Xmanager Tutorial Running X application through SSH tunnel with Xstart

Xstart uses the X11 forwarding of the SSH protocol which transfers the X11 packets via secure SSH connection and provides cookie-based user authorization to start X client.

The SSH protocol not only secures the X11 connection but also makes it easy to connect to X applications beyond the NAT gateway, so a user from a private IP network can connect to a x client in public IP network without port forwarding.

First make sure that the X11 forwarding feature is enabled in server side and then run an X application.

Steps:

To enable X11 forwarding service in the SSH server:

Setup the configuration file in the following table.

SSH server	Config file	Setup
OpenSSH	/etc/ssh/sshd_config	X11Forwarding yes
SSH.COM	/etc/ssh2/sshd2_config	AllowX11Forwarding yes

To run X11 applications, go through the following steps:

1. Run Xstart in the Xmanager folder.
2. Click New. RESULT: A New Session dialog box appears.
3. Enter a new session name, and click OK.
4. In the Host box, enter the hostname or IP address of the remote Linux/Unix host.
5. In the Protocol box, In the Protocol box, whatever protocol available on the remote host can be selecteds. But select SSH protocol at this time.
6. To set up protocol-specific options such as port and time-out, click Setup.
7. In the Username box, enter the user account on the host.
8. Select an Authentication type from the Authentication list.
9. To set up Authentication-specific options such as password and public key, click Setup.
10. In the Execution Command box, enter a command that will be executed on the host. We are going to run xterm, so enter one of the following:
11. 
    /usr/bin/X11/xterm -ls
    /usr/bin/gnome-session
    /usr/bin/startkde
    
    Note: The full path to the execution command may be different depending on the remote host. To get the path of each host, please refer to the following FAQ:
    
    
      FAQ Link

    • How can I start CDE or GNOME/KDE environment using Xstart?
12. Press the Run button.
    
    

If you have any connecting problems, see the Troubleshooting section below. 

Troubleshooting

Failed to connect to the remote host.

• Make sure that SSH server program is installed and running on the remote system.
• Check the TCP port number (by default, 22) that the SSH server is listening. Change the port number in the 'Port Number' box of the 'SSH Protocol Setup' dialog to the corresponding port number.

Server does not support password authentication.

• The SSH server demands public key user authentication and the user should create a public key pair and download its private key to login. Please refer to Xmanager Help to find out how to import/export user keys. You can choose to use public key by selecting 'public key' option from the 'User Authentication' section of the 'SSH Protocol Setup' dialog.

Xmanager shows a security warning for the connection originated from 127.0.0.1 (local host).

• When the SSH protocol is used, Xstart (Xssh.exe) works as the X11 proxy, so that the X11 connection comes from localhost (127.0.0.1) and it is totally safe.
• If you want to avoid this warning message, then add 127.0.0.1 into the Trusted hosts (Click Configure... in the Security tab of the Xconfig program).

Xmanager Tutorial Connecting to a remote host using Secure XDMCP

When your PC is inside of private network or firewall and you are to connect to UNIX/Linux machine located outside of your network, you need to set up port forwarding or open port in firewall or NAT server of the network. 

With Secure XDMCP, you do not need any of these additional steps in order to establish XDMCP connection to UNIX/Linux machines.
The only requirement is that SSH service should be running on UNIX/Linux machines. Also, on some of Linux, if gdm is in use as XDMCP daemon, connection may be restricted. Then, you need to switch XDMCP daemon to kdm or xdm.

Note: Before you continue, please make sure the SSH server on the remote host has X11Forwarding enabled.

Setup the configuration file in the following table.

SSH server	Config file	Setup
OpenSSH	/etc/ssh/sshd_config	X11Forwarding yes
SSH.COM	/etc/ssh2/sshd2_config	AllowX11Forwarding yes

After setting the value, restart SSH daemon.

Step 1. Creating a Secure XDCMP session

1. Start Xbrowser.
2. Right click on a session icon and select Save as SSH connection.

* If the destination remote host and SSH server are not in the same machine, do the followings: 

3. Right click on the Secure XDMCP session and select Properties.
   RESULT: Session Properties dialog box opens.
   
   
   
4. Click the Setup button, next to the Method field.
   RESULT: Secure XDMCP Setup dialog box opens up.
   
   
   
5. Select the "The SSH Server host is different from the XDMCP server" option.
   RESULT: The Host field becomes enabled.
6. Enter the IP address/domain of SSH Server.
7. In the User Authentication fields, enter the user information.
8. Click OK to save the changes.
   Note: If SSH server and XDM are in different servers, GatewayPorts must be set to yes in the SSH server.
   

