trouble getting vncserver (1.50 as bundled with opensuse leap 42.1) to start in response to an xinetd prompt. xinetd is trying to launch the Xvnc process with the following configuration file (etc/xinetd.d/vnc)

service vnc1
{
socket_type = stream
protocol = tcp
wait = no
user = vnc
server = /usr/bin/Xvnc
server_args = -noreset -inetd -once -query localhost -geometry 1360x768 -x509key /etc/vnc/tls.key -x509cert /etc/vnc/tls.cert -log *:stderr:100 -securitytypes none
type = UNLISTED
port = 5901
}

firewall ports are open (59**), and showing open during portscan from another local machine.

when trying to connect, all viewers fail with messages along the lines of "connection failed"

vncviewer output is below from an attempt to connect via localhost

matt@linux-3o78:~> vncviewer localhost:1

TigerVNC Viewer 64-bit v1.5.0
Built on: ??-??-?? ??:??
Copyright (C) 1999-2015 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.

Sun Jun 26 01:42:36 2016
CConn: connected to host localhost port 5901

Sun Jun 26 01:42:48 2016
CConn: End of stream

are there any thoughts on how to sort this? im aware that the opensuse leap packages are a bit out of date. However, I'd have thought they would still pass as stable.

[Pierre Ossman]

On 26/06/16 02:44, matthew....@gmail.com wrote:
> Evening,
>
> im having trouble getting vncserver (1.50 as bundled with opensuse
> leap 42.1) to start in response to an xinetd prompt. xinetd is trying
> to launch the Xvnc process with the following configuration file
> (etc/xinetd.d/vnc)
>

> vncviewer output is below from an attempt to connect via localhost
>
> matt@linux-3o78:~> vncviewer localhost:1
>
> TigerVNC Viewer 64-bit v1.5.0
> Built on: ??-??-?? ??:??
> Copyright (C) 1999-2015 TigerVNC Team and many others (see README.txt)
> See http://www.tigervnc.org for information on TigerVNC.
>
> Sun Jun 26 01:42:36 2016
> CConn: connected to host localhost port 5901
>
> Sun Jun 26 01:42:48 2016
> CConn: End of stream
>
>
>
>
> are there any thoughts on how to sort this? im aware that the opensuse leap packages are a bit out of date. However, I'd have thought they would still pass as stable.
>

--
Pierre Ossman Software Development
Cendio AB https://cendio.com
Teknikringen 8 https://twitter.com/ThinLinc
583 30 Linköping https://facebook.com/ThinLinc
Phone: +46-13-214600 https://plus.google.com/+CendioThinLinc

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[Pierre Ossman]

On 26/06/16 02:44, matthew....@gmail.com wrote:

> Evening,
>
> im having trouble getting vncserver (1.50 as bundled with opensuse
> leap 42.1) to start in response to an xinetd prompt. xinetd is trying
> to launch the Xvnc process with the following configuration file
> (etc/xinetd.d/vnc)
>

> ...

>
> TigerVNC Viewer 64-bit v1.5.0
> Built on: ??-??-?? ??:??
> Copyright (C) 1999-2015 TigerVNC Team and many others (see README.txt)
> See http://www.tigervnc.org for information on TigerVNC.
>
> Sun Jun 26 01:42:36 2016
> CConn: connected to host localhost port 5901
>
> Sun Jun 26 01:42:48 2016
> CConn: End of stream
>

Looks like the server dies right away. So we'd need to see the log
output. Not sure where that ends up though. "sudo journalctl -f" and see
if you get anything perhaps?

Regards

[matthew....@gmail.com]

Output of journal while attempting to connect is;

Jun 27 22:16:05 linux-3o78 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT= MAC=9c:5c:8e:92:ed:15:00:21:5d:8d:21:8e:08:00 SRC=192.168.0.4 DST=192.168.0.6 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=21317 DF PROTO=TCP SPT=49519 DPT=5901 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030201010402)

nothing else appearing. I've also tried to connect to the http java service, which loads in browswer and starts app then displays the following

https://ibin.co/2m8wUIs95YDz.jpg

does XVNC or xorg-x11-server log output anywhere to diagnose from?
thanks for your help

[Brian Hinz]

On Sat, Jun 25, 2016 at 8:44 PM, <matthew....@gmail.com> wrote:

Evening,

im having trouble getting vncserver (1.50 as bundled with opensuse leap 42.1) to start in response to an xinetd prompt. xinetd is trying to launch the Xvnc process with the following configuration file (etc/xinetd.d/vnc)

service vnc1
{
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = vnc
        server          = /usr/bin/Xvnc
        server_args     = -noreset -inetd -once -query localhost -geometry 1360x768 -x509key /etc/vnc/tls.key -x509cert /etc/vnc/tls.cert -log *:stderr:100 -securitytypes none
        type            = UNLISTED
        port            = 5901
}

I noticed that you don't have a value set for the "disable" attribute - have you verified that a value of "yes" isn't being inherited from the global defaults in /etc/xinetd.conf?  Have you reviewed the system or xinetd-specific log files for any relevant output?

