Setting Up Remote Access on Linux
Satyam
Last Update há 14 dias
Prerequisites
- A Linux device with an active X11 session (for graphical remote access) or SSH access (for terminal access)
sudo access on the device
Outbound internet access to the SecOps platform (see firewall requirements below)
| Mode | Requirement | What you get |
| Graphical remote access | Active X11 session | Full desktop view with mouse and keyboard control |
| SSH (terminal) access | ssh configured on the target system | Command-line access using the device's OS credentials |
Graphical Remote Access : X11 Requirement
Graphical remote access requires an active X11 display session. If the device already runs a graphical desktop (GNOME, KDE, XFCE, etc.) and a user is logged in, X11 is most likely already running.
Verify X11 is active
Run the following in a terminal:
echo $DISPLAY
If it returns a value such as :0 or :1, then X11 is running and no further setup is needed.
If it returns nothing, X11 is either not installed or no graphical session is active.
Follow the steps below for your distribution.
Install X11 — Ubuntu / Debian
sudo apt-get update
sudo apt-get install -y xorg
To also install a lightweight desktop environment:
sudo apt-get install -y xfce4 xfce4-goodies
Install X11 — RHEL / CentOS 7
sudo yum groupinstall -y "X Window System"
To install a full desktop environment:
sudo yum groupinstall -y "GNOME Desktop"
Install X11 — RHEL / CentOS 8+, Rocky Linux, AlmaLinux
sudo dnf install -y xorg-x11-server-Xorg
To install a full desktop environment:
sudo dnf groupinstall -y "Server with GUI"
sudo systemctl set-default graphical.target
sudo systemctl isolate graphical.target
Start a graphical session
After installing the desktop environment, either reboot the machine or switch to the graphical target:
sudo systemctl isolate graphical.target
Log in at the display manager as the target user. Once logged in, verify X11 is active:
echo $DISPLAY
# Expected: :0 or :1
SSH Remote Access (Headless Servers)
Firewall and Network Requirements
The SecOps agent connects outbound only, no inbound ports need to be opened on the Linux device or your network firewall.
Ensure the device can reach the following destinations:
| Destination | Port | Protocol |
| api.app.secopsolution.com | 443 | TCP (HTTPS) |
| rda.secopsolution.com | 443 | TCP (HTTPS) |
| rda.secopsolution.com | 13901 | Graphical remote access |
| rda.secopsolution.com | 13022 | SSH / terminal remote access |
If your network enforces outbound firewall rules, add the entries above to your allowlist. For environments that use an HTTP proxy, the installer will prompt you for a proxy URL.
Graphical remote access is unavailable in the platform :
Verify that X11 is running: echo $DISPLAY. If the output is empty, no graphical session is active. Install X11 and a desktop environment using the commands for your distribution above, then log in at the display manager.
X11 is installed but $DISPLAY is empty:
A desktop environment may be installed but no user has logged in graphically. Log in at the display manager, or ensure the machine boots to graphical target (sudo systemctl set-default graphical.target).
SSH access fails, authentication error:Confirm that the username and password configured on the SecOps platform match a valid OS user account on the device. The account must have password-based authentication enabled (PasswordAuthentication yes in /etc/ssh/sshd_config).
Agent cannot reach the platform:Verify that outbound TCP on ports 443, 13901, and 13022 to rda.secopsolution.com is not blocked. Run the domain connectivity check included with the installer to confirm reachability.
Agent installed but service not running :Run sudo systemctl status secops_service to check the service status. If it is not active, start it manually with sudo systemctl start secops_service.