个人工具
登录
查看“UbuntuHelp:VNC/Servers”的源代码 - Ubuntu中文
UbuntuHelp
讨论
查看源代码
历史
搜索
导航
首页
最近更改
随机页面
页面分类
帮助
编辑
编辑指南
沙盒
新闻动态
字词处理
工具
链入页面
相关更改
特殊页面
页面信息
查看“UbuntuHelp:VNC/Servers”的源代码
来自Ubuntu中文
←
UbuntuHelp:VNC/Servers
跳转至:
导航
,
搜索
因为以下原因,你没有权限编辑本页:
您所请求的操作仅限于该用户组的用户使用:
用户
您可以查看与复制此页面的源代码。
{{From|https://help.ubuntu.com/community/VNC/Servers}} {{Languages|UbuntuHelp:VNC/Servers}} Parent page: [[UbuntuHelp:InternetAndNetworking| Internet and Networking]] >> [[UbuntuHelp:VNC|VNC]] == Introduction == A VNC server is a program that shares a desktop with other computers over the Internet. You will need a VNC server if you want other people to see your desktop. Every VNC server has different strengths and weaknesses and is appropriate for different uses. This page will discuss each of the VNC servers available in Ubuntu, and ways to configure them for most common uses of VNC. === Common security options === The most important thing when setting up a VNC server is to only let the right people access your desktop. The safest way to do that is usually to have someone sitting at the desktop deciding who gets to use it, but that's not always practical - for example, if you want to log in to your own computer from somewhere else. If you want to confirm each connection manually, you should look for these options: * '''Request access each time''' - pop a window up asking whether to allow each connection as it comes in * '''view-only access''' - allow VNC clients to view the destkop, but not to change anything. As well adding a little security, this avoids problems with both of you fighting over control of the mouse Using these two options will give you the most security. Requesting access each time will ensure that nobody can connect without you noticing, and view-only access will mean that they can't change anything without asking you to do it for them. If you want to access your desktop when nobody is sitting at it, these options will be more useful: * '''Only allow local connections''' - only let people connect if they already have access to your computer * '''Start your VNC server in "once" mode''' - tell your VNC server to allow one connection, then block anything after that * '''Set a password''' - require people to send a password before they can connect These three options should give you a secure set-up, so long as they're used with [[UbuntuHelp:VNC#port-forwarding|port-forwarding]]. Only allowing local connections means that only people with user accounts on your computer can access your desktop. Starting the server in "once" mode means that people with user accounts on your computer would have to log in to your desktop between the time you start your VNC server and the time you connect from your VNC client. Setting a password means that, if anyone did try to connect in that brief interval, they probably wouldn't be able to get in before you noticed and stopped the server. Although passwords add some security, [[UbuntuHelp:StrongPasswords|hard-to-guess passwords]] are as difficult to create as they are to remember. If nobody else has access to your computer, you might want to skip passwords altogether. Note: you must set a password if you want to use the in-built VNC client in Mac OS X. == vino == Vino is the default VNC server in Ubuntu to share your existing desktop with other users. If you are using Ubuntu 8.04 LTS (Hardy Heron), you will probably need to install another server because of [https://bugs.launchpad.net/ubuntu/+source/vino/+bug/196675 a known bug] that stops vino working for most people. To configure vino from within GNOME, go to System > Preferences > Remote Desktop * To set vino to request access each time, tick '''Allow other users to view your desktop''' in the Remote Desktop configuration window * There's no way to set vino to only listen for the next connection * To set a password, tick '''Require the user to enter this password:''', and enter a [[UbuntuHelp:StrongPasswords|hard-to-guess password]] * To put vino in view-only mode, untick '''Allow other users to control your desktop''' * To only allow local connections,<<BR>> ''In versions up to Ubuntu 8.10 ("Intrepid Ibex"):'' click on the tab marked '''Advanced''', then tick '''Only allow local connections'''<<BR>> ''In Ubuntu 9.04 ("Jaunty Jackalope") and newer:'' press `alt-f2` to open the "run application" window, then type in `gconftool -s /desktop/gnome/remote_access/network_interface lo --type string` and click '''Run''' * To allow connections from anywhere,<<BR>> ''In versions up to Ubuntu 8.10 ("Intrepid Ibex"):'' click on the tab marked '''Advanced''', then untick '''Only allow local connections'''<<BR>> ''In Ubuntu 9.04 ("Jaunty Jackalope") and newer:'' press `alt-f2` to open the "run application" window, then type in `gconftool -u /desktop/gnome/remote_access/network_interface` and click '''Run''' == krfb == Krfb is the default VNC server in Kubuntu, and is recommended for KDE users. Because it's highly