search
top

Configuring Remote Access to Fedora 21

In this post we will cover how to configure SSH access and GUI access to your Fedora 21 system. On Fedora 21 system this is easy with sshd and tightvnc.

SSH

SSH is the way most of Linux administrators access their systems. It is the easiest and one of the most secure ways to access. All you have to do to setup a system for ssh access is to enable and start SSHD.

First enable the sshd service

$ sudo systemctl enable sshd.service

Now let’s start it.

$ sudo systemctl start sshd.service

That’s all there is all there is to it, you can now ssh <ipaddress> and access your system.

$ ssh 192.168.1.114

Enabling VNC Access

Now we are going to install remote desktop access using tightvnc. First we need to install tightvnc.

$ sudo yum install tigervnc-server

A configuration file named /etc/systemd/system/vncserver@.service is required. To create this file, copy the /lib/systemd/system/vncserver@.service file as root

$ sudo cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@.service

Edit /etc/systemd/system/vncserver@.service, replacing USER with the actual user name. Leave the remaining lines of the file unmodified. The -geometry argument specifies the size of the VNC desktop to be created; by default, it is set to 1024×768.

Save the changes.
To make the changes take effect immediately, issue the following command:

$ sudo systemctl daemon-reload

Set the password for the user or users defined in the configuration file. Note that you need to switch from root to USER first.

# su - USER
$ vncpasswd
Password:
Verify:

To start or enable the service, specify the display number directly in the command.

The syntax is:

$ sudo systemctl start vncserver@:display_number.service

We have selected to runit as port 1, or 5901.

$ sudo systemctl start vncserver@:1.service

You can also enable the service to start automatically at system start. Then, when you log in, vncserver is automatically started. As root, issue a command as follows:

$ sudo systemctl enable vncserver@:1.service

Now we are running but we need to add a few rules to the firewall to allow us to attach. We can check to see the ports the system is listening on.

$ netstat -na | grep -i listen
tcp        0      0 0.0.0.0:5901            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:6001            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN
tcp6       0      0 :::6001                 :::*                    LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
tcp6       0      0 ::1:631                 :::*                    LISTEN

First let us add a rule. To allow all VNC connections from a specific address, use a command as follows:

$ sudo firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.114" service name=vnc-server accept'
$ sudo firewall-cmd --list-all
public (default, active)
interfaces: enp9s0
sources:
services: dhcpv6-client mdns ssh
ports: 5901/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="192.168.1.114" service name="vnc-server" accept

To open a port for TCP traffic in the public zone, issue a command as root as follows:

$ sudo firewall-cmd --zone=public --add-port=5901/tcp

To view the ports that are currently open for the public zone, issue a command as follows:

$ sudo firewall-cmd --zone=public --list-ports
5901/tcp

From this point we can now connect using VNC client to the Fedora 21 system.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

top