I try to set up VNC server "vino" without a X-Session from command line on my Raspberry Pi. I do not want to use a shared X11Session over SSH and so on.
So, currently I am stucked within the fact that I do not know where the tool "vino-preferences" is storing its preferences.
I know that the tool is using "gconf" to read and set the configuration properties.
If I execute the tool "vino-preferences" within a created X-Window (Yes, I have a output device, a plugged keyboard and mouse at the Pi) and change some settings there and run
find / -not -path "/proc/*" -not -path "/sys/*" -printf '%TY-%Tm-%Td %TT %p\n' | sort
to find out which files have changed there is nothing relevant.
So, where the hell is the tool reading its properties? The set properties are applied because if I deactivate the "Allow other users to use this Desktop" option I am not able to connect anymore with a VNC client.
Downloading the sources of "vino" I found a file called "org.gnome.Vino.gschema.xml" with this content:
<schemalist>
<schema id='org.gnome.Vino' path='/org/gnome/desktop/remote-access/'>
<key name='enabled' type='b'>
<summary>Enable remote access to the desktop</summary>
<description>
If true, allows remote access to the desktop via the RFB
protocol. Users on remote machines may then connect to the
desktop using a VNC viewer.
</description>
<default>false</default>
</key>
...
So maybe this file must be used somewhere?
Yo can try with gsettings if you want to access via shell. If you have not it installed, they are in libglib2.0-bin package.
Yo can see all config keys with:
gsettings list-recursively org.gnome.Vino
And if you want to change the options it is possible doing:
gsettings set org.gnome.Vino view-only true
New settings will work once vino is restarted.
Related
To work remotely I need to SSH into the main server and then again into the departmental server.
I would like to set up a tunnel using sublime text 3 wbond sftp package to view and edit files remotely but I can't seem to find any information for setting up a tunnel. Is this even possible?
The reason I'm interested in this particular package is because I am unable to install any packages locally on the server, hence using something like rsub is not possible.
Any other suggestions besides sublime sftp are welcome.
I'm not sure the SFTP plugin would allow to do this directly.
What i would suggest is for you to use ssh -L to create a tunnel.
ssh -L localhost:random_unused_port:target_server:22 username_for_middle_server#middle_server -nNT
Use the password/identity_file for the middle server
The -nNT is to avoid opening an interactive shell in the middle server.
IMPORTANT: You need to keep the ssh -L command running so keep that shell open.
In this way you can connect to the target_server as such:
ssh username_for_target_server#localhost -p random_port_you_allocated
Similarly you can setup the SFTP plugin file as such
{
...
"host":"localhost",
"user":"username_for_target_server",
"ssh_key_file": "path_to_target_server_key",
"port":"random_port_you_allocated",
....
}
As a sidenote, always use the same port to tunnel to the same server, otherwise, with the default ssh configuration, you will be warned of a "Man in the middle attack" because the signature saved in the .ssh/known_hosts will not match with the previous one. This can be avoided by disabling this feature but I wouldn't recommend it.
I've been working on a file server product that uses smbcilent to transfer files between client computers and the server. It's been working great so far with our LAMP (Ubuntu) server and Windows machines.
I'm currently trying to expand the setup to include Mac's, but am having trouble with the server accessing the share on the Mac.
Here's my command and error (bracketed descriptions replace private info):
# smbclient //10.101.0.7/[share-file] -U [username]%[password] -c ls
WARNING: The "syslog" option is deprecated
NTLMSSP packet check failed due to short signature (0 bytes)!
NTLMSSP NTLM2 packet check failed due to invalid signature!
session setup failed: NT_STATUS_ACCESS_DENIED
Things I've tried:
✓ Accessing share using a Windows machine to ensure the share is setup properly - check! Works fine there.
✓ Invoking -S off or --signing=off in the command - no change.
✓ Just looking at the shares first using smbclient -L 10.101.0.7 -U [username]%[password] - same error.
✓ Googling for an answer - check! Several people with similar problems, but no working solutions so far.
The most promising thing I've see so far involves compiling smbclient 4.4 from sources and running that with no authentication (-U ""%""), but that seems like a temporary solution based on a bug rather than a solid plan that will work for a long time. (But I'll try that next if I can't find any better ideas...)
Thanks for reading and trying to help!
