|
Size: 2256
Comment:
|
Size: 4197
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| = What is VNC? = VNC (Virtual Network Computing) is a software to show the graphical output of applications on a remote machine (server) locally on a client machine. Client and server interact over the Remote Framebuffer (RFB) Protocol. Technically the vncserver process is an X-Server with a virtual display attached to it. |
|
| Line 2: | Line 4: |
| Start a vnc-server on the machine you want to control, with `vncserver :1` (:1 means display 1). You will be asked to define a password for accessing your server and another one for just observing without interacting. After that, your server is up and running and you can connect to it with any available VNC-clients (e.g. TightVNC) by entering the hostname you want to connect to, like `hostname:1`. | == VNC inside the ETH network == Start a vnc-server on the machine you want to control, with `vncserver :1` (:1 means display, resp. port 1). You will be asked to define a password for accessing your server and another one for just observing without interacting. After that, your server is up and running and you can connect to it with any available VNC-clients (e.g. TightVNC) by entering the hostname you want to connect to, like `hostname:1`. == VNC access from the internet == Due to security reasons the listening port of the vnc server is not directly reachable from a client in the internet. There are two possibilities to perform a vnc session to an ETH network internal host from the internet : * Use the Cisco SSL-VPN client software of ID and connect the SSL-VPN adapter before starting the VNC viewer programm * Access the VNC-server through an SSH-tunnel |
| Line 4: | Line 11: |
| = VNC through SSH tunnel = * Start VNC Server on remote host {{{ vncserver :<display#> -localhost }}} /!\ Warning! Always choose a [[http://en.wikipedia.org/wiki/Password_strength|strong password]] when starting vncserver. Otherwise, you'll |
== VNC through SSH tunnel == 1. Start VNC Server on remote host with the option -localhost {{{ $ ssh <remoteHost> $ vncserver :<display#> -localhost }}} '''Attention!''' Always choose a [[http://en.wikipedia.org/wiki/Password_strength|strong password]] when starting vncserver. Otherwise, you'll |
| Line 12: | Line 19: |
| <<BR>><<BR>> 1. Start VNC viewer on your machine (Linux) {{{ $ vncviewer -via <remotehost>.ee.ethz.ch localhost:<display#> }}} Mac users may establish the tunnel via SSH, then use "open vnc://localhost:PORT" to use the built-in VNC client. <<BR>> 1. Start VNC viewer on your machine (Windows with TightVNC and putty)<<BR>><<BR>> Putty is the most popular free ssh client software on Windows. When you have configured a normal ssh session to the vnc server machine you can configure additional port forwards on the established ssh-connection. A tunnel configuration needs a local listening port and a destination on ssh server side.The destination could be localhost or another machine reachable by the ssh server machine.<<BR>> The following screeshots show how to configure an additional tunnel for connecting the local vnc-server on port 5901 of the ssh server machine : |
|
| Line 13: | Line 30: |
| * Start viewer on client {{{ vncviewer -via <remotehost>.ee.ethz.ch localhost:<display#> }}} |
|
| Line 18: | Line 31: |
| Windows users might like [[http://www.karlrunge.com/x11vnc/ssvnc.html|SSVNC]] which eases connecting to VNC via SSH tunnel. Mac users may establish the tunnel via SSH, then use "open vnc://localhost:PORT" to use the built-in VNC client. |
|
| Line 21: | Line 32: |
| <<BR>> 1. And finally, after you have closed the VNC-Window on your machine, '''it's important to end the vnc process on the remote host to avoid unused processes''': {{{ $ ssh <remoteHost> $ vncserver -kill :<display#> }}} /!\ Warning! Do not log out via the logout menu of the Operating System within the VNC session!<<BR>> This causes a dead VNC connection. Dead means, you can't connect to that display anymore, which results in an unusuable, ressource consuming VNC server process on the host side. |
What is VNC?
VNC (Virtual Network Computing) is a software to show the graphical output of applications on a remote machine (server) locally on a client machine. Client and server interact over the Remote Framebuffer (RFB) Protocol. Technically the vncserver process is an X-Server with a virtual display attached to it.
How do I use VNC?
VNC inside the ETH network
Start a vnc-server on the machine you want to control, with vncserver :1 (:1 means display, resp. port 1). You will be asked to define a password for accessing your server and another one for just observing without interacting. After that, your server is up and running and you can connect to it with any available VNC-clients (e.g. TightVNC) by entering the hostname you want to connect to, like hostname:1.
VNC access from the internet
Due to security reasons the listening port of the vnc server is not directly reachable from a client in the internet. There are two possibilities to perform a vnc session to an ETH network internal host from the internet :
- Use the Cisco SSL-VPN client software of ID and connect the SSL-VPN adapter before starting the VNC viewer programm
- Access the VNC-server through an SSH-tunnel
VNC through SSH tunnel
- Start VNC Server on remote host with the option -localhost
$ ssh <remoteHost> $ vncserver :<display#> -localhost
Attention! Always choose a strong password when starting vncserver. Otherwise, you'll make it trivial for intruders to hijack your account!
- Start VNC viewer on your machine (Linux)
$ vncviewer -via <remotehost>.ee.ethz.ch localhost:<display#>
Mac users may establish the tunnel via SSH, then use "open vnc://localhost:PORT" to use the built-in VNC client.
Start VNC viewer on your machine (Windows with TightVNC and putty)
Putty is the most popular free ssh client software on Windows. When you have configured a normal ssh session to the vnc server machine you can configure additional port forwards on the established ssh-connection. A tunnel configuration needs a local listening port and a destination on ssh server side.The destination could be localhost or another machine reachable by the ssh server machine.
The following screeshots show how to configure an additional tunnel for connecting the local vnc-server on port 5901 of the ssh server machine :
And finally, after you have closed the VNC-Window on your machine, it's important to end the vnc process on the remote host to avoid unused processes:
$ ssh <remoteHost> $ vncserver -kill :<display#>
![/!\](/static/comp/img/alert.png "/!\"){kind=small}
Warning! Do not log out via the logout menu of the Operating System within the VNC session!
This causes a dead VNC connection. Dead means, you can't connect to that display anymore, which results in an unusuable, ressource consuming VNC server process on the host side.
Troubleshooting
If you are using gnome as default desktop environment and are affected by completely wrong keyboard-layout after logon to gnome (http://bugs.debian.org/476727) use the following workaround:
Directly in the line before /etc/X11/Xsession of $HOME/.vnc/xstartup add the line
export XKL_XMODMAP_DISABLE=1
- If you still want to use gnome2 or xfce instead of gnome3 change following:
#!/bin/sh xrdb $HOME/.Xresources xsetroot -solid grey export XKL_XMODMAP_DISABLE=1 /usr/bin/gnome-session-fallback #/etc/X11/Xsession #/usr/bin/wmaker #/usr/bin/startkdeIn this case with gnome-session-falllback please make sure to check next point with the keyboard changes. Point 3
If you are using gnome as default desktop environment and the up and down arrows behave wrong (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679543) do the following:
Go to: Applications->System Tools->Preferences->System Settings->Keyboard->Shortcuts->Windows
- And disable options: "Toggle maximization state" and "Restore windows"