Configuring Remote Access to Fedora 21
In this post we will cover how to configure SSH access and GUI access to your Fedora 21 system. On Fedora 21 system this is easy with sshd and tightvnc.
SSH
SSH is the way most of Linux administrators access their systems. It is the easiest and one of the most secure ways to access. All you have to do to setup a system for ssh access is to enable and start SSHD.
First enable the sshd service
$ sudo systemctl enable sshd.service
Now let’s start it.
$ sudo systemctl start sshd.service
That’s all there is all there is to it, you can now ssh <ipaddress> and access your system.
$ ssh 192.168.1.114
Enabling VNC Access
Now we are going to install remote desktop access using tightvnc. First we need to install tightvnc.
$ sudo yum install tigervnc-server
A configuration file named /etc/systemd/system/vncserver@.service is required. To create this file, copy the /lib/systemd/system/vncserver@.service file as root
$ sudo cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@.service
Edit /etc/systemd/system/vncserver@.service, replacing USER with the actual user name. Leave the remaining lines of the file unmodified. The -geometry argument specifies the size of the VNC desktop to be created; by default, it is set to 1024×768.
Save the changes.
To make the changes take effect immediately, issue the following command:
$ sudo systemctl daemon-reload
Set the password for the user or users defined in the configuration file. Note that you need to switch from root to USER first.
# su - USER $ vncpasswd Password: Verify:
To start or enable the service, specify the display number directly in the command.
The syntax is:
$ sudo systemctl start vncserver@:display_number.service
We have selected to runit as port 1, or 5901.
$ sudo systemctl start vncserver@:1.service
You can also enable the service to start automatically at system start. Then, when you log in, vncserver is automatically started. As root, issue a command as follows:
$ sudo systemctl enable vncserver@:1.service
Now we are running but we need to add a few rules to the firewall to allow us to attach. We can check to see the ports the system is listening on.
$ netstat -na | grep -i listen tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp6 0 0 :::6001 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:631 :::* LISTEN
First let us add a rule. To allow all VNC connections from a specific address, use a command as follows:
$ sudo firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.114" service name=vnc-server accept'
$ sudo firewall-cmd --list-all public (default, active) interfaces: enp9s0 sources: services: dhcpv6-client mdns ssh ports: 5901/tcp masquerade: no forward-ports: icmp-blocks: rich rules: rule family="ipv4" source address="192.168.1.114" service name="vnc-server" accept
To open a port for TCP traffic in the public zone, issue a command as root as follows:
$ sudo firewall-cmd --zone=public --add-port=5901/tcp
To view the ports that are currently open for the public zone, issue a command as follows:
$ sudo firewall-cmd --zone=public --list-ports 5901/tcp
From this point we can now connect using VNC client to the Fedora 21 system.
Leave a Reply