I am working on the Centos wiki instructions for doing an install via vnc: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall CD is all burned and ready to go. I then thought about the viewer settings particularly the port number and firewall rules. When I connect vncviewer to a vncserver it uses port(s) 590n where n is the display number. OK, is that what happens when a server connects back to a -listen viewer? Seems not. According to the man page, it seems the default is port 5500, so I have to open up this port on the 'client' system and of course allow it through my internal firewall (or put the install system on the same subnet as the client and not the one with the repo server). Do I this figured out right?
on 9-25-2008 10:55 AM Robert Moskowitz spake the following:> I am working on the Centos wiki instructions for doing an install via vnc: > http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall > > CD is all burned and ready to go. I then thought about the viewer > settings particularly the port number and firewall rules. > > When I connect vncviewer to a vncserver it uses port(s) 590n where n is > the display number. OK, is that what happens when a server connects > back to a -listen viewer?No> Seems not. According to the man page, it seems the default is port > 5500, so I have to open up this port on the 'client' system and of > course allow it through my internal firewall (or put the install system > on the same subnet as the client and not the one with the repo server). > > Do I have this figured out right?Yes. Port 5500 is the correct one, and you might need to also have access to port 5900 on the new install machine just in case you get disconnected. Then you can re-connect and finish. I don't know if I would be comfortable installing over the internet with VNC since it is clear-text, but I guess it would be OK. I would change passwords on the new system after it is up just to feed my paranoia. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 250 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080925/873bf0ac/attachment-0001.sig>
Scott Silva wrote:> on 9-25-2008 10:55 AM Robert Moskowitz spake the following: >> I am working on the Centos wiki instructions for doing an install via >> vnc: >> http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall >> >> CD is all burned and ready to go. I then thought about the viewer >> settings particularly the port number and firewall rules. >> >> When I connect vncviewer to a vncserver it uses port(s) 590n where n >> is the display number. OK, is that what happens when a server >> connects back to a -listen viewer? > > No > > >> Seems not. According to the man page, it seems the default is port >> 5500, so I have to open up this port on the 'client' system and of >> course allow it through my internal firewall (or put the install >> system on the same subnet as the client and not the one with the repo >> server). >> >> Do I have this figured out right? > > Yes. Port 5500 is the correct one, and you might need to also have > access to port 5900 on the new install machine just in case you get > disconnected. Then you can re-connect and finish.Oh course, I will have to know its dhcp leased address, but not so hard, only 2 such on that subnet.> I don't know if I would be comfortable installing over the internet > with VNC since it is clear-text, but I guess it would be OK. I would > change passwords on the new system after it is up just to feed my > paranoia.Oh, all internal 'intra-nets'. I just have all of my production and lab nets connected to a firewall to control what goes on between them. Simple to add port 5500 to the vnc service definition.