Step 2. Connecting with a Secure XDMCP session:

1. Open Xbrowser.
2. Double click on the Secure XDMCP session.
3. Enter the user name in the SSH User Name dialog box.
   
   
   
4. Select an authentication method and enter the appropriate information.
   Note: See here to learn more about Public Key authentication
   
   
   
5. Remote login screen appears on Xmanager.
   
   
   

Xmanager Tutorial Connecting and executing remote X application with Xstart

With Xstart you can create a session that executes a remote X application. Once you have created an Xstart session, you can bring a remote X application on your Windows with a single click.

1. From the Xmanager folder, run Xstart. RESULT: The Xstart window opens.
   
   
   
2. Click New. RESULT: A New Session dialog box appears.
   
   
   
3. Enter a new session name, and click OK.
4. In the Host box, enter the hostname or IP address of the remote Linux/Unix host.
5. In the Protocol box, select an appropriate protocol that is available on the host. The SSH protocol is appropriate for most hosts.
6. To set up protocol-specific options such as port and time-out, click Setup.
7. In the Username box, enter the user account on the host.
8. Select an Authentication type from the Authentication list.
9. To set up Authentication-specific options such as password and public key, click Setup.
10. In the Execution Command box, enter a command that will be executed on the host. For example, enter the following to run an xterm:
    /usr/bin/X11/xterm -ls -display $DISPLAY
11. Click Run. RESULT: An xterm window opens.
    
    

Most connecting problems you may experience in using Xstart are caused by a firewall configuration on your systems and network. Refer to the followings:

  Tutorial Link

• Running X application through SSH tunnel with Xstart

  FAQ Link

• To use Xmanager, which ports should I allow on my firewall?
• How can I configure firewall settings in Windows XP/2003/Vista/7?

Xmanager Enterprise 4 Download & Installation

Download

Xmanager Enterprise 4 Build 0243 Xme4.exe, Oct 30 2015, 43.61 MB MD5: 04154e31c48ebcc0145c89b8e4ff01a2 SHA1: 00585517df6d982242348324f98197f0cd843859

Download Links : https://download.netsarang.com (primary) http://download.netsarang.co.kr

Installation

1. When you execute the downloaded file, InstallShield Wizard will begin the installation process.
   (You may need Administrator right to install the products.)
2. Follow the instruction of InstallShield Wizard. If you have purchased Xmanager license, please use the product key that you have received from us to install. Otherwise, use 'evaluation' for the product key.
   
3. When the install is completed, Xmanager Enterprise 4 icon will be placed on the desktop.
   

Start

1. Double click on the Xmanager Enterprise 4 folder icon to open up the program folder.
   
2. Use Xmanager or Xbrowser to connect to a remote UNIX/Linux system that provides XDM and CDE environment. When you start Xbrowser, list of available hosts are dynamically displayed.
   
3. When you double click on an icon from the list of available hosts, Xmanager instantly creates a connection to the host. When you are successfully connected to a remote host, login window such as following appears.
   
4. Enter the username and password to logon to the system. When your username and password are accepted, desktop environment such as following will appear.
   
5. Use Xstart to launch xterm from UNIX/Linux machines that do not provide XDM and CDE environment.
   
   Please refer to Starting with Xstart for more detail.
6. Check out our Tutorial, FAQ for various tips and guidelines on Xmanager usage.

How To Add, Delete, and Grant Sudo Privileges to Users on a Debian VPS

Introduction

When you spin up a new server, a default account is created called root. This user has full system access and should be used only for administrative tasks. There are basically no restrictions on what you can do to your system as the root user, which is powerful, but extremely dangerous. Linux does not have an "undo" button.

To alleviate this risk, we can create a new user, who has less privileges, but is more appropriately suited to everyday tasks. When you need the power of an administrative user, you can access that functionality through a command called sudo, which will temporarily elevate the privileges of a single command.

This guide will go over how to create a new user on a Debian system. We will also cover how allow users access to the sudo command if they require administrative privileges, and how to delete users that you no longer need.

Log Into Your Server

To complete the steps in this guide, you will need to log into your Debian server as the root user.

If you created a server instance without selecting an SSH key to embed for authentication, you should receive an email with the root user's password. You can use this information to log into your server as the root user in a terminal by typing:

ssh root@your_server_ip_address

Enter the password you were emailed (nothing will appear on the screen as you enter your password. This is a security feature so that people nearby cannot guess your password based on its length).

Another option is to click on the "Console Access" button in the upper-right corner of your droplet's page. This will open a terminal session in the browser window that you can use to log in.

If you configured your server to use SSH keys for authentication, you can use the same SSH procedure as above, but you will be automatically logged in without being asked for a password. Note that no password email will be sent to you either.

If you would like to find out how to configure SSH key authentication, click here.

