On Wed, 2007-01-31 at 07:55 -0800, Bart Schaefer wrote: > On 1/31/07, Johnny Hughes <mailing-lists at hughesjr.com> wrote: > > > > However, tcp ports 5900/5901 inbound do need to be open if you want to > > connect to VNC. > > > > You need to NOT open those to everyone and only to trusted source > > machines as VNC does not encrypt login info by default > > VNC doesn't encrypt anything by default. > > I recommend leaving the ports closed and always connecting to VNC > through an ssh tunnel. Another very good option, yes ... especially if not connecting via an encrypted VPN, etc. Also, if access (and not SHARED desktop access) is all that is required, then nx/freenx might be an option. It is encrypted via ssh and compresses the information, so it is much faster via a WAN setup. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20070131/6f180e54/attachment-0005.sig>