Secure VNC with SSL

A detailed explanation of how to make VNC work over SSL can be found here. Reading that and the e-mail discussions here, I’d like to summarize the procedure:

SERVER

  • Create the certificate stunnel.pem (Follow the instructions given at the link above)
  • Run VNC server: vncserver :5
  • Create a secure tunnel: stunnel -d 5950 -r 5905 -p /path/to/stunnel.pem
  • Download the source code of x11vnc. Copy the VncViewer.jar and SignedVncViewer.jar into a folder accessible by the webserver, e.g. “/vnc
  • Create an index.html file with the following content (replace YOUR-HOSTNAME with your hostname):
    <html>
    <body>
    <applet code="VncViewer.class" archive="VncViewer.jar" width="800" height="600">
    <param name="PORT" value="5950" />
    <param name="HOST" value="YOUR-HOSTNAME" />
    <param name="Open New Window" value="no" />
    <!-- the following helps in Opera:
    <param name="Cursor shape updates" value="Disable" />
    -->
    </applet>
    </body>
    </html>

CLIENT

From a web browser you can access to the following address:

http://YOUR-HOSTNAME/vnc

Even better, if you setup the directory under SSL domain:

https://YOUR-HOSTNAME/vnc

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: