VNC (x11vnc) over SSH Tunnel on Ubuntu 12.10 and nexus 7 as a client
Alright, so after I connect to my VPN at home, I can do a lot of different things, SSH is one of them. I also needed a solution to control my screen from anywhere. VNC is my answer. Ubuntu has a lot of vnc servers, I chose x11vnc, because it works well with lightdm, my default X manager. And I also needed a vnc server that will allow me to connect even before logging in.
As you can see in the two post I've linked, Security is key for me. In the past, i've used SSL certificates, and x11VNC this solution will make you create a CA that will sign a server certificate, and also client certificates, that you can then distribute to different clients. This solution uses 3 passwords and 2 certificates. I've done that because, before even VPN, VNC was the first and only point of entry to my network.
And also x11VNC is very powerful, try to judge for yourself.
The previous solution was great, worked perfect. however, the bVNC supports SSL VNC, but doesn't import the certificates like I needed it to. I also decided to do it over SSH because, normal VNC communications aren't encrypted.
On Server
First of all, I’ve installed x11vnc:
Set a password:
Its an
Then, I’ve created
file:
After restart, x11vnc should listen on vnc standard port – 5917.
This script is based on upstart event.
is because I'm requesting root access to the X manager, if you are using gdm as your default X Manager, try
. Or get on board
and make lightdm your default.
at this point you can reboot server. or just run,
On nexus 7
install an app called freeb VNC
click on icon to install app.
In app fill in the form. lol.
Self Explanatory, ssh port is 5848, VNC port on server is 5917,
click on use key, then manage key, set a password of course, make encryption 4096 bits, then enter a file name, and select export to file name.
couple of things to note,
1- the setup on an ubuntu client is simple, i'm however without one for the moment, few logistic problems. I'll add them when I fix my little issue.
-- the concept is simple though, you create the tunnel through ssh. run that process in background, then you use vnc viewer to connect to your localhost:port
2- also I didn't open any other ports on my server, that's because I don't need one. communication is sent through ssh port, tunneled to localhost:VNCPORT.