Xmanager Tutorial Connecting to a remote host using Secure XDMCP

When your PC is inside of private network or firewall and you are to connect to UNIX/Linux machine located outside of your network, you need to set up port forwarding or open port in firewall or NAT server of the network.

With Secure XDMCP, you do not need any of these additional steps in order to establish XDMCP connection to UNIX/Linux machines.
The only requirement is that SSH service should be running on UNIX/Linux machines. Also, on some of Linux, if gdm is in use as XDMCP daemon, connection may be restricted. Then, you need to switch XDMCP daemon to kdm or xdm.

Note: Before you continue, please make sure the SSH server on the remote host has X11Forwarding enabled.

Setup the configuration file in the following table.

SSH server Config file Setup
OpenSSH /etc/ssh/sshd_config X11Forwarding yes
SSH.COM /etc/ssh2/sshd2_config AllowX11Forwarding yes

After setting the value, restart SSH daemon.

Step 1. Creating a Secure XDCMP session

  1. Start Xbrowser.
  2. Right click on a session icon and select Save as SSH connection.

* If the destination remote host and SSH server are not in the same machine, do the followings:

  1. Right click on the Secure XDMCP session and select Properties.
    RESULT: Session Properties dialog box opens.

  2. Click the Setup button, next to the Method field.
    RESULT: Secure XDMCP Setup dialog box opens up.

  3. Select the “The SSH Server host is different from the XDMCP server” option.
    RESULT: The Host field becomes enabled.
  4. Enter the IP address/domain of SSH Server.
  5. In the User Authentication fields, enter the user information.
  6. Click OK to save the changes.
    Note: If SSH server and XDM are in different servers, GatewayPorts must be set to yes in the SSH server.

Step 2. Connecting with a Secure XDMCP session:

  1. Open Xbrowser.
  2. Double click on the Secure XDMCP session.
  3. Enter the user name in the SSH User Name dialog box.

  4. Select an authentication method and enter the appropriate information.
    Note: See here to learn more about Public Key authentication

  5. Remote login screen appears on Xmanager.

Advertisements

Xmanager Tutorial Connecting and executing remote X application with Xstart

With Xstart you can create a session that executes a remote X application. Once you have created an Xstart session, you can bring a remote X application on your Windows with a single click.

  1. From the Xmanager folder, run Xstart. RESULT: The Xstart window opens.

  2. Click New. RESULT: A New Session dialog box appears.

  3. Enter a new session name, and click OK.
  4. In the Host box, enter the hostname or IP address of the remote Linux/Unix host.
  5. In the Protocol box, select an appropriate protocol that is available on the host. The SSH protocol is appropriate for most hosts.
  6. To set up protocol-specific options such as port and time-out, click Setup.
  7. In the Username box, enter the user account on the host.
  8. Select an Authentication type from the Authentication list.
  9. To set up Authentication-specific options such as password and public key, click Setup.
  10. In the Execution Command box, enter a command that will be executed on the host. For example, enter the following to run an xterm:
    /usr/bin/X11/xterm -ls -display $DISPLAY
  11. Click Run. RESULT: An xterm window opens.

Most connecting problems you may experience in using Xstart are caused by a firewall configuration on your systems and network. Refer to the followings:

Xmanager Enterprise 4 Download & Installation

Download

Download

Xmanager Enterprise 4 Build 0243

Xme4.exe, Oct 30 2015, 43.61 MB
  • MD5: 04154e31c48ebcc0145c89b8e4ff01a2
  • SHA1: 00585517df6d982242348324f98197f0cd843859

Installation

  1. When you execute the downloaded file, InstallShield Wizard will begin the installation process.
    (You may need Administrator right to install the products.)
  2. Follow the instruction of InstallShield Wizard. If you have purchased Xmanager license, please use the product key that you have received from us to install. Otherwise, use ‘evaluation’ for the product key.
  3. When the install is completed, Xmanager Enterprise 4 icon will be placed on the desktop.

Start

  1. Double click on the Xmanager Enterprise 4 folder icon to open up the program folder.
  2. Use Xmanager or Xbrowser to connect to a remote UNIX/Linux system that provides XDM and CDE environment. When you start Xbrowser, list of available hosts are dynamically displayed.
  3. When you double click on an icon from the list of available hosts, Xmanager instantly creates a connection to the host. When you are successfully connected to a remote host, login window such as following appears.
  4. Enter the username and password to logon to the system. When your username and password are accepted, desktop environment such as following will appear.
  5. Use Xstart to launch xterm from UNIX/Linux machines that do not provide XDM and CDE environment.

