Activating XDMCP server under Ubuntu 7.10
in [UK Linux]
|
From: Ian on 20 Nov 2007 11:44 Hi Folks, I'd like to run XDCMP around home (don't worry - I know it's horribly insecure). All the guides I can find say that I should use gdmsetup and tick "Enable XDCMP". Unfortunately, they changed the look of gdmsetup after 6.04, and that option isnlt there any more. I have made sure that the login screen for "remote" is set to "Same as local" - ie not "Remote login disabled" - and I have unticked "Deny TCP connections to X server" under "Security" in case this was the answer, but to no avail. My laptop can't find any available XDMCP hosts on the network and telling it directly to connect to the desktop ends the login attempt at once. Any hints? Ian
From: Geoffrey Clements on 20 Nov 2007 12:10 "Ian" <ian.groups(a)btinternet.com> wrote in message news:3d165b9d-8655-4961-b155-e586f9683217(a)d27g2000prf.googlegroups.com... > Hi Folks, > > I'd like to run XDCMP around home (don't worry - I know it's horribly > insecure). All the guides I can find say that I should use gdmsetup > and tick "Enable XDCMP". Unfortunately, they changed the look of > gdmsetup after 6.04, and that option isnlt there any more. > > I have made sure that the login screen for "remote" is set to "Same as > local" - ie not "Remote login disabled" - and I have unticked "Deny > TCP connections to X server" under "Security" in case this was the > answer, but to no avail. My laptop can't find any available XDMCP > hosts on the network and telling it directly to connect to the desktop > ends the login attempt at once. > > Any hints? > I haven't used gdm but in kdm you also have to tell the server which IP addressesd to allow (or you could set it to allow all addresses). Also XDMCP uses UDP on port 177, not TCP. -- Geoff
From: Ian on 20 Nov 2007 14:04 On 20 Nov, 17:10, "Geoffrey Clements" <geoffrey.clement...(a)SPAMbaesystems.com> wrote: > I haven't used gdm but in kdm you also have to tell the server which IP > addressesd to allow (or you could set it to allow all addresses). Any idea how I'd do that? > Also XDMCP uses UDP on port 177, not TCP. Ta. My mistake. Ian
From: Geoffrey Clements on 20 Nov 2007 15:49 Ian wrote: > On 20 Nov, 17:10, "Geoffrey Clements" > <geoffrey.clement...(a)SPAMbaesystems.com> wrote: > >> I haven't used gdm but in kdm you also have to tell the server which IP >> addressesd to allow (or you could set it to allow all addresses). > > Any idea how I'd do that? > For gdm I've no idea, however I have included the files that kdm uses. These will be no direct use to you but /may/ give you some clues. Note that kdm seems to be a development of xdm whereas gdm is written from a new code base hence it's likely that gdm does things completely differently. First the config file for kdm, the relevant section is: =============== [Xdmcp] # Whether KDM should listen to incoming XDMCP requests. # Default is true Enable=false # The UDP port on which KDM should listen for XDMCP requests. Do not change. # Default is 177 #Port=177 # File with the private keys of X-terminals. Required for XDM authentication. # Default is "" #KeyFile=/usr/kde/3.5/share/config/kdm/kdmkeys # XDMCP access control file in the usual XDM-Xaccess format. # Default is "/usr/kde/3.5/share/config/kdm/Xaccess" Xaccess=/usr/kde/3.5/share/config/kdm/Xaccess # Number of seconds to wait for display to respond after the user has # selected a host from the chooser. # Default is 15 #ChoiceTimeout=10 # Strip domain name from remote display names if it is equal to the local # domain. # Default is true #RemoveDomainname=false # Use the numeric IP address of the incoming connection on multihomed hosts # instead of the host name. # Default is false #SourceAddress=true # The program which is invoked to dynamically generate replies to XDMCP # DirectQuery or BroadcastQuery requests. # If empty, no program is invoked and "Willing to manage" is sent. # Default is "" Willing=/usr/kde/3.5/share/config/kdm/Xwilling ============ Note that Xaccess is used to define which clients may use XDMCP. Xaccess is below: ================ # Xaccess - Access control file for XDMCP connections # # To control Direct and Broadcast access: # # pattern # # To control Indirect queries: # # pattern list of hostnames and/or macros ... # # To use the chooser: # # pattern CHOOSER BROADCAST # # or # # pattern CHOOSER list of hostnames and/or macros ... # # To define macros: # # %name list of hosts ... # # The first form tells xdm which displays to respond to itself. # The second form tells xdm to forward indirect queries from hosts matching # the specified pattern to the indicated list of hosts. # The third form tells xdm to handle indirect queries using the chooser; # the chooser is directed to send its own queries out via the broadcast # address and display the results on the terminal. # The fourth form is similar to the third, except instead of using the # broadcast address, it sends DirectQuerys to each of the hosts in the list # # In all cases, xdm uses the first entry which matches the terminal; # for IndirectQuery messages only entries with right hand sides can # match, for Direct and Broadcast Query messages, only entries without # right hand sides can match. # * CHOOSER BROADCAST #any indirect host can get a chooser # # If you'd prefer to configure the set of hosts each terminal sees, # then just uncomment these lines (and comment the CHOOSER line above) # and edit the %hostlist line as appropriate # #%hostlist host-a host-b #* CHOOSER %hostlist # * #any host can get a login window # # To hardwire a specific terminal to a specific host, you can # leave the terminal sending indirect queries to this host, and # use an entry of the form: # #terminal-a host-a # # The nicest way to run the chooser is to just ask it to broadcast # requests to the network - that way new hosts show up automatically. # Sometimes, however, the chooser can't figure out how to broadcast, # so this may not work in all environments. # * CHOOSER BROADCAST #any indirect host can get a chooser # # If you'd prefer to configure the set of hosts each terminal sees, # then just uncomment these lines (and comment the CHOOSER line above) # and edit the %hostlist line as appropriate # #%hostlist host-a host-b #* CHOOSER %hostlist # ===================== >> Also XDMCP uses UDP on port 177, not TCP. > > Ta. My mistake. > Remember that any firewall that you use will have to let in UDP requests on port 177. -- Geoff Registered Linux user 196308 Replace bitbucket with geoff to mail me.
From: Ian on 20 Nov 2007 17:20
On 20 Nov, 20:49, Geoffrey Clements <bitbuc...(a)electron.me.uk> wrote: > Ian wrote: > > On 20 Nov, 17:10, "Geoffrey Clements" > > <geoffrey.clement...(a)SPAMbaesystems.com> wrote: > > >> I haven't used gdm but in kdm you also have to tell the server which IP > >> addressesd to allow (or you could set it to allow all addresses). > > > Any idea how I'd do that? > > For gdm I've no idea, however I have included the files that kdm uses. These > will be no direct use to you but /may/ give you some clues. Note that kdm > seems to be a development of xdm whereas gdm is written from a new code > base hence it's likely that gdm does things completely differently. Thanks. I have now found a thread on the ubuntu forums, and it seems that this is a known issue (ie bug) with Gutsy. kdm will take xdmcp logins but gdm won't. It also seems to be client related, since I can use Xnest and get in with xdmcp via Terminal Server Client without problem. Ian |