TurboVNC and a multi-user setup
123 views
Skip to first unread message
Artyom Aleksyuk
Apr 5, 2018, 6:24:07 PM4/5/18
to TurboVNC User Discussion/Support
Hello.
Thank you very much for such a helpful and reliable software project :)
I've used TurboVNC to access my personal PC for a long time, and now I'm going to set up a terminal server based on the TurboVNC. My tasks are not connected to 3D graphics in any way. I've tried several remote access technologies: XRDP works surprisingly slow (I feel a noticeable lag) and X2Go is buggy on Windows, so I've chosen TurboVNC.
I haven't found any information about how to make a multi-user setup. Each user has it's own Unix account. Authentication is done using passwords. I've tried to enable PAM-based authentication (Plain type), but it works for one user only. I've tried to run vncserver as a root user, but this doesn't changed anything. Vncserver still executes ~/.vnc/xstartup.turbovnc for an owner user instantly after it's launch. My expectation is that vncserver should launch a session only when a user logs in. How can I achieve this? Can you make any suggestions about building a multi-user setup?
DRC
May 7, 2018, 4:55:03 PM5/7/18
to turbovn...@googlegroups.com
Sorry for the delay. This got buried in my inbox. To clarify how
TurboVNC works, in order to set expectations:
The TurboVNC Server (and any Xvnc solution, really) is per-user, so when
you run /opt/TurboVNC/bin/vncserver, it creates a virtual X server that
runs under the user account that launched it. Each TurboVNC Server
instance uses a different X display number, so you can have many
different instances running on the same machine, each under a different
user account. For instance, user1's TurboVNC Server instance may be
using Display :1, user2's TurboVNC Server instance may be using Display
:2, etc. That's why you have to specify the display number when
connecting with the TurboVNC Viewer. Each display number corresponds to
a different TCP port on which the RFB server is listening.
If you are using PAM user/password authentication by default (configured
in /etc/turbovncserver-security.conf), then a particular TurboVNC Server
session will accept the Unix login credentials of the user that created
it. If you enable Access Control Lists by uncommenting
'enable-user-acl' in /etc/turbovncserver-security.conf, then the user
that started the TurboVNC Server session can grant other users access to
it for the purposes of collaboration (ACLs for a particular TurboVNC
Server session can be manipulated using /opt/TurboVNC/bin/vncpasswd.)
As far as launching a session only when a user logs in, that would
depend on what you mean by "logs in." You mean logging into a SSH
session? Otherwise, I'm confused as to how you expect it to work.
TurboVNC works, in order to set expectations:
The TurboVNC Server (and any Xvnc solution, really) is per-user, so when
you run /opt/TurboVNC/bin/vncserver, it creates a virtual X server that
runs under the user account that launched it. Each TurboVNC Server
instance uses a different X display number, so you can have many
different instances running on the same machine, each under a different
user account. For instance, user1's TurboVNC Server instance may be
using Display :1, user2's TurboVNC Server instance may be using Display
:2, etc. That's why you have to specify the display number when
connecting with the TurboVNC Viewer. Each display number corresponds to
a different TCP port on which the RFB server is listening.
If you are using PAM user/password authentication by default (configured
in /etc/turbovncserver-security.conf), then a particular TurboVNC Server
session will accept the Unix login credentials of the user that created
it. If you enable Access Control Lists by uncommenting
'enable-user-acl' in /etc/turbovncserver-security.conf, then the user
that started the TurboVNC Server session can grant other users access to
it for the purposes of collaboration (ACLs for a particular TurboVNC
Server session can be manipulated using /opt/TurboVNC/bin/vncpasswd.)
As far as launching a session only when a user logs in, that would
depend on what you mean by "logs in." You mean logging into a SSH
session? Otherwise, I'm confused as to how you expect it to work.
Reply all
Reply to author
Forward
0 new messages