VNC
I have moved to a lowlatency 256kbps broadband connection and this gives me enough joy to run VNC and resume my desktop session from home. Previously, I was restricted to running console apps via screen only.
See http://www.realvnc.com/ for more details.
Contents |
Benefits
- Maintain SSH sessions in one place
- No IM conference disruptions. Ability to preserve chat logs
- No need for browser bookmark synchronization across home and work
- No need to reconfigure applications and your desktop. This is the best part.
- Works from windows too, takes away the pain of using a windows box.
Cons
- Applications leak memory. I regularly see Firefox and Opera eat into swap. This is entirely page dependant.
- Applications crashes. Gaim regularly crashes if kept running for over a week.
Installation
I am using FreeBSD6 on my office workstation and also on my temporary loaned ancient AMD-K6 based laptop at home. usr/ports is always at latest -CURRENT.
Server
$ sudo portinstall net/vnc # Install from ports
Client
I use packages on my laptop since its too slow to compile from ports
$ sudo pkg_add -rv vnc
Windows
Install VNC Free Edition 4.1 from http://www.realvnc.com/. Don't use TightVNC Windows viewer, there is a protocol mismatch causing bad performance.
Server Configuration
X Server
- It works with both Xorg and XFree86.
To export the native display via VNC, add the following to xorg.conf (or XF86Config if you are on Xfree86) and restart the X server.
Section "Module"
[...]
Load "vnc"
EndSection
Section "Screen"
DefaultColorDepth 24
Identifier "Screen0"
Device "Card0"
Monitor "Monitor0"
#Option "SecurityTypes" "None"
Option "SecurityTypes" "VncAuth"
Option "UserPasswdVerifier" "VncAuth"
Option "deferUpdate" "0" # redraw the screen immediately
Option "PasswordFile" "/home/shanker/.vnc/passwd"
SubSection "Display"
Viewport 0 0
Depth 24
Modes "1280x1024"
EndSubSection
EndSection
VNC Password
Set your vnc password.
$ vncpasswd Password:
Start VNC Service
As yourself, start vncserver to allow connections in addtion to the root desktop display (:0)
[buffy] ~> vncserver
Check if VNC is listening on port 5901
[buffy] ~> telnet 0 5901 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. RFB 003.008 ^] telnet> Connection closed.
You are all set connect now.
Client Configuration
SSH Tunnel
Setup port forwarding for port 5900/TCP via SSH. I need to go via a proxy SSH host before I can reach my workstation in office. The below ssh config will setup a tunnel to buffy via the "proxy" host.
$ cat ~/.ssh/config User shanker Compression yes Cipher Blowfish Host proxy LocalForward 5900 buffy:5900
From the home machine start a SSH session to "proxy".
$ ssh proxy
Telnet to localhost:5900 on the home machine after sshing to proxy host.
$ telnet localhost 5900
You will receive a "RFB blah" response.
Start vncviewer
On the home machine, run vncviewer inside X and use "localhost" as the hostname to connect to. In the options menu, choose the color settings depending on the bandwidth available. At 256kbps, I find medium (64K) color quiet usable.
$ vncviwer localhost
- Use F8 to toggle fullscreen mode and color options from inside the session.
Notes
- Lock your screen when you go away from the machine.
- When you unlock your X session over VNC, the lock is opened on your office PC and makes it vulnerable to access via the console.
- Keep the monitor powered off in office to reduce risk.
- Run the latest version of VNC on the client and the server. Using a VNCv3 client with VNCv4 caused unnecessary bandwidth usage making the session unusable.
- Option "deferUpdate" "0" in Xorg.conf allows for 0 delay updates to the screen. Set this if your screen takes too long or just refuses to update.
- Keep lowering the display colors via the VNC options menu (F8) to reduce lag.
- Turn on SSH compression with Blowfish encryption in ~/.ssh/config. Putty users on windows can set compression and encryption options in the session properties window.
