Yolinux.com Tutorial

GDM and XDMCP configuration for remote graphical Linux desktop access

Linux installations default to a secure configuration which does not allow remote graphical logins or remote desktop access. This tutorial details configuration changes to allow remote access using X-Windows XDMCP and GDM (GUI login).

Related YoLinux Tutorials:

°Linux in a MS/Windows Network

°Linux Networking

°Linux Sys Admin

°YoLinux Tutorials Index




Free Information Technology Magazines and Document Downloads
TradePub link image


Linux configuration for a GUI login:

Typically Linux configures the choice of a text console login or a graphical GUI login in the init script configuration file /etc/inittab. In order to allow remote a GUI login, the system itself must be configured for a X11 GUI login.

# Default runlevel. The runlevels used by RHS are:
#   0 - halt (Do NOT set initdefault to this)
#   1 - Single user mode
#   2 - Multiuser, without NFS (The same as 3, if you do not have networking)
#   3 - Full multiuser mode
#   4 - unused
#   5 - X11
#   6 - reboot (Do NOT set initdefault to this)
#
id:5:initdefault:

                    
(Partial file listing)

Note that this shows a run level of "5" for a Red Hat / Fedora / CentOS based configuration.

Ubuntu:

  • Start GDM manually with the command: /etc/init.d/gdm
    (This can be added to the system init process: ln -s /etc/init.d/gdm /etc/rc2.d/S13gdm)
    or
  • add to /etc/inittab or /etc/rc.local
    x:2:respawn:/usr/sbin/gdm
        
    Ubuntu uses runlevel 2-5 as regular multi-user mode.

Also see the YoLinux.com Linux init process tutorial.


Granting MS/Windows users remote GUI access to your system:

XDM login manager:

  • Edit file:
    • Red Hat: /etc/X11/xdm/Xaccess
    • Suse: /usr/X11R6/lib/X11/xdm/Xaccess

    Change from:
    # *                                       #any host can get a login window
    To:
    *                                       #any host can get a login window

  • Edit file: /etc/X11/xdm/xdm-config
    Change last line from:
    !DisplayManager.requestPort:    0
    To:
    DisplayManager.requestPort:    0
    System default for RHEL4/FC3.

GDM login manager:

  • Edit file:
    • Red Hat Enterprise 5, CentOS 5: /etc/gdm/custom.conf
      Note: RHEL5 only uses this file as XDM is no longer supported.
      Add two enties to the existing categories:
      [xdmcp]
      Enable=true
      
      [security]
      DisallowTCP=false
      
                          
      One can also use the GUI config tool /usr/sbin/gdmsetup.

    • Red Hat Enterprise 3/4, CentOS 3/4, Fedora 1-6: /etc/X11/gdm/gdm.conf
      Change last line from:
          [xdmcp]
      Enable=false
      To:
          [xdmcp]
      Enable=true
      One can also use the GUI config tool gdmsetup.

  • Restart X-Windows:
    • [root]# init 3
    • [root]# init 5

Note:

  • You can use the config tool /usr/sbin/gdmsetup to configure GDM.
  • You can test the GDM login screen locally: X -query localhost :1

gdmsetup: This GUI will edit the configuration GDM configuration file.
  • Red Hat Enterprise 5, CentOS 5: /etc/gdm/custom.conf
  • Red Hat Enterprise 3/4, CentOS 3/4, Fedora 1-6: /etc/X11/gdm/gdm.conf

Select the check box "Enable XDMCP":



Remote X server access for MS/Windows:

Open Source MS/Windows PC X-Windows server software:

Commercial MS/Windows PC X-Windows server software:

Also see accessing Linux from Microsoft Windows for more remote X-Windows configuration information.


Remote X server access for Linux:

Use the X-Windows Xnest command to connect.

/usr/bin/X11/Xnest -query computer-node-name -geometry 1280x1024 :1
Xnest image
Example using option "-geometry 850x680".

[Potential Pitfall]: If your get the following error message:

Fatal server error:
Server is already active for display 0
This means you forgot the ":1" at the end of the command and it defaulted to :0 which is your current desktop window thus causing a conflict.

Red Hat / Fedora / CentOS distributions require package xorg-x11-Xnest


Configuration Pitfalls:

  • Make sure the system firewall rules allow XDMCP protocol to pass.
    • List firewall rules: iptables -L
    • Flush all firewall rules: iptables -F
    The following ports and protocols must be able to pass through the firewall:
    • UDP: 177 (XDMCP)
    • TCP: 6000-6005 (X11 protocol)
    • TCP: 7100 (xfs: X font server)
   

    Bookmark and Share


Advertisements




Copyright © , 2001 - 2009 by Greg Ippolito