Linux/Encrypting VNC

From EasyWebDNS
Jump to: navigation, search

Encrypted VNC

Let us assume that computer X is a Debian Lenny server (Ubuntu, or any other) that runs the out of the box Vino VNC server

We also assume you are on a Windows machine (Computer Y), Using the RealVNC viewer.

Now, On the Linux Machine, Debian / Ubuntu or any other Vino VNC server settings dialogue.

On the Debian linux machine we will need to have openssh-server, so execute the following in a command terminal 

apt-get update
apt-get install ssh openssh-server


In the general tab, Make sure to "Allow other users to view your desktop" and if you want "Allow other users to control your desktop".

Remove the tick from "Ask you for confirmation" simply because there will probably be no one to confirm the connection when you connect remotley

File:Vino1.jpg‎

Once done, Open the advanced tab.

Make sure "Only allow local connections" is unticked because we want to connect to the PC remotly

There is no need to use alternative port so make sure that is also unticked

Make sure "Requier Encryption" is unticked, since although we want the connection to be encrypted, we will not do it from the VNC but rather by tunneling with SSH

NOTE: if you enable "Requier encryption" and then try to connect directly via RealVNC viewer, you will get an error such as "no matching security types", so please leave it unticked, we will implement a secure connection by SSH in a later step.

File:Vino2.jpg‎


Now, your server is ready to receive connections, but VNC viewer is not ready to make a secure connection

We now need a good SSH client like putty that can connect us to the server securely and encrypt everything

1- Download putty

2- Put the IP address of your server in putty and give your server a name then click save

File:Putty1.jpg

3- In the menu to the left, Find SSH and under SSH find tunnels, then enter 9500 in the Source Port, 127.0.0.1:9500 as the Destination, And click the Add button

File:Putty2.jpg

You should now see the tunnel in the list like in this screen shot here

File:Putty3.jpg

Now, click back on the "Session" menu in the left area, and hit SAVE again to save your changes

Once done, Simply Login to your server via SSH with the link you just saved, once logged in open your realvnc viewer and point it to 127.0.0.1 and things should work great, Do not use encryption in the VNC viewer simply because the encryption is done via SSH, the VNC viewer is not connecting anywhere but to your local machine

File:Vncviewer.jpg

Happy Secure VNC viewing

Retrieved from "http://www.easywebdns.com/tutorials/Linux/Encrypting_VNC"
Domain Search:
.COM$ 8.49
.NET$ 6.49
.ORG$ 7.49
.INFO$ 1.99
Compare Pricing
Cheap Domains
Personal tools