Vnc Notes
General notes on setting up and using VNC in a secure fashion using SSH.
Linux Server
On my Ubuntu machine all I had to do was to go to System/Preferences/Remote Desktop. Under the Sharing section, enable these two options:
- Allow other users to view your desktop
- Allow other users to control you desktop
Also make sure the ssh server is installed. This can be done via apt-get or synaptic. You want to install openssh-server. If you want have the server listen on the standard port (22) you don't have to do anything else. If you want to have it run on a different port, say 2222, you need to (as sudo) edit the file /etc/ssh/sshd_config and edit this line:
Port 2222
After saving your changes you want to restart the ssh daemon as follows:
sudo /etc/init.d/ssh restart
Linux Client
You want to use apt-get or synaptic to install vncviewer if necessary. Then you want to edit the file ~/.ssh/config and make the following entries:
Host symbolic_host_name HostName host_ip_address Port ssh_port_if_not_default_22 User user_name_on_server
For example, if you wanted to use a symbolic name for you host as earth and it had an IP address of 99.99.99.99 and you were running the ssh server on earth on port 2222 and your user name on earth was bob, the entries in ~/.ssh/config would look like this:
Host earth HostName 99.99.99.99 Port 2222 User bob
Then to launch a vnc session from your client machine you would issue this command from the terminal, which says "connect to my local machine, screen 0":
vncviewer -via earth 127.0.0.1:0
To tunnel over ssh, do the following
ssh -l user -L 5900:127.0.0.1:5900 remote_host
Note that if you are also running a vnc server on your client machine, you will need to use this:
ssh -l user -L 5901:127.0.0.1:5900 remote_host
Then connect with the vnc viewer as follows: vncviewer 127.0.0.1:0 (or :1)
Note that port 5900 corresponds to screen 0 in your vnc client, 5901 corresponds to screen 1, etc.
Pretty simple!