Wednesday Mar 26, 2014

More Tips for Remote Access with Oracle Linux

In a previous blog, Oracle Linux Tips and Tricks, I covered alternative ways to use SSH. In this article, I will cover some additional tips and tricks for using SSH for remote access, as well as some other ways to connect remotely to a server.

SSH's primary use is for remote access to hosts. SSH is not only able to provide us a terminal interface to a server, it's also able to provide us a transport for a graphical interface. In order to utilize this functionality, we must have an X server running on our local workstation. On a Linux workstation with a graphical environment, this functionality is built in. On other systems, such as a Windows machine or a Mac, this functionality is not built in. Both XQuartz on the Mac and MobaXTerm are X servers for these platforms. There are also a number of other open source and paid products available for both platforms.

Once you have an acceptable X server installed on your local workstation, you can connect with SSH using the following ssh command. The -X enables X11 forwarding for the connection. Keep in mind that the X11 forwarding is based on the user who originally connected. Logging in with one user and then using sudo often will not work, depending on the permissions and ownership needed to complete a task.

[user@laptop ~]$ ssh -X 10.0.0.12

Once you authenticate, you drop directly to a standard prompt. If you look closely, though, and examine the environment variables in your terminal, you will find an additional environment variable that has the IP address of your workstation. You can examine your environment variables using the env command.

DISPLAY=localhost:10.0

Now you can launch an application that has a graphical interface, and the interface will be displayed on your local workstation. The following example will launch gedit. The ampersand symbol is useful for forking the process in the background so we can retain the use of our terminal.

[user@remotehost ~]$ gedit &

Using X11 connections over SSH can be quite useful for using application installers that are graphical, such as the Oracle Universal Installer for Oracle Database.

The screen application is a great compliment to SSH and is quite useful for sharing an SSH session with another user. Because of the way screen preserves sessions for the user, it is also great for high-latency network connections that have frequent disconnects and for maintaining sessions that time out due to security policies. With a regular SSH connection, if you are disconnected, any processes that were running are not preserved. Unlike SSH, the screen application keeps the session alive so it can be connected to again later.

One of the simplest things you can do with screen is share a session. You can launch screen on the terminal you wish to share by issuing the screen command. Once you do this, a new shell is running inside of screen. Another user can log in to the same machine and use the command screen -x to be immediately connected to your shell. They see everything you type. Even if you disconnect from the machine on either terminal, the shell will continue to run. This can be quite useful for sharing a terminal for a demonstration in a remote office or for running a terminal-based console that is shared between many users.

To see all of the active screen sessions, you can use screen -list, which will show active and detached sessions. To connect to a detached session, you can use screen -r and the pid.session name listed in the screen -list output. In the following example, there are five screen sessions running. One of them is detached.

[user@server ~]$ screen -list
There are screens on:
        24565.pts-1.server     (Attached)
        24581.pts-2.server     (Attached)
        24597.pts-3.server     (Attached)
        24549.pts-0.server     (Attached)
        24613.pts-4.server     (Detached)
5 Sockets in /var/run/screen/S-user.

The command screen -x can be used to connect to a currently attached session. In the following example, a connection to session 24565 is made:

[user@server ~]$ screen -x 24565

If you need access to a full graphical desktop environment remotely, there are a number of packages that can accomplish this. The package tigervnc-server is useful for connections to a remote machine providing a full Linux desktop experience. To set up and install the package, perform the following steps.

First, run the following command to install the package:

[root@server ~]# yum install tigervnc-server

Once the package is installed, you need to edit the file /etc/sysconfig/vncservers. The VNCSERVERS line establishes the user accounts that you want to enable the VNC server for and their display number. In the example below, the user bob is configured for display 2 and the user sue is configured for display 3. The VNCSERVERARGS[#] section allows you to specify options for each display. In this example, we are specifying a 1280 x 1024 resolution for display 2 and a 1024 x 768 resolution for display 3:

VNCSERVERS="2:bob 3:sue"
VNCSERVERARGS[2]="-geometry 1280x1024 "
VNCSERVERARGS[3]="-geometry 1024x768"

Once the /etc/sysconfig/vncservers file has been edited, you need to set passwords for each user account. This is accomplished with the vncpasswd command. In the following example, the user bob sets a password using the vncpasswd command.

[bob@server ~]$ vncpasswd
Password:
Verify:

Once the package is installed, the configuration file is edited, and passwords are set, you are ready to turn on the vncserver service. The following two commands start the service and set the service to start automatically at the next boot:

chkconfig vncserver on
service vncserver start

Once configured and running, you can connect to your Linux system using a standard VNC client. When connecting, be sure to specify the display and password credentials that are needed in order to connect.

Another incredibly useful tool for remote access to a server is freerdp application, which allows you to connect to a Linux-based server using the ubiquitous Microsoft RDP protocol. This application will need to be installed on the server that you wish to connect to. To install the application, you can use the following command.

[root@server ~]# yum install freerdp

Once the application is installed, you can start the service and, if desired, configure the service to start at boot time.

[root@server ~]# service freerdp start
[root@server ~]# chkconfig freerdp on

At this point, the server is able to accept standard Microsoft RDP connections. On your local Windows machine, you can use the command mstsc or, if you are using a Mac, you can use the Microsoft Remote Desktop application or a third-party tool that supports the Microsoft RDP protocol. Just as with VNC, access to an entire remote Linux desktop environment is provided.

Comments?

I hope these tips and tricks have been useful and that you will take advantage of some of them in the course of your day. We will be publishing more of these tips-and-tricks articles in the future. Feel free to leave a comment for further topics that you would like to see in this series.

See Also

Oracle Linux blog

About the Author

Robert Chase is a member of the Oracle Linux product management team. He has been involved with Linux and open source software since 1996. He has worked with systems as small as embedded devices and with large supercomputer-class hardware.

About the Photograph

Photograph taken by Rick Ramsey in Durango in the Fall of 2012

Follow OTN Garage on:
Blog | Facebook | Twitter | YouTube

Friday Feb 22, 2013

How to Configure the Linux Kernel's Out of Memory Killer

source

Operating systems sometimes behave like airlines. Since the airlines know that a certain percentage of the passengers won't show up for their flight, they overbook the flights. As anyone who has been to an airport in the last 10 years knows, they usually get it wrong and have to bribe some of us to get on the next flight. If the next flight is the next morning, we get to stay in a nice hotel and have a great meal, courtesy of the airline.

That's going to be my lodging strategy if I'm ever homeless.

Linux kernel does something similar. It allocates memory to its processes ahead of time. Since it knows that most of the processes won't use all the memory allocated to them, it over-commits. In other words, it allocates a sum total of memory that is more than it actually has. Once in a while too many processes claim the memory that the kernel promised them at the same time. When that happens, the Linux kernel resorts to an option that the airlines wish they had: it kills off processes one at a time. In fact, it actually has a name for this function: the out-of-memory killer.

Robert Chase explains.

How to Configure the Out of Memory Killer

Robert Chase describes how to examine your syslog and how to use the vmstat command for clues about which processes were killed, and why. He then shows you how to configure the OOM killer to behave the way you prefer. For instance, you can make certain processes less likely to be killed than others. Or more. Or you can instruct the kernel to reboot instead of killing processes.

More Oracle Linux Resources

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!)

About

Contributors:
Rick Ramsey
Kemer Thomson
and members of the OTN community

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
12
13
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today
Blogs We Like