Add a New User

The first step is to add a new user. New users, by default, are unprivileged. This means that they will only be able to modify files in their own home directory, which is what we want.

If this is your first new user, and you are currently logged in as the root user, you can use the following syntax to create a new user:

adduser newuser

If you are logged into a user that you added previously and gave sudo privileges, you can create a new user by invoking sudo with the same command:

sudo adduser newuser

Either way, Debian will prompt you for more information about the user you are creating. The first piece of information you need to choose is the password for the new user.

It will ask you to select a password and then confirm it by repeating it (again, the characters you type will not appear in the window, for security purposes).

Afterwards, it will ask you for personal information about the user. You can feel free to fill this out or to leave it blank. The user will operate in entirely the same way regardless of your decision. Type "Enter" to skip these prompts and accept the entered values.

Access the New User

When you have finished these steps, your new user is now available. You can log into the new user by typing:

exit

This will terminate your current session as root and allow you to log in as the new user through SSH by typing:

ssh newuser@your_server_ip_address

This time, enter the new password you just configured for this user.

Another way to quickly switch to another user without logging out first is to use the su command.

This command stands for substitute user and it allows you to enter the user you would like to change to. You can use it like this:

su - newuser

This will ask you for the new user's password. When you've entered it correctly, you will be changed to the new user. When you wish to exit back into your original session, simply issue the exit command again:

exit

Grant Users Administrative Privileges

Now that you have a new user on your system, you need to decide if this user should be able to perform administrative tasks with sudo.

If the user you created will be your primary user on the system, you usually want to enable sudo privileges so that you can do routine configuration and maintenance.

We give users access to the sudo command with the visudo command. If you have not assigned additional privileges to any user yet, you will need to be logged in as root to access this command:

visudo

Once you have assigned sudo privileges to your user, you can access the same functionality from within your user's session by typing:

sudo visudo

When you type this command, you will be taken into a text editor session with the file that defines sudo privileges pre-loaded. We will have to add our user to this file to grant our desired access rights.

Find the part of the file that is labeled "User privilege specification". It should look something like this:

# User privilege specification
root    ALL=(ALL:ALL) ALL

We give a user sudo privileges by copying the line beginning with "root" and pasting it after. We then change the user "root" on the new line to our new user, like this:

# User privilege specification
root        ALL=(ALL:ALL) ALL
newuser    ALL=(ALL:ALL) ALL

We can now save the file and close it. By default, you can do that by typing Ctrl-X and then typing "Y" and pressing "Enter".

Now, when you are logged in as your regular user, you can execute a certain command with root privileges by typing:

sudo command_name

You will be prompted to enter your user's password (not the root user's password). The command will then be executed with elevated access.

Delete a User

If more than one person is using your server, you should give them their own user to log in. If there is a user you created that you no longer need, it is very easy to delete it.

As a regular user with sudo privileges, you can delete a user using this syntax:

sudo deluser --remove-home username

The --remove-home option will delete the user's home directory as well.

If you are logged in as root, you do not need to add the sudo before the command:

deluser --remove-home username

Conclusion

Adding users, deleting users, and assigning sudo privileges are all basic tasks that you will most likely need to configure for any server. By becoming familiar with these processes, you will be able to set up your initial environment faster and more confidently.

HowTo : Create USER with ROOT Privileges in Linux

From this article you'll learn how to create a user with root privileges or grant root permissions to an existing user by setting User and Group IDs.

I'll also explain how to delete a user with root privileges (with UID 0 in particular).

Actually it is not a good idea to give all the permissions of root to a non-root user, so use the sudo command on the production servers to run items as superuser, instead of using the methods below.

Create a USER Account with ROOT Privileges

Lets say we need to add a new user and grand him root privileges.

Use the following commands to create the new user john, grand him the same privileges as root and set him a password :
# useradd -ou 0 -g 0 john
# passwd john

We've just created the user john, with UID 0 and GID 0, so he is in the same group and has the same permissions as root.

Grant ROOT Privileges to an Existing USER

Perhaps you already have some user john and you would like to give root permissions to a normal user.

# grep john /etc/passwd
john:x:1001:1001::/home/john:/bin/shEdit /etc/passwd file and grant root permissions to the user john by changing User and Group IDs to UID 0 and GID 0 :

# $ grep john /etc/passwd
john:x:0:0::/home/john:/bin/sh

Delete a USER Account with UID 0

You won't be able to delete second root user with another UID 0 using userdel command.
# userdel john
userdel: user john is currently used by process 1
To delete user john with UID 0, open /etc/passwd file and change john's UID.

