Using VNC viewer to interact with graphics programs on bcf (or biochem).

Advantages over Xwindows:

• It's free.
• It runs as a client on the MS windows machine rather than a server.  This means that it is not bothered by various firewalls you may have installed to protect the MS windows machine against unsolicited packets representing break-in attempts by hackers.
• It can allow multiple users to interact simultaneously with the same desktop
• When you disconnect, the state of your desktop is preserved. Programs left running may continue to run and go to completion in your absence. You can connect again (possibly from a different computer) and pick up where you left off.

• It does not integrate output for several remote computers to one window which is occassionally used to advantage by X windows servers.
• I haven't been able to make it cut and paste to the MS windows clipboard. If someone gets it to do that, please let me know how you did it.

• For MS Windows, download it from http://www.tightvnc.com
• For other platforms, look for the platform at ftp://biochem2.uthscsa.edu/pub/
• It is ready to go without any installation.  You will probably want to place it in a program files directory and create a shortcut to it on your desktop.

• Log into your bioinf account (eg. using Putty, or ssh), and issue the command vncserver :<port number>, where port number is a small number (1,2,3,4 etc) that will be used to point your client at your account as opposed to someone else's account.  Dr. Demeler would prefer that you obtain from him a permanently assigned number so that people don't have to thrash around finding a number not currently in use.  If people start using the system without following this convention, you may start to bump into limits on the number of allowed connections. If you try to start vncserver with a number already in use, it will not let you.  I believe that if you just type vncserver without a number, it will assign the next available one.  You will need to note the number that is assigned to tell your client.  Alternatively do ls -l /tmp/.X11-unix. [AFTER the BCF crash of 5/06 the .xn-lock files started appearing directly in /tmp instead of in /tmp/.X11-unix and starting with a capital X.  I don't know if it will stay this way.  If so, do ls -la /tmp/.X* istead of ls -l /tmp/.X11-unix].  Each port number tied up is listed as a file starting with "x".  The username associated with each port number is given.  This is a useful way to recall which port you may have been using yourself.


Troubleshooting - If vncserver :<port number> gives no error message, but you can not connect to the port number and the port is not registered in /tmp/.X11-unix: THEN try /usr/X11R6/bin/vncserver :<port number>. [see note above about relocation of the Xn-lock files on bcf after 5/6]. If that works, your problem is that your default path lists another inappropriate version of of the program vncserver before the correct version in location /usr/X11R6/bin. You can fix this permanantly by adding the line export PATH=/usr/X11R6/bin:$PATH as the last line of your login file, .bash_login
 

• The first time you start vncserver, it will ask you for an 8 character password.  Later you will use the same password.
• Use vi to look at the file xstartup in the directory ~/.vnc
• The final line or lines specify what program or programs will be displayed when you access your account through the VNC viewer client.  Typically these would be xterm and or startkde.  Either of these could be used to subsequently start other programs during the session.  This is what my xstarup file looks like:
• #!/bin/sh

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
startkde &
• You may want to add the startkde & line if it is not already there.
• Then return to your MS windows desktop and activate the VNC viewer from its icon.
• Type bcf.uthscsa.edu:<port number> or biochem.uthscsa.edu:<port number>  in the text box.
• Then give your password.
• Troubleshooting: The most common reason for a "Could not connect" message is that Jeremy has rebooted bcf since your last session, cancelling all the vncserver sessions.  To correct this, you must use ssh to your bcf account, and then repeat the vncserver :<port number> command.
• The xterm window and kde window (if you made xstartup as above) should appear on your MS windows screen.
• You should close the connection by exiting the vnc viewer window. Do not log out of kde.

• 3 button mouse emulation means that you want to send a middle mouse button click to a graphics program from a mouse with only 2 buttons.  If 3 button emulation is in effect, then clicking both mouse buttons at once will send the code for a middle button click.
• To set 3 button mouse emulation, run VNC viewer and right click on its title bar.  Select "options" from the drop down menu that opens.  You can configure 3 button emulation as well as other options from that window. [This section written for the realvnc client]
• Full configuration documentation can be found at http://www.realvnc.com for the realvnc client and at http://www.tightvnc.com/ for the tightvnc client.

Managing the interaction.

• To leave a VNC server desktop running, just close the PC window.  Do not log off the desktop.  The session will resume the next time you log in the way you left it.  You can leave programs running, and they will continue.  You can log off one computer and log in from another without disturbing processes that are running or the desktop.  The VNC server will continue running until you explicitly kill it by logging into bcf (or biochem) and typing vncserver -kill :<port number>.
• Sometimes VNC server freezes up. You can unlock it by logging in by ssh and giving the vncserver -kill :<port number> command.  Then restart it.  If the -kill command is refused, cd /tmp/.X11-unix, then remove (rm) the file corresponding to your port number, then restart it. [Note: after the bcf crash of 5/6, the Xn-lock files that are described as being in /tmp/.X11-unix were relocated directly to /tmp.  I don't know if it will stay that way.  You can check for the files in tmp by ls -la /tmp/.X*, and perform the same operation described above.]
• If you want a 2nd person to be able to connect with VNC viewer and see the same desktop, start vncserver with the -alwaysshared option.
• If the dimensions of the displayed window are inconvenient, start vncserver with -geometry nnnxnnn.  eg. vncserver -geometry 800x600 :<port number> would cause a display suited to a small 14" monitor at low resolution.  Note: for displaying programs that need more space, you can use -geometry to give greater dimensions than your physical display, and the window will handle it using scroll bars. Note: you can set a different default geometry in the xstartup file in .vnc
• To change your password, use the command vncpasswd

• Some VNC clients can alternativey act as servers. Although we are not aware of any ongoing VNC server exploits, this is another potential point of attack on top of the huge number of such weak points already embedded in MS Windows. I recommend that all MS Windows machines be behind firewalls that explicitly deny access to any servers unless specifically allowed by the user.
• For security against someone within your local lan sniffing your passwords, etc in transient, first start ssh with tunneling, then start the VNC viewer. This will cause your traffic to be encrypted.

• More extensive documentation can be found at http://www.realvnc.com