    Please refer to Starting with Xstart for more detail.
  6. Check out our Tutorial, FAQ for various tips and guidelines on Xmanager usage.

How To Add, Delete, and Grant Sudo Privileges to Users on a Debian VPS

Introduction

When you spin up a new server, a default account is created called root. This user has full system access and should be used only for administrative tasks. There are basically no restrictions on what you can do to your system as the root user, which is powerful, but extremely dangerous. Linux does not have an “undo” button.

To alleviate this risk, we can create a new user, who has less privileges, but is more appropriately suited to everyday tasks. When you need the power of an administrative user, you can access that functionality through a command called sudo, which will temporarily elevate the privileges of a single command.

This guide will go over how to create a new user on a Debian system. We will also cover how allow users access to the sudo command if they require administrative privileges, and how to delete users that you no longer need.

Log Into Your Server

To complete the steps in this guide, you will need to log into your Debian server as the root user.

If you created a server instance without selecting an SSH key to embed for authentication, you should receive an email with the root user’s password. You can use this information to log into your server as the root user in a terminal by typing:

ssh root@your_server_ip_address

Enter the password you were emailed (nothing will appear on the screen as you enter your password. This is a security feature so that people nearby cannot guess your password based on its length).

Another option is to click on the “Console Access” button in the upper-right corner of your droplet’s page. This will open a terminal session in the browser window that you can use to log in.

DigitalOcean console access

If you configured your server to use SSH keys for authentication, you can use the same SSH procedure as above, but you will be automatically logged in without being asked for a password. Note that no password email will be sent to you either.

If you would like to find out how to configure SSH key authentication, click here.

Add a New User

The first step is to add a new user. New users, by default, are unprivileged. This means that they will only be able to modify files in their own home directory, which is what we want.

If this is your first new user, and you are currently logged in as the root user, you can use the following syntax to create a new user:

adduser newuser

If you are logged into a user that you added previously and gave sudo privileges, you can create a new user by invoking sudo with the same command:

sudo adduser newuser

Either way, Debian will prompt you for more information about the user you are creating. The first piece of information you need to choose is the password for the new user.

It will ask you to select a password and then confirm it by repeating it (again, the characters you type will not appear in the window, for security purposes).

Afterwards, it will ask you for personal information about the user. You can feel free to fill this out or to leave it blank. The user will operate in entirely the same way regardless of your decision. Type “Enter” to skip these prompts and accept the entered values.

Access the New User

When you have finished these steps, your new user is now available. You can log into the new user by typing:

exit

This will terminate your current session as root and allow you to log in as the new user through SSH by typing:

ssh newuser@your_server_ip_address

This time, enter the new password you just configured for this user.

Another way to quickly switch to another user without logging out first is to use the su command.

This command stands for substitute user and it allows you to enter the user you would like to change to. You can use it like this:

su - newuser

This will ask you for the new user’s password. When you’ve entered it correctly, you will be changed to the new user. When you wish to exit back into your original session, simply issue the exit command again:

exit

Grant Users Administrative Privileges

Now that you have a new user on your system, you need to decide if this user should be able to perform administrative tasks with sudo.

If the user you created will be your primary user on the system, you usually want to enable sudo privileges so that you can do routine configuration and maintenance.

We give users access to the sudo command with the visudo command. If you have not assigned additional privileges to any user yet, you will need to be logged in as root to access this command:

visudo

Once you have assigned sudo privileges to your user, you can access the same functionality from within your user’s session by typing:

sudo visudo

When you type this command, you will be taken into a text editor session with the file that defines sudo privileges pre-loaded. We will have to add our user to this file to grant our desired access rights.

Find the part of the file that is labeled “User privilege specification”. It should look something like this:

# User privilege specification
root    ALL=(ALL:ALL) ALL

We give a user sudo privileges by copying the line beginning with “root” and pasting it after. We then change the user “root” on the new line to our new user, like this:

# User privilege specification
root        ALL=(ALL:ALL) ALL
newuser    ALL=(ALL:ALL) ALL

We can now save the file and close it. By default, you can do that by typing Ctrl-X and then typing “Y” and pressing “Enter”.

Now, when you are logged in as your regular user, you can execute a certain command with root privileges by typing:

sudo command_name

You will be prompted to enter your user’s password (not the root user’s password). The command will then be executed with elevated access.

Delete a User

If more than one person is using your server, you should give them their own user to log in. If there is a user you created that you no longer need, it is very easy to delete it.

As a regular user with sudo privileges, you can delete a user using this syntax:

sudo deluser --remove-home username

The --remove-home option will delete the user’s home directory as well.

If you are logged in as root, you do not need to add the sudo before the command:

deluser --remove-home username

Conclusion

Adding users, deleting users, and assigning sudo privileges are all basic tasks that you will most likely need to configure for any server. By becoming familiar with these processes, you will be able to set up your initial environment faster and more confidently.

HowTo : Create USER with ROOT Privileges in Linux

From this article you’ll learn how to create a user with root privileges or grant root permissions to an existing user by setting User and Group IDs.

I’ll also explain how to delete a user with root privileges (with UID 0 in particular).

Actually it is not a good idea to give all the permissions of root to a non-root user, so use the sudo command on the production servers to run items as superuser, instead of using the methods below.

 

Create a USER Account with ROOT Privileges

Lets say we need to add a new user and grand him root privileges.

Use the following commands to create the new user john, grand him the same privileges as root and set him a password :
# useradd -ou 0 -g 0 john
# passwd john

We’ve just created the user john, with UID 0 and GID 0, so he is in the same group and has the same permissions as root.

Grant ROOT Privileges to an Existing USER

Perhaps you already have some user john and you would like to give root permissions to a normal user.

# grep john /etc/passwd
john:x:1001:1001::/home/john:/bin/sh

 

Edit /etc/passwd file and grant root permissions to the user john by changing User and Group IDs to UID 0 and GID 0 :

# $ grep john /etc/passwd
john:x:0:0::/home/john:/bin/sh

Delete a USER Account with UID 0

You won’t be able to delete second root user with another UID 0 using userdel command.
# userdel john
userdel: user john is currently used by process 1
To delete user john with UID 0, open /etc/passwd file and change john’s UID.

For example, change the line :

john:x:0:0::/home/john:/bin/sh

to something like :

john:x:1111:0::/home/john:/bin/sh

Now, you’ll be able to delete user john with userdel command :
# userdel john

How To Add, Delete, and Grant Sudo Privileges to Users on a Debian VPS

Introduction

When you spin up a new server, a default account is created called root. This user has full system access and should be used only for administrative tasks. There are basically no restrictions on what you can do to your system as the root user, which is powerful, but extremely dangerous. Linux does not have an “undo” button.

To alleviate this risk, we can create a new user, who has less privileges, but is more appropriately suited to everyday tasks. When you need the power of an administrative user, you can access that functionality through a command called sudo, which will temporarily elevate the privileges of a single command.

This guide will go over how to create a new user on a Debian system. We will also cover how allow users access to the sudo command if they require administrative privileges, and how to delete users that you no longer need.

Log Into Your Server

To complete the steps in this guide, you will need to log into your Debian server as the root user.

If you created a server instance without selecting an SSH key to embed for authentication, you should receive an email with the root user’s password. You can use this information to log into your server as the root user in a terminal by typing:

ssh root@your_server_ip_address

Enter the password you were emailed (nothing will appear on the screen as you enter your password. This is a security feature so that people nearby cannot guess your password based on its length).

Another option is to click on the “Console Access” button in the upper-right corner of your droplet’s page. This will open a terminal session in the browser window that you can use to log in.

DigitalOcean console access

If you configured your server to use SSH keys for authentication, you can use the same SSH procedure as above, but you will be automatically logged in without being asked for a password. Note that no password email will be sent to you either.

If you would like to find out how to configure SSH key authentication, click here.

Add a New User

The first step is to add a new user. New users, by default, are unprivileged. This means that they will only be able to modify files in their own home directory, which is what we want.

If this is your first new user, and you are currently logged in as the root user, you can use the following syntax to create a new user:

adduser newuser

If you are logged into a user that you added previously and gave sudo privileges, you can create a new user by invoking sudo with the same command:

sudo adduser newuser

Either way, Debian will prompt you for more information about the user you are creating. The first piece of information you need to choose is the password for the new user.

It will ask you to select a password and then confirm it by repeating it (again, the characters you type will not appear in the window, for security purposes).

Afterwards, it will ask you for personal information about the user. You can feel free to fill this out or to leave it blank. The user will operate in entirely the same way regardless of your decision. Type “Enter” to skip these prompts and accept the entered values.

