Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'How to make it secure' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
How to make it secure
Authored by: mace on Dec 25, '04 01:57:54PM

The secure way to do this is to forward VNC through SSH.

I don't know exactly how the VNC protocol works, but I'll bet that it transmits everything in the clear, including your login password. Any observer could catch things you type or things that the screen shows.

How do you do this? You run the VNC server continuously, but block VNC at the firewall. Then, to use VNC, you add the option -L 5900:remote.ip.address:5900 to the ssh command. You can also use ~C during an established SSH connection to create the tunnel. Then, you tell the client to connect to localhost instead of the remote computer's IP address.

This way, only someone who can log in via SSH can use the VNC server, and all of the traffic is encrypted.

Also, I think OSXVnc has an option to only accept connections that have been forwarded through SSH.

[ Reply to This | # ]