integrated with KDE, running it in other environments is difficult. To configure krfb, go to System Settings > Sharing > Desktop Sharing > Configure.... * To set krfb to request access each time, tick '''Confirm uninvited connections before accepting''' * There's no official way to set krfb to only listen for the next connection, although see below for an unofficial solution * To set a password, type a [[UbuntuHelp:StrongPasswords|hard-to-guess password]] into the '''Password''' input box * To put krfb in view-only mode, untick '''Allow uninvited connections to control the desktop''' * There's no official way to only allow local connections, although see below for an unofficial solution === Once mode === Krfb doesn't have any official way to accept the next connection then stop listening for connection attempts. However, the following Python script will listen for a single connection then exit krfb: <pre><nowiki>#!python numbers=off #!/usr/bin/python # Load extra functionality from the 'socket' and 'os' modules from socket import socket, AF_INET, SOCK_STREAM from os import execl # Listen for a connection server = socket(AF_INET, SOCK_STREAM) # This is an Internet (TCP) connection server.bind(('127.0.0.1', 5900)) # Listen for a local connection on port 5,900 server.listen(1) # Listen for exactly 1 connection sock = server.accept()[0] # Accept the connection # Attach krfb to this connection execl('/usr/bin/krfb', 'krfb', '--kinetd', str(sock.fileno())) </nowiki></pre> To use this script, open your favourite text editor and paste the contents in. Make sure that the initial '#' character is the very first character in the file, save the file as '''krfb.py''', and set the file's permissions to make it executable. Although this simple program won't open a window of any kind, it will quietly wait for the next VNC client to connect to your computer, then pass the connection through to krfb. This script will only listen for local connections. To allow connections from anywhere, change `127.0.0.1` to `0.0.0.0` in the script. === Invitations === Krfb lets you create "invitations" - individual passwords that are deactivated after an hour or after one use. These are a handy way of giving people one-time access to a computer, but only provide limited security. For example, if you send someone an invitation by e-mail or instant messaging, an attacker could read your invitation message as it went over the Internet and use it to log in. Invitations can be useful when you want to let other people view your desktop, but you still need to follow the normal precautions when [[UbuntuHelp:VNC#let-other-people|letting other people view your desktop]]. == x11vnc == X11vnc is a VNC server that doesn't depend on GNOME or KDE, and is recommended for use by Xubuntu users. It's designed to be run from the command-line, which makes it flexible but difficult to learn. The few graphical parts of the interface are quite unattractive, because they're designed to work even on a very minimal installation. X11vnc is available in the '''x11vnc''' package in the Universe repository. Although x11vnc does have a simple configuration file, it's generally easier to specify options on the command-line. To start x11vnc, type: <pre><nowiki> x11vnc -safer <options> </nowiki></pre> '''<options>''' is a series of commands separated by spaces. X11vnc has a lot of options, which are discussed fully in the [http://linux.die.net/man/1/x11vnc x11vnc man page]. Common options include: * To set x11vnc to request access each time, include the '''-nopw -accept popup:0''' options * To set x11vnc to only listen for the next connection, include the '''-once''' option * To set x11vnc to continually listen for connections, include the '''-forever''' option * To set a password, include the '''-usepw''' option (and remove the '''-nopw''' option above) * To put x11vnc in view-only mode, include the '''-viewonly''' option * To set x11vnc to only allow local connections, include the '''-localhost''' option For example, if you want x11vnc to grant view-only access to the next local connection after asking your permission, type this on the command-line: <pre><nowiki> x11vnc -safer -localhost -nopw -accept popup:0 -once -viewonly -display :0 </nowiki></pre> If you use a password, you will first need to create a password file by doing: <pre><nowiki> x11vnc -storepasswd </nowiki></pre> Make sure to use a [[UbuntuHelp:StrongPasswords|hard-to-guess password]] <<Anchor(x11vnc-before-login)>> === Connecting to your login screen === Because X11vnc is run from the command-line, it can be started while your computer is still showing a login screen. Exactly how to do this depends on which derivative of Ubuntu you use. In Ubuntu (but not Kubuntu or Xubuntu), x11vnc needs superuser access, and needs the ` -auth /var/lib/gdm/:0.Xauth -display :0` options to be specified on the command-line. You will also need superuser access to edit your `/etc/gdm/gdm.conf-custom` file, to