Access the New User

When you have finished these steps, your new user is now available. You can log into the new user by typing:

exit

This will terminate your current session as root and allow you to log in as the new user through SSH by typing:

ssh newuser@your_server_ip_address

This time, enter the new password you just configured for this user.

Another way to quickly switch to another user without logging out first is to use the su command.

This command stands for substitute user and it allows you to enter the user you would like to change to. You can use it like this:

su - newuser

This will ask you for the new user’s password. When you’ve entered it correctly, you will be changed to the new user. When you wish to exit back into your original session, simply issue the exit command again:

exit

Grant Users Administrative Privileges

Now that you have a new user on your system, you need to decide if this user should be able to perform administrative tasks with sudo.

If the user you created will be your primary user on the system, you usually want to enable sudo privileges so that you can do routine configuration and maintenance.

We give users access to the sudo command with the visudo command. If you have not assigned additional privileges to any user yet, you will need to be logged in as root to access this command:

visudo

Once you have assigned sudo privileges to your user, you can access the same functionality from within your user’s session by typing:

sudo visudo

When you type this command, you will be taken into a text editor session with the file that defines sudo privileges pre-loaded. We will have to add our user to this file to grant our desired access rights.

Find the part of the file that is labeled “User privilege specification”. It should look something like this:

# User privilege specification
root    ALL=(ALL:ALL) ALL

We give a user sudo privileges by copying the line beginning with “root” and pasting it after. We then change the user “root” on the new line to our new user, like this:

# User privilege specification
root        ALL=(ALL:ALL) ALL
newuser    ALL=(ALL:ALL) ALL

We can now save the file and close it. By default, you can do that by typing Ctrl-X and then typing “Y” and pressing “Enter”.

Now, when you are logged in as your regular user, you can execute a certain command with root privileges by typing:

sudo command_name

You will be prompted to enter your user’s password (not the root user’s password). The command will then be executed with elevated access.

Delete a User

If more than one person is using your server, you should give them their own user to log in. If there is a user you created that you no longer need, it is very easy to delete it.

As a regular user with sudo privileges, you can delete a user using this syntax:

sudo deluser --remove-home username

The --remove-home option will delete the user’s home directory as well.

If you are logged in as root, you do not need to add the sudo before the command:

deluser --remove-home username

Conclusion

Adding users, deleting users, and assigning sudo privileges are all basic tasks that you will most likely need to configure for any server. By becoming familiar with these processes, you will be able to set up your initial environment faster and more confidently.

How to create user administrator in SUSE Linux Enterprise Server 11

This document has the purpose of describing how to configure the/etc/sudoers file in order to create users with root privileges.

If you need to create users that perform administrative tasks such start or stop some services (like ssh, ndsd, novell-vmc, novell-tomcat, network , etc), create regular users in the operating system, etc., you can accomplish with the aid of the /etc/sudoers file. That file contains the rules that the user must fulfill when using the sudo command to perform any administrative task.

Additionally, using <sudo> you can have the following advantages:

  • Log every movement of the user (when using the sudo command)
  • Restrict privileges

Procedure

The first thing to do is to use the visudo command in order to edit the/etc/sudoers file.

Note: You must run the visudo command as a root.

linux1

Once you enter the visudo command, you will see the content of the /etc/sudoers file.

linux2

As you can see most of the lines are commented, however the very important one is located under the User privilege specification.

linux3

This line root ALL=(ALL) ALL indicates that the user root can execute fromALL terminals, acting as a any user in the system and run ALL commands, in other words:

linux4

So if you have many system administrators and you want them to have root privileges (without actually using the root account) the only thing to do is to create as many entries in you /etc/sudoers file as administrators you have.

The following example add the bdiaz, dlugo, wvera, jsusunaga, etc accounts as system administrators with full root privileges:

linux5

On the contrary, if you need to prevent users to run certain commands, you can accomplish that using the special “!”

linux6

In this case we are preventing the users hvaquera, dmontiel and mcalvillo to run the /usr/bin/passwd, /bin/su and /bin/bash commands.

Conclusion

In order to add users into the /etc/sudoers file, the only thing to do is the following:

  1. Find where it says “root ALL=(ALL) ALL”.
  2. Type “o” to insert a new line below it.
  3. Now type what you want to insert, eg “username ALL=(ALL) ALL”.
  4. Hit esc to exit insert-mode.
  5. Type “:wq!” to save and exit.