Try adding --option="ntlmssp_client:force_old_spnego = yes" to the smbclient command as suggested on the samba-technical mailing list.
For me, this now lists shares on a Mac OSX server:
smbclient -U$user%$password -L $mac_host --option="ntlmssp_client:force_old_spnego = yes"
For mounting, you may need to add the nounix,sec=ntlmssp options as in
sudo mount -t cifs //$mac_host/$share $mountpoint -o nounix,sec=ntlmssp,username=$user,password=$password
On recent versions of MacOS (e.g. Monterey) it is necessary to do several configuration steps to enable smb access from Linux:
Open System Preferences.
Select Sharing.
Select File Sharing.
Ensure that the directory is listed in Shared Folders.
Right-click/two-finger click on the share directory.
Click on Advanced Options
Ensure Only allow SMB encrypted connections is checked.
Click OK
Click on Options
Click on the checkbox for Share files and folders using SMB.
Under Windows File Sharing ensure the appropriate user is checked.
Type the user's password in the 'Authenticate' dialog bo and press 'OK'.
Click 'Done'.
You should now be able to connect from Linux to the MacOS share using the commands given by #mivk.
I am trying to use putty and XMing to run programs from my Fedora 20. I used this configuration before on other machines and I was able to run GUI programs on Linux and display them in my windows 7. But this time I have trouble and get the "cannot connect to X server" error when I try to launch kwrite and kdesvn which are GUI programs in Fedora 20. The connections were good. And the XMing server was running and the X11 forwarding was enabled in putty, like the instruction here.
From my another Fedora 20 machine, I was able to connect to and run GUI programs from the target machine with ssh -X and the same username. So I am thinking the settings of the target machine was right.
Then what else I can try? how to figure out where the problem is?
Ensure that X11 forwarding is enabled in /etc/sshd_config.
X11Forwarding yes
Ensure in your home directory that you have an .Xauthority file. Permissions should be set 0600. If the file does not exist create it.
touch ~/.Xauthority
chmod 0600 ~/.Xauthority
As was previous stated first make sure that X11 forwarding is enabled in PuTTY.
Config > Connection > SSH > X11 > Enable X11 Forwarding. Based on your question it appears you already did this. Make sure you save this config.
I had a problem much like this, what happened to me was that my DISPLAY was being set elsewhere. If you can, try opening a new settion via putty from the same Windows machine using another user and then checking the display and testing your GUI programs
Another thing would be to use your own user but remove any custom work you may have done in your configuration, login fresh, check the DISPLAY and then test X
Did you enable X11 in putty?
It's under SSH | X11 | Enable X11 Forwarding
Then save the putty profile and click on session | save | open
Should work perfectly after you make those changes.
I am having difficulty connecting to a remote Windows system running cygwin.
When I connect from a linux box to cygwin, it connects fine and "sees" the
remote home directory as /home/userID
When I connect from Windows cygwin to the remote windows cygwin, it sees
the home directory as /cygdrive/c/Documents and Settings/UserID
Finally, when I am logged onto the remote Windows machine (the one with the problem)
home is /home/UseID but the value for cygpath -H is
$ echo $(cygpath -H)
/cygdrive/c/Documents and Settings
This seems to be causing my connection problem from windows to windows
and no problem from linux to windows
Any ideas how to fix it?
Since you have the correct path in /etc/passwd, one possibility is that perhaps the SSH client you are using from your Windows systems is sending custom environment values.
If you're using PuTTY, before connecting, look in the tree panel on the left hand side of the dialog. There should be an entry called Connection and a sub-entry called Data which will bring you to an option screen that has a section called Environment variables. Check if the HOME var is being overridden there and if so, remove it.
If you're using a different SSH client, check its configuration to see if its using the SendEnv option. More info on that here: http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config.
Or you could try blocking off custom environments on the destination/server side by disabling AcceptEnv in the SSHd configuration on the system you're connecting to. More info on that here: http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config.
Hope this helps.
I am trying to execute a bat file on remote windows machine on cloud from my Linux. The bat files starts selenium server and then my selenium tests are run. I am not able to start selenium RC server on that machine. I tried with Telnet but the problem with it is when telnet session is closed the RC server port is also closed. As my code my code has to start the server so I tried with ANT telnet task and also executed shell script of telnet in both ways the port was closed.
