Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Start a remote access server from the shell Internet
If you're like me, you use VNC for remote GUI access, but don't want to keep the server running when you aren't using it due to security concerns. Here's how you can start a VNC server on demand via ssh.

First, create a script called /pathto/yourscripts/startvncserver as follows:
cp /pathto/yourscripts/.osxvnc-passwd /tmp/osxvnc-passwd
/Applications/ -rfbport 5901
-desktop "OSX VNC 1" -rfbauth /tmp/osxvnc-passwd &
[This is a three line script; remove the line break after the "5901" when entering it.]

Save it wherever you save your own scripts, and make it executable (i.e. chmod 755 startvncserver).

The next step is to make the osxvnc-passwd file. All you need to do is start a VNC server via the GUI (with a password), and copy /tmp/osxvnc-passwd to /pathto/yourscripts/.osxvnc-passwd

All set! Now you can SSH to your machine, start VNC with your new script, and then connect via the GUI.

Note: A user must be logged into the console at the remote machine, or I don't think this will work. I'm going to test it without being logged in and I'll post a comment with the results.
  • Currently 3.00 / 5
  You rated: 3 / 5 (3 votes cast)

Start a remote access server from the shell | 11 comments | Create New Account
Click here to return to the 'Start a remote access server from the shell' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
OSX VNC Client?
Authored by: saint.duo on Dec 07, '01 10:45:48AM

um, this may be obvious, but i can't seem to find a VNC client that runs in MacOS X... anyone?

[ Reply to This | # ]
Several available...
Authored by: robg on Dec 07, '01 11:22:15AM
A quick search on VersionTracker for "VNC" found three -- I personally like VNCThing the best, but there are a couple of others. -rob.

[ Reply to This | # ]
OSX VNC Client?
Authored by: sharumpe on Dec 07, '01 01:09:02PM

I echo rob's sentiments about VNCThing - I just found it a few days ago and I love it.

The standard client's OK, but VNCThing allows the window to scroll when you reach the edges, something that I was really wishing for. Plus you can save bookmarks, and, with a little tweaking, you can add passwords to the bookmarks, so that you can just double-click and you're in. (of course you've got a file with a clear-text password, but it's not an issue on my box)

Mr. Sharumpe

[ Reply to This | # ]
Got it.
Authored by: saint.duo on Dec 07, '01 01:56:42PM

OK, that was simple. Got VNC thing, and it works quite well. I followed the instructions to make the VNC server persist through logout/login, and to load at startup, and it does quite well, so there is no need to log in to start the server.

My only complaint, is that dragging doesn't seem to work. If I grab an icon or menu and try to drag, it doesn't do anything. Anyone else have this problem?

[ Reply to This | # ]
one that supports drag :)
Authored by: saint.duo on Dec 07, '01 03:07:36PM

I found a client that supports drag without a problem, and has the ability to scroll the window.

[ Reply to This | # ]
Re: Got it.
Authored by: sharumpe on Dec 10, '01 12:47:13PM

My only reason for wanting to start the server manually is that I don't want the service running when I'm not using it. I don't like to keep ANY service running any longer than it needs to be.

Mr. Sharumpe

[ Reply to This | # ]
Try Timbuktu
Authored by: mikesilverman on Dec 07, '01 04:39:01PM

Instead of using VNC, you could also try Timbuktu, which is a commercial product. It is much more robust and secure then VNC. Of course it also costs money, but then again so does BBedit and many other good tools for MacOS X.

[ Reply to This | # ]
Secure?! Heh
Authored by: Cadre on Dec 07, '01 05:06:40PM

It's quite trivial to tunnel VNC connections through ssl. And I assure you, it doesn't get much more secure than that. Then you can firewall the 5901 port off from all outside traffic on the server machine. Good VNC clients support tunneling innately too.

On the client side just type this:
ssh user@server -L 5901:server:5901 server

The on the client side, have your VNC client connect to localhost:5901

The ports I put above are dependent on which screen you have the VNC server set to. 0 - 5900, 1 - 5901, etc. Also, this assumes you don't have something already bound to 5901 on the client machine. If you do, then you'll have to change the first port in the ssh command to an unused one and have the VNC client connect to that port instead.

Considering the above and the fact that the VNC protocol is documented and open and most of the clients and servers are also open source, the encryption tunneling mechanism is open and the clients and servers are open source (all of which have been reviewed by a multitude of developers), you have a more secure solution than Timbuktu, which who knows how many little developer backdoors have been stuck in...

[ Reply to This | # ]
Constant Shift Key?
Authored by: saint.duo on Dec 14, '01 06:28:10PM

Here's a problem with it that I'm having, but I can't figure out why. I'm running the OSX VNC server, and having it startup as a system service (though disabling that feature does not fix this problem).

When I log in to the machine remotely (from any client I have found, from MacOS 9 or MacOS X), the host machine (server) thinks that I have the shift key held down, so everything is typed as caps. This causes quite a problem for passwords, directories, and such. I'm sure if the problem manifests itself when I start typing, or when I hit the enter key, or something else. I usually notice it when I try to log in using the VNC client. If I physically go to the server, it ALSO thinks the shift key is held down, until I restart the machine.
The server machine will work fine until I log into it with a VNC client, and then it does this.

Is anyone else having this problem, or have any suggestions to stop it? Please email me if you know.

[ Reply to This | # ]
No password file?
Authored by: goka on Jan 21, '04 05:17:45AM

In OSXvnc I can't seem to find the requested /tmp/osxvnc-passwd file. Did they redesign this in any way?

[ Reply to This | # ]
Have to use storewasswd
Authored by: MaxPower on Feb 26, '04 10:51:34AM

You have to manually create the password file using the storepasswd program that resides within the OSXVnc package.

usage: storepasswd <password> <filename>

Stores a password in encrypted format.
The resulting file can be used with the -rfbauth argument to OSXvnc.

Hope that helps!

[ Reply to This | # ]