April 20, 2014

New HOWTO: Linux XDMCP HOWTO - page 2

Table of Contents, Section 1

  • March 29, 2001
2. The Procedure

This section details the procedures for setting up X-Terminal using XDMCP.

2.1. Before you begin, some backgrounds

Before you begin, it is better to have a basic understanding of how this
works. (More details are at the [#REFS] Resources below and [http://
www.linuxdoc.org] LDP HOWTO page)

The X server is usually started from the X Display Manager program (xdm, kdm
and gdm. This document will use gdm as an example). It provides a nice and
consistent interfaces for general users (X-based login, starting up a window
manager, clock, etc.). X Display Manager manages a collection of X displays,
which may be on the local host or remote servers.

When xdm runs, it is usually run as a local copy of X, also xdm can listen
for requests from remote hosts over a network. For kdm (which comes with the
KDE desktop), it is a replacement of xdm and configures the same way, except
its files are in /etc/X11/kdm. The gdm ( Gnome Display Manager) is a
reimplementation of the xdm program. gdm has similar funtions to xdm and kdm,
but was written from scratch and does not contain any original XDM / X
Consortium code.

In the case of xdm, it offers display management in two different ways. It
can manage X servers running on the local machine and specified in Xservers,
and it can manage remote X servers (typically X terminals) using XDMCP (the
XDM Control Protocol) as specified in the Xaccess file. (Courtesy of xdm man

  * The [http://ibiblio.org/pub/Linux/docs/HOWTO/mini/other-formats/
    html_single/XDM-Xterm.html] XDM and Xterminal mini-HOWTO
  * Linux [http://www.ibiblio.org/pub/Linux/docs/HOWTO/mini/other-formats/
    html_single/Remote-X-Apps.html] Remote X Apps mini HOWTO A very good
    reference for Remote X in both theoretical and practical view.
  * The [http://www.ibiblio.org/pub/Linux/docs/HOWTO/unmaintained/mini/
    Xterminal] Xterminal mini-HOWTO

2.2. Security Reminder

Using XDMCP is inherently insecure, therefore, most of the distributions
shipped as its' XDMCP default turned off. If you must use XDMCP, be sure to
use it only on a trusted networks, such as corporate network within a
firewall. Unfortunely, XDMCP uses UDP, not TCP, therefore, it is not possible
to forward XDMCP over SSH. Some people has success in X11 TCP/IP port
Forwarding. Check this [http://www.law.berkeley.edu/computing/howto/ssh/] UC
Berkeley Howto site for more info.

2.3. The System I use

I have tested the setup running a GNOME (gdm), as well as KDE (kdm) on Red
Hat 6.0, 6.2 and Red Hat 7.0. The other I have tried on are on Caldera
eDesktop 2.4, which is similar to RH's setup. I have not had a chance to test
it on other Linux flavors (but plan to do so for Debian and Slackware in the
future). If you have successfully setup one other than the Red Hat platform,
please share it with me. I will add them into this document.

My server hardware is an IBM PC clone running an Intel Pentium II 400 MHz
with 128 MB memory and 30 MB ATA-66 Hard Drive. (I found out that 486 PC and
my other Pentium 100 MHz PC runs this just fine). I use a 3COM 10/100 Fast
Ethernet (3C509B) NIC.

2.4. Remote piece

I use the Hummingbird Exceed 6.x (with Service Pack) and have tested them on
Windows 98 SE, Windows NT 4.0 and Windows 2000 Pro. I found out that another
popular choice are X-Win32 and VNC. However, there are many open-source apps
as well as commercial one available.

2.5. Server Preparation

To prepare your X Server for XDMCP session, you need to make sure the
following are properly installed:

 1. Install your Linux OS. In my case, I installed Red Hat 6.2 (Custom
    Installation). I also tried on RH 7.0.
 2. Setup your Networking. To test it out, ping and telnet are good comamnds
    to use to determine if your network works.
 3. Setup X. Do not setup with a resolution higher than what the remote users
    are able to use for their display. Test the X Server by typing either 
    startx or telinit 5. Make sure X is running properly.
 4. Creates the necessary user accounts (and associated groups) for user who
    will access via the X-Terminal.

2.6. Steps to Complete the Procedures

These are steps I used to setup the Xserver for accepting XDMCP requests:

 1. Modify /etc/rc.d/init.d/xfs and make the following changes. Change all
    (this is where the Font Server port):
    daemon xfs -droppriv -daemon -port -1                            
    daemon xfs -droppriv -daemon -port 7100                          
    In RH 7.0, you do not need to do this, since by default, it is, for
    security enhancement, not listening to TCP port any longer! If you need
    to setup default font server to use, do it in /etc/X11/fs/config and add
    the setting there.
 2. In /etc/X11/xdm/Xaccess, change (this allow all hosts to connect):
    #*    # any host can get a login window                          
    *     # any host can get a login window                          
    xdm usually run as a local copy of X and can listen for requests from
    remote hosts over a network. xdm reads its configuration files /etc/X11/
    xdm/xdm-config for all configuration and log files that xdm uses. For
    kdm, it is a replacement of xdm and configures the same way, except its
    files are in /etc/X11/kdm. It is worth noting that the Xsession file is
    what runs your environment.
    The gdm (Gnome Display Manager) is a reimplementation of the well known
    xdm. gdm has similar funtions to xdm and kdm, gdm is the Gnome Display
    Manager, and its configuration files are found in /etc/X11/gdm/gdm.conf.
    The gdm.conf file contains sets of variables and many options for gdm,
    and the Sessions directory contains a script for each session option;
    each script calls /etc/X11/xdm/Xsession with the appropriate option.
 3. I use the gdm as default and use gdm login window to switch between KDE
    and GNOME. Edit /etc/X11/gdm/gdm.conf. This activates XDMCP, causing it
    to listen to the request. Change this:
    Make sure "Port=177" is at the end of this block.
 4. Now edit /etc/inittab and change the following line:
    Before changing this line, you can use the telinit command to test prior
    to modifying the line. Use either telinit 3 to set to level 3, or telinit
    5 to set to level 5, graphics mode (you can issue this command on the
    second machine that telnets into this server).
 5. Make sure the proper security of the file /etc/X11/xdm/XServers set to
    444 (chmod 444).
 6. Locate /etc/X11/xdm/Xsetup_0 and chmod 755 this file.
 7. Edit the XF86Config file in /etc/X11 and change the line, if you are
    using RH 6.2:
    FontPath    "unix:-1"                                            
    FontPath    "unix:7100"                                          
 8. (You do not have to make this change. You can keep the default setting,
    but this is what I use. If you are not sure, leave this alone.) Add this
    line to the end of /etc/inittab:

You are now ready to run a test.

2.7. Testing

To test if your XDMCP with X Server is ready to accept connections, do these
steps. I find it easier using the X Server and another machine to test:

 1. (Though you don't need to; it doesn't hurt...) Reboot the machine (I am
    assuming you are running level 5).
 2. Make sure the Graphical login page comes up. Make sure the display
    resolution and mouse work. Log in from the console to see if the local
    access is OK. If OK, do not log off.
 3. Setup Hummingbird Exceed to either query this machine (using the IP
    address or fully qualified DNS name) or set to use XDMCP-Broadcast and
    try to connect to the X server. You should see the X Session come up and
    the login screen appear.

Sitemap | Contact Us