A server should be focused on it's core critical tasks. CLI is the best interface for that.
Sometimes a GUI can help in exploring options or making tasks accessible for non CLI workers.
before any installation
apt-get update apt-cache search keyword yum update yum upgrade yum groupinstall "X Window System" "GNOME Desktop Environment" yum grouplist
//xorg is a fork of xfree86, both of which use the x11 system //of windowing for linux apt-get install xorg Xorg -configure Xorg -configure //auto configures and creates /home/username/xorg.conf.new X -config /home/username/xorg.conf.new //starts the X server GUI ctrl+alt+backspace //exits the X Server Gui /var/log/Xorg /etc/x11/xorg.conf REMOTE GUI APPLICATIONS ## install ssh server apt-get install openssh-server apt-get install x11vnc then run (as root?) x11vnc -storepassword //create a password file x11vnc -safer //could also have -viewonly -once -forever -shared -timeout -nolookup
ssh config to allow forwarding
nano /etc/ssh/sshd_config uncomment or add the line: ForwardX11 yes
VNC/SSH CLIENT SETUP
start your ssh client (e.g. putty)
configure the connection with Connection-> SSH-> Tunnels
Source Port: 5900 Destination: localhost:5900 Add //should add the line L5900 localhost:5900 x11vnc -safer -localhost -nopw -once -display :0
REMOTE GUI SECURITY OPTIONS
The man page for vncviewer (man (1) vncviwer) you'll notice there is a small section for -via.
Makes the connection go through SSH to a gateway host. The gateway should be the target host for best connection secrecy.
Basically this is saying that you can tunnel VNC over SSH within your connection command.
vncviewer -via user@host localhost:0
## setup server for remote access to GUI applications (X) grep "X11Forwarding yes" /etc/ssh/sshd_config || echo "X11Forwarding yes" >> /etc/ssh/sshd_config apt-get install xauth ##may be obsolete ## install some applications apt-get install xeyes xclock firefox
apt-get install x-window-system apt-get install xterm twm dpkg-reconfigure xserver-xfree86 //to configure the GUI apt-get install mozilla-firefox //a big no no on servers... use wget or elinks...
Remove (or rename) the x-scripts from the run-level directories so that you don't start into the graphical environment. You only want this when it suits you.
for SCRIPT in (xdm Xprt xfs);do mv /etc/rc2.d/S20$SCRIPT /etc/rc2.d/s20$SCRIPT done