XDMCP is the X Display Manager Control Protocol. It is used to allow remote X servers to attach to an X client on the local machine. Typically, it is used to allow a remote X Windows session to be run on the local machine. For example, one can run XFree86 under Cygwin on a Winduhs workstation and connect to the local machine. Once this is done, Gnome or KDE can be run from the remote machine.
XDMCP is a mondo huge security hole so it is never enabled on any system as it is shipped. It should only be turned on on machines that are on secure networks, behind a firewall. To enable XDMCP on machines that use XFree86 and gdm, do the following:
Under SuSE 8, the display manager seems to be some home grown version ("susedm", I think). Turn on gdm as the display manager by hacking /etc/sysconfig/displaymanager and set the following:
DISPLAYMANAGER=""
DISPLAYMANAGER_REMOTE_ACCESS="no"
changed to
DISPLAYMANAGER="gdm"
DISPLAYMANAGER_REMOTE_ACCESS="yes"
In the Linux X environment, you need to provide fonts using either the X font server (xfs) or a hard coded font path in the XF86Config and XF86Config-4 configuration files. Using the xfs font server is the way to go. To do this in RH 6.2 and Mandrake 8.x and 9.0, modify /etc/rc.d/init.d/xfs and make the following changes:
daemon xfs -droppriv -daemon -port -1
to
daemon xfs -droppriv -daemon -port 7100
In Mandrake 7.2 and SuSE 8, the port is already set to 7100.
In RH 7.x, 8.x and 9.x, all of the Enterprise RedHat versions and, hence, the CentOS versions, xfs by default, for security reasons, no longer listens to the TCP port. To turn it on, change this line in /etc/rc.d/init.d/xfs:
daemon xfs -droppriv -daemon
to
daemon xfs -droppriv -daemon -port 7100
Then, in /etc/X11/fs/config, comment out this line:
# don't listen to TCP ports by default for security reasons
#no-listen = tcp
Also, for SuSE 8, xfs is not automatically started so turn it on with the command "chkconfig xfs on", as root.
On all systems, in /etc/X11/xdm/Xaccess, change the following to allow all hosts to connect:
#* # any host can get a login window
to
Edit /etc/X11/gdm/gdm.conf to activate XDMCP, causing it to listen for requests:
[xdmcp]
Enable=false (may be 0 in some distributions)
to
Enable=true (or 1 in some distributions)
Under SuSE 8, the file to edit is /etc/opt/gnome2/gdm/gdm.conf.
If you want to run XDMCP but not run X on a local display, you should comment out the startup of the local server in gdm.conf. Change:
[servers]
0=/usr/bin/X11/X
1=/usr/bin/X11/X (may already be commented out)
to
[servers]
#0=/usr/bin/X11/X
#1=/usr/bin/X11/X (may already be commented out)
Change the run level in /etc/inittab so that X comes up at startup.
id:3:initdefault:
to
id:5:initdefault:
Edit /etc/X11/XF86Config to change the font path (this may already be set on some systems):
FontPath "unix/:-1"
to
FontPath "unix/:7100"
Under SuSE 8, comment out all of the FontPath lines that hard code a font file name and insert the reference to xfs on port 7100.
If you have a system that uses XOrg, you can find instructions on setting XDMCP up at this URL:
http://www.x.org/archive/X11R6.8.1/doc/xdm.1.html
In conjunction with these instructions, you may still find the instructions (above) for setting up the xfs font server useful.