Machine-translated page for increased accessibility for English questioners.
Remote graphical access to Linux stations
This tutorial describes how to connect to nymfe* machines, but can also be used for musa* machines.
Instructions for Windows 10 and Linux
You need to activate the SSH client before logging in from Windows, see the instructions.
1. Setting the local variable LOGIN
Open Windows PowerShell (
, hint: you can paste from the clipboard by right-clicking, copy
Enter), or Bash shell (
). Set the variable
LOGIN (in the command below, replace "xlogin" with your faculty login):
-
Windows
PS C:\Users\user> $LOGIN="xlogin" -
Linux
local$ LOGIN=xlogin
2. Selecting the Nymfe machine and port
Randomly select one of the permanently running Nymfe machines and also the port to be used for VNC:
-
Windows
PS C:\Users\user> $NN= "0" + $(Get-Random -Maximum 3 -Minimum 1) PS C:\Users\user> $LC_PORT = $((5900 + $(Get-Random -Maximum 100))) PS C:\Users\user> echo $LC_PORTMake a note of the port number for later use.
-
Linux
local$ NN=0$((RANDOM % 2 + 1)) && \
export LC_PORT=$((5900 + RANDOM % 100)) && \
echo $LC_PORT >/tmp/fi-nymfe-vnc-port
3. Creating an SSH tunnel
The Nymfe machines are only accessible from the FI network, so you will need to log in via Aisu. We will connect via SSH, turn on compression, and create a tunnel. You will need to enter the password twice (unless you are using an SSH key), and you will also need to confirm the SSH key the first time you connect.
The goal of this point is to securely access the VNC port of Nymfe on the local machine. Alternatively, you can use a faculty VPN- then there is no need to use a jump host when logging in via SSH.
-
Windows
SSH in Windows has a bug (written in February 2020) that makes the
-J(jump host) switch not work. However, this can be worked around by using theconfigconfiguration file in the home directory under the.sshfolder.Create a file
C:\Users\user\.ssh\config("user" is your Windows user) with the following content (replace "XLOGIN" with your faculty login):Host nymfe*.fi.muni.cz ProxyCommand C:\Windows\System32\OpenSSH\ssh.exe XLOGIN@aisa.fi.muni.cz -W %h:%pNow we can connect:
PS C:\Users\user> ssh -C $LOGIN@nymfe$NN.fi.muni.cz -L $LC_PORT":localhost:"$LC_PORT -
Linux
local$ ssh -CJ $LOGIN@{aisa,nymfe$NN}.fi.muni.cz -L $LC_PORT:localhost:$LC_PORT -o SendEnv=LC_PORT
4. Setting the password for VNC
Set a random VNC password (this is useful due to the possibility of a brute force attack while the VNC server is running), make a note of the password. You only need to do this step once the first time you use this tutorial, but you can also repeat it each time.
nymfe$ { pwgen 8 1 | tee /dev/std{out,err}; echo n; } | vncpasswd; echo
5. Setting the graphical session type
Make sure to set the graphical session type (this step does not need to be repeated):
nymfe$ test -f ~/.dmrc || echo -e "[Desktop]\nSession=default" >~/.dmrc
6. Creating a session
Create a session
x11vnc including the creation of a new X server. You can change the remote desktop dimensions by editing the
-geometry parameter. Variable forwarding does not work from Windows (
), so
replace "$LC_PORT" in the command with the port number you obtained in step
2.
nymfe$ x11vnc -auth .Xauthority -N -localhost -rfbport $LC_PORT -usepw -create -geometry 1280x1024
Do not close the terminal window.
7. Connecting to Nymph
Connect from your machine to Nymfe using the VNC client (use the password from step 4):
-
Windows
For Windows, you can download e.g. Real VNC Viewer (you can also select the standalone version without installation).
Address:
localhost:LC_PORT("LC_PORT" replace the port number from step 2).Don't be alarmed by the warning about the unencrypted connection, the connection from your machine to Nymfe is encrypted thanks to the SSH tunnel.
-
Linux
local$ vinagre localhost:$(cat /tmp/fi-nymfe-vnc-port)
Notes:
- This procedure uses X.Org, while the local session runs through Wayland. The user environment may therefore differ slightly.
-
If you only see a black background with a white terminal (
xterm), there is probably a problem with the session setup. In this case, try running it manually via this terminal:xterm$ gnome-session
Correct session termination
- Log out of the Gnome session, which will terminate the VNC client as well as the VNC and X server (it may take a while, estimated 20 seconds, before you get the Log Out: wait prompt)
- if the step above fails for some reason, exit
x11vncwith the shortcutCtrl-Cand rungnome-session-quit --force --logout - in any case, check for any leftover processes and kill them (
ps ux,kill PID, or if you don't have any other graphics processes running on your machine,systemctl --user stop dbus ssh-agent gpg-agentmay also help )