For example, change the line :

john:x:0:0::/home/john:/bin/sh

to something like :

john:x:1111:0::/home/john:/bin/sh

Now, you'll be able to delete user john with userdel command :
# userdel john

How To Add, Delete, and Grant Sudo Privileges to Users on a Debian VPS

Introduction

When you spin up a new server, a default account is created called root. This user has full system access and should be used only for administrative tasks. There are basically no restrictions on what you can do to your system as the root user, which is powerful, but extremely dangerous. Linux does not have an "undo" button.

To alleviate this risk, we can create a new user, who has less privileges, but is more appropriately suited to everyday tasks. When you need the power of an administrative user, you can access that functionality through a command called sudo, which will temporarily elevate the privileges of a single command.

This guide will go over how to create a new user on a Debian system. We will also cover how allow users access to the sudo command if they require administrative privileges, and how to delete users that you no longer need.

Log Into Your Server

To complete the steps in this guide, you will need to log into your Debian server as the root user.

If you created a server instance without selecting an SSH key to embed for authentication, you should receive an email with the root user's password. You can use this information to log into your server as the root user in a terminal by typing:

ssh root@your_server_ip_address

Enter the password you were emailed (nothing will appear on the screen as you enter your password. This is a security feature so that people nearby cannot guess your password based on its length).

Another option is to click on the "Console Access" button in the upper-right corner of your droplet's page. This will open a terminal session in the browser window that you can use to log in.

If you configured your server to use SSH keys for authentication, you can use the same SSH procedure as above, but you will be automatically logged in without being asked for a password. Note that no password email will be sent to you either.

If you would like to find out how to configure SSH key authentication, click here.

Add a New User

The first step is to add a new user. New users, by default, are unprivileged. This means that they will only be able to modify files in their own home directory, which is what we want.

If this is your first new user, and you are currently logged in as the root user, you can use the following syntax to create a new user:

adduser newuser

If you are logged into a user that you added previously and gave sudo privileges, you can create a new user by invoking sudo with the same command:

sudo adduser newuser

Either way, Debian will prompt you for more information about the user you are creating. The first piece of information you need to choose is the password for the new user.

It will ask you to select a password and then confirm it by repeating it (again, the characters you type will not appear in the window, for security purposes).

Afterwards, it will ask you for personal information about the user. You can feel free to fill this out or to leave it blank. The user will operate in entirely the same way regardless of your decision. Type "Enter" to skip these prompts and accept the entered values.

Access the New User

When you have finished these steps, your new user is now available. You can log into the new user by typing:

exit

This will terminate your current session as root and allow you to log in as the new user through SSH by typing:

ssh newuser@your_server_ip_address

This time, enter the new password you just configured for this user.

Another way to quickly switch to another user without logging out first is to use the su command.

This command stands for substitute user and it allows you to enter the user you would like to change to. You can use it like this:

su - newuser

This will ask you for the new user's password. When you've entered it correctly, you will be changed to the new user. When you wish to exit back into your original session, simply issue the exit command again:

exit

Grant Users Administrative Privileges

Now that you have a new user on your system, you need to decide if this user should be able to perform administrative tasks with sudo.

If the user you created will be your primary user on the system, you usually want to enable sudo privileges so that you can do routine configuration and maintenance.

We give users access to the sudo command with the visudo command. If you have not assigned additional privileges to any user yet, you will need to be logged in as root to access this command:

visudo

Once you have assigned sudo privileges to your user, you can access the same functionality from within your user's session by typing:

sudo visudo

When you type this command, you will be taken into a text editor session with the file that defines sudo privileges pre-loaded. We will have to add our user to this file to grant our desired access rights.

Find the part of the file that is labeled "User privilege specification". It should look something like this:

# User privilege specification
root    ALL=(ALL:ALL) ALL

We give a user sudo privileges by copying the line beginning with "root" and pasting it after. We then change the user "root" on the new line to our new user, like this:

# User privilege specification
root        ALL=(ALL:ALL) ALL
newuser    ALL=(ALL:ALL) ALL

We can now save the file and close it. By default, you can do that by typing Ctrl-X and then typing "Y" and pressing "Enter".

Now, when you are logged in as your regular user, you can execute a certain command with root privileges by typing:

sudo command_name

You will be prompted to enter your user's password (not the root user's password). The command will then be executed with elevated access.

Delete a User

If more than one person is using your server, you should give them their own user to log in. If there is a user you created that you no longer need, it is very easy to delete it.

As a regular user with sudo privileges, you can delete a user using this syntax:

sudo deluser --remove-home username

The --remove-home option will delete the user's home directory as well.

If you are logged in as root, you do not need to add the sudo before the command:

deluser --remove-home username

Conclusion

Adding users, deleting users, and assigning sudo privileges are all basic tasks that you will most likely need to configure for any server. By becoming familiar with these processes, you will be able to set up your initial environment faster and more confidently.