How to Connect to a VNC Server Using SSH

Need to connect to a VNC server behind a firewall that only allows SSH traffic? With SSH access to the VNC server, you can tunnel the VNC traffic through an SSH connection. This will encrypt your VNC traffic through an SSH tunnel.

To begin, SSH to the VNC server and forward the local client’s 5904 TCP port to the VNC server’s port 5901.

client$ ssh user@vncserver.mydomain.com -L 5904:*:5901

Next, In a new window, direct vncviewer to your localhost 5904 port and the traffic will be forwarded to your VNC server’s port 5901.

client$ vncviewer localhost:5904

If you get any errors, be sure that your client’s firewall is not blocking localhost’s port 5904.

client$ su -c "iptables -L"

An Explanation of .bashrc and .bash_profile

An Explanation of .bashrc and .bash_profile

Both the ~/.bashrc and ~/.bash_profile are scripts that might be executed when bash is invoked. The ~/.bashrc file gets executed when you run bash using an interactive shell that is not a login shell. The ~/.bash_profile only gets executed during a login shell. What does this all mean? The paragraphs below explains interactive shells, login shells, .bashrc, .bash_profile and other bash scripts that are executed during login.

Login Shells (.bash_profile)

A login shell is a bash shell that is started with – or –login. The following are examples that will invoke a login shell.

sudo su -
bash --login
ssh user@host

When BASH is invoked as a login shell, the following files are executed in the displayed order.

/etc/profile
~/.bash_profile
~/.bash_login
~/.profile
Although ~/.bashrc is not listed here, most default ~/.bash_profile scripts run ~/.bashrc.

Purely Interactive Shells (.bashrc)

Interactive shells are those not invoked with -c and whose standard input and output are connected to a terminal. Interactive shells do not need to be login shells. Here are some examples that will evoke an interactive shell that is not a login shell.

sudo su
bash
ssh user@host /path/to/command

In this case of an interactive but non-login shell, only ~/.bashrc is executed. In most cases, the default ~/.bashrc script executes the system’s /etc/bashrc.

Be warned that you should never echo output to the screen in a ~/.bashrc file. Otherwise, commands like ‘ssh user@host /path/to/command’ will echo output unrelated to the command called.

Non-interactive shells

Non-interactive shells do not automatically execute any scripts like ~/.bashrc or ~/.bash_profile. Here are some examples of non-interactive shells.

su user -c /path/to/command
bash -c /path/to/command

Fedora 10 Rar and Unrar

By default, Rar is not available in Fedora 10. If all you need to do is extract files from a Rar archive, unrar from RPM Fusion’s YUM repositories will work. If you need to create Rar archives, then you will have to download and install the complete Rar package from DAG. The instructions below show you how.

Only Need to Extract Files?

First, install RPM Fusion’s free and nonfree YUM repositories. For detailed information about installing RPM Fusion, see: http://rpmfusion.org/Configuration

su -c "rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm"
su -c "rpm -Uvh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm"

Next, install the unrar packages from RPMFusion’s nonfree repository.

su -c "yum install unrar"

Done! You now have unrar in /usr/bin/unrar. This binary can only extract files from Rar archives. Use this command to see all available options:

/usr/bin/unrar -?

Need to Create Rar Archives?

First, download the source RPM from DAG: http://dag.wieers.com/rpm/packages/rar

wget -c http://dag.wieers.com/rpm/packages/rar/rar-3.5.1-1.rf.src.rpm

Now, install the source RPM. This will create a $HOME/rpmbuild tree. Please note that you do not need to be root.

rpm -iv  rar-3.5.1-1.rf.src.rpm

Next, build a binary package in $HOME/rpmbuild. Again, no need to be root.

rpmbuild -bb ~/rpmbuild/SPECS/rar.spec

Finally, install the built RPM as root:

su -c "rpm -Uvh $HOME/rpmbuild/RPMS/$(arch)/rar-3.5.1-1.rf.x86_64.rpm"

Done! You now have rar in /usr/bin/rar. This binary can build and extract Rar files. Use this command to see all available options:

/usr/bin/rar -?

Passwordless SSH

Passwordless SSH can be accomplished using SSH’s public key authentication. To configure passwordless SSH, follow the directions below. Warning: passwordless SSH will make your systems less secure. If you are comfortable with that, the directions below will walk you through server and client configurations. Then, I’ll show you how to debug SSH if you encounter problems.

SSHD Server Configuration

First, you must ensure that your SSHD server allows for passwordless authentication using public keys. If you do not have root access to the server, do not worry. By default, public key authentication over protocol 2 is enabled. Skip this step. If you have any problems, contact your System Administrator.

If you have root privileges, edit your system’s /etc/ssh/sshd_config and apply the following settings. I suggest you disable protocol 1 RSA key based authentication and leave all other settings alone for now. Visit the man page SSHD_CONFIG(5) for details.

