no edit summary
So far in [[Xen Virtualization Essentials]] we have focused on running Xen domainU systems using just the text based console to interact with the system. It is not uncommon, however, to need to view and interact with a graphical desktop environment running on the guest operating system. This can be achieved using one of two technologies known as SDL and VNC. Probably the most flexible option is that provided by VNC.
In terms of displaying graphical desktop environments for a Xen guest, VNC offers two approaches. The first approach (covered in this chapter) involves using VNC capabilities that are
build into the Xen guest domain (domain0) to view and interact with the virtual frame buffer (vfb) of the domainU system. A second option is to run one or more VNC servers directly on the domainU system and connect directly to those servers. This approach will be covered in the next chapter ([[Running and Connecting to VNC Servers on a Xen Guest (domainU) System]]).
== What is VNC? ==
where ''guestname'' is the name of the domainU guest system. Log in to the domainU guest at the Xen console as a suitable user. Once logged in
. the default desktop environment for the domainU guest system can be launched using the ''startx'' command:
After a short delay and number of diagnostic messages in the Xen text console, the graphical desktop environment will appear in the ''vncviewer'' window. The following figure shows a Red Hat Enterprise Linux GNOME desktop running inside the vncviewer window:
[[Image:gnome_desktop_xen_domainU.jpg|GNOME desktop running on a Xen domainU displayed in vncviewer]]
== Establishing a Secure Remote Desktop Session ==
The remote Xen desktop configurations we have explored so far in this chapter are considered to be insecure because no encryption is used. This is acceptable when the remote connection does not extend outside of an internal network protected by a firewall or when the connection is taking place on the Xen host system. When a remote session is required over an internet connection a more secure option is needed. This achieved by tunneling the remote desktop through a secure shell (SSH) connection.
Before a secure connection is established the SSH server must be installed in the desktop to which the connection is to be established and the firewall configured to allow SSH access. This is the default for many Linux distributions but may not be the case for your distribution. If in doubt refer to the documentation for your chosen distribution to find out how to install and enable SSH access.