On my Centos server I have vncserver running. ( # ps -A shows Xvnc), however I cannot access it from other computers on the LAN. Do I need to make a firewall change?
Todd
On Wed, 2007-01-31 at 07:22 -0800, Todd Cary wrote:
On my Centos server I have vncserver running. ( # ps -A shows Xvnc), however I cannot access it from other computers on the LAN. Do I need to make a firewall change?
Being that I don't know how your firewall is setup, I have no idea :P
However, tcp ports 5900/5901 inbound do need to be open if you want to connect to VNC.
You need to NOT open those to everyone and only to trusted source machines as VNC does not encrypt login info by default (at least that is my recommendation ... it is your server :P)
Thanks, Johnny Hughs
On 1/31/07, Johnny Hughes mailing-lists@hughesjr.com wrote:
However, tcp ports 5900/5901 inbound do need to be open if you want to connect to VNC.
You need to NOT open those to everyone and only to trusted source machines as VNC does not encrypt login info by default
VNC doesn't encrypt anything by default.
I recommend leaving the ports closed and always connecting to VNC through an ssh tunnel.
On Wed, 2007-01-31 at 07:55 -0800, Bart Schaefer wrote:
On 1/31/07, Johnny Hughes mailing-lists@hughesjr.com wrote:
However, tcp ports 5900/5901 inbound do need to be open if you want to connect to VNC.
You need to NOT open those to everyone and only to trusted source machines as VNC does not encrypt login info by default
VNC doesn't encrypt anything by default.
I recommend leaving the ports closed and always connecting to VNC through an ssh tunnel.
Another very good option, yes ... especially if not connecting via an encrypted VPN, etc.
Also, if access (and not SHARED desktop access) is all that is required, then nx/freenx might be an option. It is encrypted via ssh and compresses the information, so it is much faster via a WAN setup.
Bart -
When I am the road, I would like to be able to access the server. I can do it with putty or another SSH client I have (Windoz) How can I access VNC with those clients?
Todd
Bart Schaefer wrote:
On 1/31/07, Johnny Hughes mailing-lists@hughesjr.com wrote:
However, tcp ports 5900/5901 inbound do need to be open if you want to connect to VNC.
You need to NOT open those to everyone and only to trusted source machines as VNC does not encrypt login info by default
VNC doesn't encrypt anything by default.
I recommend leaving the ports closed and always connecting to VNC through an ssh tunnel. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Todd Cary spake the following on 1/31/2007 11:14 AM:
Bart -
When I am the road, I would like to be able to access the server. I can do it with putty or another SSH client I have (Windoz) How can I access VNC with those clients?
You can do ssh port tunneling with putty. http://martybugs.net/smoothwall/puttyvnc.cgi http://www.maths.utas.edu.au/People/Hill/vnc/vnc.html http://people.hmdc.harvard.edu/~mathpre/vnc/putty/
Lots of howto's.
Hmm, that one isn't very good because it refers to a specific firewall device and therefore has odd port number assignments for ssh (not for the forwarded ports, for ssh itself).
That one is better but assumes VNC is running on screen :53 on the server, which also might not be correct. If you remember that the server port number is 5900 plus the VNC screen number, you can use the above. E.g., the screen number for the root window (via the X server vnc module) is :0, so the server side port number is 5900 for it. Xvnc is probably screen :1, so in that case the server number would be 5901. Etc.
And that one has a bunch of broken image links.
Todd,
I just saw an article in Linux Magazine about a client called UniTTY, it's a client for SSH, SFTP, VNC, secure VNC, rlogin and telnet. It's free, but not open source and written in Java.
I've never used it, but it's there: www.3sp.com/products/applicatons/unitty/unitty.jsp.
Matthew
On Wed, 2007-01-31 at 11:14 -0800, Todd Cary wrote:
Bart -
When I am the road, I would like to be able to access the server. I can do it with putty or another SSH client I have (Windoz) How can I access VNC with those clients?
Todd
Bart Schaefer wrote:
On 1/31/07, Johnny Hughes mailing-lists@hughesjr.com wrote:
However, tcp ports 5900/5901 inbound do need to be open if you want to connect to VNC.
You need to NOT open those to everyone and only to trusted source machines as VNC does not encrypt login info by default
VNC doesn't encrypt anything by default.
I recommend leaving the ports closed and always connecting to VNC through an ssh tunnel. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Bart Schaefer -
Johnny Hughes -
Matthew Sanaker -
Scott Silva -
Todd Cary