-brian

[matthew....@gmail.com]

i've checked xinetd.conf for gloabl settings. attributes being inherited does not include a disable.

xinet.d log output has entries such as this for every attempted connection i've tried;

16/6/27@22:26:45: START: vnc1 from=192.168.0.4
16/6/27@22:26:57: EXIT: vnc1 status=1 duration=12(sec)

[Pierre Ossman]

Hang on. I notice you have "-log *:stderr:100" in your command line.
That might interfere with the inetd mechanism. Please remove that and
see if it starts working.

[jke12345]

I am also trying to get tigervnc working under xinetd in SuSE Leap 42.1

I've been having some discussion on the SuSE forums and have so far been unable to resolve.

The original poster in the forum is having the same issue

We can start a remote session using a tiger vncserver started manually by a user. (i.e. a Permanent Session)

Sessions started with the vncserver started by xinetd fail) i.e. a One Time Session).

A tiger vnc client (started locally or from a windows PC) reports "reading version failed: not an RFB server?"

I enabled vnc using YaST and did not change any of the default settings

The xinetd settings are

service vnc1
{
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = vnc

        server          = /usr/lib/vnc/with-vnc-key.sh
        server_args     = /usr/bin/xvnc -noreset -inetd -once -query localhost -geometry 1024x768 -x509key /etc/vnc/tls.key -x509cert /etc/vnc/tls.cert -log *:syslog:30 -securitytypes none
}

[Brian Hinz]

/usr/lib/vnc/with-vnc-key.sh is something that is added by OpenSUSE, but my first guess would be that perhaps it's a permissions issue.  Is /etc/vnc writable by the user "vnc"?  It's also possible that the "-extensions usr_cert" option to openssl is part of the problem.  It's my understanding that this option may require some specific directives in the openssl.cnf file in order to produce a PKIX compliant certificate.  You might try dumbing it down a little to remove any advanced cert attributes and see if that helps.

-brian

--
You received this message because you are subscribed to the Google Groups "TigerVNC User Discussion/Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tigervnc-user...@googlegroups.com.
To post to this group, send email to tigervn...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/tigervnc-users/b08107d4-85b6-4b11-b6f2-3572e87855c1%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[jke12345]

fix to openSuSE setup of tigervnc posted on open SuSE forum (today)
revised recipe
to recap: remote tigervnc configuration using xinetd (aka One-Time sessions) SuSE 13.2 / Leap 42.1
1. YaST
2. Network Services
3. VNC
4. follow prompts to install any required packages, enable remote access, open firewall
5. Finish
6. you will get shunted to a Command Line Interface (CLI)
(if not I would reboot anyway and go to step 9)
7. login if asked
8. reboot --reboot
9. login
10. YaST
11 System
12 /etc/sysconfig Editor
13 Desktop
14 Display manager
15 DISPLAYMANAGER
16 change value to lightdm (default sddm)
17 save
18 YaST
19 Network Services
20 Network Services (xinetd)
21 scroll down to vnc1 (the one that runs as user: vnc)
22 highlight and edit
22 under Server Arguments
23 change the path at the beginning of the line to /usr/bin/Xvnc (i.e. capitalize the X)
24 Accept
25 Finish
26 reboot
27 should be able to start a VNC client session with login prompt using an address of xxx.xxx.xxx.xxx:1 or serverName:1

[jke12345]

comment for the original poster:
you xinetd vnc service settings are different than what Leap 42.1 creates by default
at least as of when I created my install disk a couple months back
so I would not mess with the xinetd vnc server settings in the recipe because the "server = /usr/bin/Xvnc" looks good
you have already enabled vnc service so skip that stuff too
so the only thing I would suggest is to change the DISPLAYMANAGER to lightdm (steps 10 -17) and reboot

On Saturday, June 25, 2016 at 8:44:59 PM UTC-4, matthew....@gmail.com wrote:

[matthew....@gmail.com]

Thank for the hard work, I'll try it out later and report back.