I read about Open SSH, psexec for linux and cygwin. But i am not getting how to use these and will they will solve my problem.
I have tried to start a service which will start the server but in this method i am not getting browser visible all tests are running in background as my script takes screen shot browser visibility is must.
Now my Question is what to use and which will be preferable for my job.
and what ever i choose should be executed by code it may be by shell, ant or php.
Thanks in advance.
Let's go through the various options you mentioned:
psexec: This is pretty much a PC only thing. Plus, you must make sure that newer Windows machines can get through the UAC that are setup by default. UAC is the thing you see all the time on Vista and Windows 7 when you try to do something that requires administrator's privileges. You can try something called winexe which is a Linux program that can do the psexec protocol, but I've had problems getting it to work.
OpenSSH: There are two main flavors of SSH, and Open SSH is the one used by the vast majority of sites. SSH has several advantages over other methods:
SSH is secure: Your network traffic is encrypted.
SSH can be password independent: You can setup SSH to use private/public keys. This way, you don't even have to know the password on the remote server. This makes it more secure since you don't have passwords being stored on various systems. And, in many Windows sites, passwords have to be changed every month or so or the account is locked.
SSH can do more than just execute remote commands: There are two sub-protocols on SSH called SCP and SFTP. These allow you to transfer files between two machines. Since they work over SSH, you get all of the advantages of SSH including encrypted packets, and public/private key protection.
SSH is well implemented in the Unix World: You'll find SSH clients built into Ant, Maven, and other build tools. Programs like CVS, Subversion, and Git can work over SSH connections too. Unfortunately, the Windows World operates in a different space time dimension. To use SSH on a Windows system requires third party software like Cygwin.
Cygwin: Cygwin is sort of an odd beast. It's a layer on top of Windows that allows many of the Unix/GNU libraries to work over Windows. It was originally developed to allow Unix developers to run their software on Windows DOS systems. However, Cygwin now contains a complete Unix like system including tools such as Perl and Python, BASH shell, and many utilities such as an SSH server. Since Cygwin is open source, you can download it for free and run SSH server. Unfortunately, I've had problems with Cygwin's SSH server. Another issue: If you're running programs remotely, you probably want to run them in a Windows environment and not the Cygwin environment.
I recommend that you look at WinSSHD from Bitvise. It's an OpenSSH implementation of the SSH Server, but it's not open source. It's about $100 per license and you need a license on each server. However, it's a robust implementation and has all of the features SSH has to offer.
You can look at CoSSH which is a package of Cygwin utilities and OpenSSH server. This is free and all open source, but if you want an easy way of setting it up, you have to pay for the Advanced Administrator Console. You don't need the Advanced Administrator Console since you can use Cygwin to set everything up, and it comes with a basic console to help.
I prefer to use cygwin and use SSH to then log in to the windows machine to execute commands. Be aware that, by default, cygwin doesn't have OpenSSH installed.
Once you have SSH working on the windows machine you can run a command on it from the Linux machine like this:
ssh user#windowsmachine 'mycommand.exe'
You can also set up ssh authentication keys so that you don't need to enter a password each time.
I've succeeded to run remote command on W2K3 via EXPECT on Debian Buster. Here is the script of mine:
#!/usr/bin/expect
#
# execute the script in the following manner:
#
# <script> <vindoze> <user> <password> <command>
#
#
set timeout 200
set hostname [lindex $argv 0]
set username [lindex $argv 1]
set password [lindex $argv 2]
set command [lindex $argv 3]
spawn telnet $hostname
expect "login:"
send "$username\r"
expect "password:"
send "$password\r"
expect "C:*"
send "dir c:\\tasks\\logs \r"
# send $command
expect "C:*"
send "exit\r\r\r"
Bear in mind that you need to enable TELNET service of the Win machine and also the user which you are authenticated with must be member of TelnetClients built-in Win group. Or as most of the Win LazyMins do - authenticate with Admin user ;)
I use similar "expect" script for automated collecting & backup configuration of CLI enabled network devices like Allied Telesyn, Cisco, Planet etc.
Cheers,
LAZA
Not a very secure way, but if you have a running webserver you can use PHP or ASP to trigger a system command. Just hide thgat script under www.myserver.com/02124309c9867a7616972f52a55db1b4.php or something. And make sure the command are fixed written in the code, not open via parameter ...