hpr1606 :: Howto VNC

Klaatu talks about how to get VNC up and running.

Hosted by Klaatu on Monday, 2014-09-29 is flagged as Clean and is released under a CC-BY-SA license.
Tags: VNC, Virtual Network Computing. Comments: 1.
The show is available on the Internet Archive at: https://archive.org/details/hpr1606

Listen in ogg, spx, or mp3 format. Play now:

Duration: 00:14:03

Part of the series: general.

Klaatu talks about how to get VNC up and running. It focuses on x11vnc but basically it applies to any variety.

Virtual Network Computing
From Wikipedia, the free encyclopedia

In computing, Virtual Network Computing (VNC) is a graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse events from one computer to another, relaying the graphical screen updates back in the other direction, over a network.
VNC is platform-independent – There are clients and servers for many GUI-based operating systems and for Java. Multiple clients may connect to a VNC server at the same time. Popular uses for this technology include remote technical support and accessing files on one's work computer from one's home computer, or vice versa.
VNC was originally developed at the Olivetti & Oracle Research Lab in Cambridge, United Kingdom. The original VNC source code and many modern derivatives are open source under the GNU General Public License.
There are a number of variants of VNC which offer their own particular functionality; e.g., some optimised for Microsoft Windows, or offering file transfer (not part of VNC proper), etc. Many are compatible (without their added features) with VNC proper in the sense that a viewer of one flavour can connect with a server of another; others are based on VNC code but not compatible with standard VNC.
VNC and RFB are registered trademarks of RealVNC Ltd. in the U.S. and in other countries.

Show Transcript

Automatically generated using whisper

whisper --model tiny --language en hpr1606.wav

You can save these subtitle files to the same location as the HPR Episode, and they will automatically show in players like mpv, vlc. Some players allow you to specify the subtitle file location.

<< First, < Previous, Next >, Latest >>

Comments

Subscribe to the comments RSS feed.

Comment #1 posted on 2014-10-05 09:20:51 by Ken Fallon

VNC is not secure

Hi Klaatu,

You mentioned several times in the show that VNC is secure, that is not the case unless people tunnel the session over ssh or a vpn as you have done. This was not clear and may lead someone to assume that VNC in itself is secure.

https://www.cl.cam.ac.uk/research/dtg/attarchive/vnc/sshvnc.html
"VNC uses a random challenge-response system to provide the basic authentication that allows you to connect to a VNC server. This is reasonably secure; the password is not sent over the network. Once you are connected, however, traffic between the viewer and the server is unencrypted, and could be snooped by someone with access to the intervening network. We therefore recommend that if security is important to you, you 'tunnel' the VNC protocol through some more secure channel such as SSH."

Even the "reasonably secure" statement is challenged here:
https://en.wikipedia.org/wiki/Virtual_Network_Computing#Security
"By default, RFB is not a secure protocol. While passwords are not sent in plain-text (as in telnet), cracking could prove successful if both the encryption key and encoded password are sniffed from a network. For this reason it is recommended that a password of at least 8 characters be used. On the other hand, there is also an 8-character limit on some versions of VNC; if a password is sent exceeding 8 characters, the excess characters are removed and the truncated string is compared to the password."

I have also seen VNC security questioned for not requiring a username and password.

Recommendations:
use the -localhost option so that only local (and tunneled) connections are allowed
use ssh tunneling
use the maximum size password allowed

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Your Name/Handle:
Title:
Comment:
Anti Spam Question:	What does the letter P in HPR stand for?
Are you a spammer?	Yes No
Who is the host of this show?
What does HPR mean to you?

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes every weekday Monday through Friday.
This page was generated by The HPR Robot at Thu, 21 Nov 2024 00:02:12 +0000