用Xmanager远程连接Red hat Enterprise Linux 5

最新推荐文章于 2024-10-31 17:42:31 发布

转载最新推荐文章于 2024-10-31 17:42:31 发布 · 2.5k 阅读

文章标签：

#linux #远程连接 #include #security #防火墙 #服务器

Linux 专栏收录该内容

6 篇文章

订阅专栏

这几天都在配置怎样远程控制 Linux 系统 , 发现 Xmanager 3.0 还不错 , 不过搜索了一下 , 发现 Red hat Enterprise Linux 5 的配置还是与先前的版本不太一样 , 琢磨了两天还是可以连接上了 , 具体方法如下 :

服务器： Red hat Enterprise Linux 5

终端： Xmanager 3.0

服务器配置：－－－－－－－－－－－－－－－－－－－－－－－－
1. 配置 XDM

(1). Change runlevel to 5
id:5:initdefault:
修改 /etc/inittab ，将运行级别设置为 5 ，即 :
id:5:initdefault:

(2). Enable XDMCP

修改 /etc/gdm/custom.conf ，

将 [xdmcp] 部分的 Enable 设置为 1 ，即：
      [xdmcp]
      Enable=1
      Post=177
    将 [security] 部分的 DisallowTCP 设置为 false ，即：
      [security]
      DisallowTCP=false
2. 配置防火墙 (TCP/UDP Ports) / 若已经关闭防火墙，则忽略这一步
      Open UDP port 177 from the PC to the remote host direction.       Open incoming TCP ports 6000~6010 from the remote host to your PC.

参考：关闭防火墙：service iptables stop

3. 重新启动服务器，即输入下面的命令即可：
# init 3; init 5
终端配置
－－－－－－－－－－－－－－－－－－－－－－－－
1 、点击 Xmanager 图标，打开 Xbrowser
这时 Xbrowser 窗口中会显示局域网中所有的可用服务器

二、如果允许Root用户连接到XMANAGER 需要修改以下内容：


  # vi /usr/share/gdm/defaults.conf

[security]
# Allow root to login. It makes sense to turn this off for kiosk use, when
# you want to minimize the possibility of break in.
AllowRoot=true
# Allow login as root via XDMCP. This value will be overridden and set to
# false if the /etc/default/login file exists and contains
# "CONSOLE=/dev/login", and set to true if the /etc/default/login file exists
# and contains any other value or no value for CONSOLE.
AllowRemoteRoot=true
# This will allow remote timed login.
AllowRemoteAutoLogin=false
# 0 is the most restrictive, 1 allo


#vi /etc/securetty
......
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
pts/0
pts/1
pts/2
pts/3
pts/4

添加这一些。


# vi /etc/pam.d/login

#%PAM-1.0
#auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth       include      system-auth
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    include      system-auth
session    required     pam_loginuid.so
session    optional     pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open
session    optional     pam_keyinit.so force revoke
~

#vi /etc/pam.d/remote

#%PAM-1.0
#auth       required     pam_securetty.so
auth       include      system-auth
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    include      system-auth
session    required     pam_loginuid.so
session    optional     pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open
session    optional     pam_keyinit.so force revoke
~
~

#vi /etc/xinetd.d/telnet            //or krb5-telnet

# default: on
# description: The telnet server serves telnet sessions; it uses /
#       unencrypted username/password pairs for authentication.
service telnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure += USERID
        disable         = no
}