# Disable protocol 1 RSA key based authentication
RSAAuthentication no
# Protocol 2 public key based authentication
PubkeyAuthentication yes
# Authorized public keys file
AuthorizedKeysFile .ssh/authorized_keys

If you make any changes, save them and restart your SSH server.

service sshd restart

SSH Client Configuration

Now that the server is configured, log into your client system and examine /etc/ssh/ssh_config. This is the SSH client configuration file and you do not need to edit it.

less /etc/ssh/ssh_config

By default, public key authentication over protocol 2 is enabled for clients. You only need to make sure that it is not disabled. If it is, create an ~/.ssh/config to override the /etc/ssh/ssh_config options.

cp -a /etc/ssh/ssh_config ~/.ssh/config

Then edit it and add this to the “Host *” block:

PubkeyAuthentication yes

Create Client Key

With the client in order, you need to create a public and private key pair. The following command will build a RSA key pair. Hit for all questions asked. This will create a RSA key pair in ~/.ssh/. The private key is called id_rsa and the public key is id_rsa.pub.

ssh-keygen -t rsa

Use Key for Authentication

Now that you have a public and private key pair, put the public key on the server you wish to log into without a password. You will need to put the public key inside the server’s /home/user/.ssh/authorized_keys file. This file can contain multiple keys, so you generally do not want to just copy over it. Note that the authorized_keys2 file was deprecated in OpenSSH 3.0 (2001).

cat ~/.ssh/id_rsa.pub | ssh user@server "cat - >> ~/.ssh/authorized_keys"

Alternatively, modern releases of SSH have a command to help you copy keys.

ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

Test and Debug SSH

Now, test.

ssh username@server date

If you get prompted for a password, check the server’s system logs for clues. You can also enable debugging in /etc/ssh/sshd_config with the following directive.

LogLevel DEBUG

Other options are INFO, VERBOSE, DEBUG2 and DEBUG3. See the man page SSHD_CONFIG(5) for details. For the client, the exact same option can be placed inside a /etc/ssh/ssh_config’s Host block. See SSH_CONFIG(5) for client debugging details.

man 5 sshd_config
man 5 ssh_config

Installing Compiz on Fedora 10

The Compiz window manager is available on Fedora 10. Since Compiz uses 3D graphics acceleration via Fedora’s OpenGL libraries, you will need a descent graphics card (and their drivers) installed on your Fedora system. For more information on Compiz see: http://www.freedesktop.org/wiki/Software/Compiz

Gnome Compiz Install

If you are using Gnome, run:

su -c "yum install compiz-gnome"

Then, run the following and click on “Enable Desktop Effects”

/usr/bin/desktop-effects

KDE Compiz Install

KDE users should run:

su -c "yum install compiz-kde"

Then, run the following command, select “Compiz” and click “OK”

/usr/bin/kde-desktop-effects.sh

Fedora 10 MP3 Support

Fedora 10 does not come with built-in MP3 support. To get MP3 support with Fedora, you can use RPM Fusion’s YUM repositories to download MP3 enabled RPMs.

Enable RPM Fusion

First, install RPM Fusion’s free and nonfree YUM repositories. For detailed information about installing RPM Fusion, see: http://rpmfusion.org/Configuration


su -c "rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm"
su -c "rpm -Uvh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm"

Install GStreamer

Next, run this command to get the gstreamer plugins.


su -c "yum install gstreamer gstreamer-plugins-bad gstreamer-plugins-ugly"

Install Applications and Libraries

For Amarok with MP3 support, install these packages:


su -c "yum install amarok phonon-backend-gstreamer"

For MPlayer with MP3 support, install these RPMs:


su -c "yum install mplayer gnome-mplayer gnome-mplayer-common mencoder"

For XMMS with MP3 support, install the following:


su -c "yum install xmms xmms-mp3"

For xine with MP3 support, install these RPMs:


su -c "yum install xine xine-lib-extras-nonfree"

To create MP3s with LAME, install lame and lame-mp3x.


su -c "yum install lame lame-mp3x"

Run this command to install everything:


su -c "yum install xmms xine mplayer amarok xmms-mp3 gstreamer phonon-backend-gstreamer gstreamer-plugins-bad gstreamer-plugins-ugly xine-lib-extras-nonfree mplayer gnome-mplayer-common mencoder gnome-mplayer lame lame-mp3x"

Perl For Loop

The Perl for loop is used to loop through a block of code until a specified condition is met. The for loop statement contains three sections followed by a block of code. Below is an example.

A Simple For Loop Example


for (my $number = 1; $number <= 10; $number++) {
  print "$number ";
}

The first section initializes a variable


my $number = 1;

Then, the loop condition is provided. The loop will run as long as this is true.


$number <= 10;

Finally, the last section is executed at the end of each loop iteration. In our example's case, $number increments by one.


$number++

Executing this loop results in:


1 2 3 4 5 6 7 8 9 10

For Loop and Arrays

Here is an example of how the for statement can be used to loop through an array.


my @languages = ("Perl", "Python", "C", "Fortran");
my $size = @languages;
for (my $i = 0; $i <= $size; $i++) {
  print "$languages[$i]\n";
}