stop your computer from closing your VNC session after you've typed your username and password. To edit `/etc/gdm/gdm.conf-custom`, type the following on a command-line: <pre><nowiki> sudo gedit /etc/gdm/gdm.conf-custom </nowiki></pre> Add the following under the "[daemon]" heading: <pre><nowiki> #to get remote vnc to not die after login KillInitClients=false </nowiki></pre> Restart gdm to pick up the change with: <pre><nowiki> sudo /etc/init.d/gdm restart </nowiki></pre> Then you can run x11vnc before you've logged in by typing something like this: <pre><nowiki> sudo x11vnc -safer -localhost -once -nopw -auth /var/lib/gdm/:0.Xauth -display :0 </nowiki></pre> (Thanks to [http://www.karlrunge.com/x11vnc/#faq-display-manager the x11vnc FAQ] for this tip) # == vnc4server == # # RealVNC server # # This has been commented out, because it's not obvious what benefits Xvnc provides over x11vnc == tightvncserver == Whereas most VNC servers share your desktop, tightvnc creates a completely new desktop, not attached to any actual screen. This makes it much less useful for some things (like remote help), but much more useful for others (like creating a public area for collaboration). If tightvncserver won't start, you might need to uncomment the `$fontpath` lines in `/etc/vnc.conf`. Like x11vnc, tightvnc is designed to be run from the command-line. To start it, type: <pre><nowiki> tightvncserver -nolisten tcp :1 </nowiki></pre> This will tell tightvnc to listen for VNC connections on port 5,901 from anywhere on the Internet. Without the '''-nolisten tcp''' option, tightvnc will also listen for a different type of connection (X11 instead of VNC), which isn't usually very useful. Tightvnc's unusual design means that it can't create a remote desktop on the standard VNC port (5,900) if you have an ordinary desktop running on your computer. * There's no way to set tightvncserver to request access each time * There's no way to set tightvncserver only to accept the next connection, although see below for a similar solution * Tightvncserver always requires a password, and will ask you to specify one the first time it's run * There's no way to put tightvncserver in view-only mode * To set tightvncserver to only allow local connections, include the '''-localhost''' option === Once mode === Tightvncserver can't be set to accept the next connection then stop listening for connection attempts. But it can be set to automatically disconnect each client when the next client connects, and can be stopped after your connection is disconnected. To only allow local connections and automatically disconnect clients, start tightvnc by typing: <pre><nowiki> tightvncserver -nolisten tcp -localhost -nevershared :1 </nowiki></pre> Then when your client is disconnected by the next client connecting, type: <pre><nowiki> tightvncserver -kill :1 </nowiki></pre> === Customising your session === By default, tightvncserver provides a session with a simple window manager and a terminal. The first time tightvncserver runs, it creates a `~/.vnc/xstartup` file that you can use to customise your session. Here is an example file that would give you a GNOME desktop: <pre><nowiki>#!python numbers=off #!/bin/sh # Change "GNOME" to "KDE" for a KDE desktop, or "" for a generic desktop MODE="GNOME" #Uncommment this line if using Gnome and your keyboard mappings are incorrect. #export XKL_XMODMAP_DISABLE=1 # Load X resources (if any) if [ -e "$HOME/.Xresources" ] then xrdb "$HOME/.Xresources" fi # Try a GNOME session, or fall back to KDE if [ "GNOME" = "$MODE" ] then if which gnome-session >/dev/null then gnome-session & else MODE="KDE" fi fi # Try a KDE session, or fall back to generic if [ "KDE" = "$MODE" ] then if which startkde >/dev/null then startkde & else MODE="" fi fi # Run a generic session if [ -z "$MODE" ] then xsetroot -solid "#DAB082" x-terminal-emulator -geometry "80x24+10+10" -ls -title "$VNCDESKTOP Desktop" & x-window-manager & fi </nowiki></pre> Your changes will take effect the next time you start tightvncserver. == Similar applications == * [http://www.gnu.org/software/screen/ GNU Screen] allows you to open, share, disconnect, and later return to a text-based terminal * '''directvnc''' is a VNC server that shares a Linux framebuffer instead of a desktop * '''linuxvnc''' is a VNC server that shares a text-based console instead of a desktop * '''xrdp''' is a server for Microsoft's Remote Desktop protocol, a client for which comes with all modern versions of Windows * '''xserver-xephyr''' allows you to create a desktop within a desktop on a single computer * [[UbuntuHelp:AppleRemoteDesktop|Apple Remote Desktop]] is a desktop sharing application for Mac OS that includes a VNC server == Troubleshooting == Having Compiz enabled may interrupt screen updates with some servers and clients. Using -noxdamage with x11vnc can prevent this. [[category:UbuntuHelp]]
该页面使用的模板:
模板:From
(
查看源代码
)
模板:Languages
(
查看源代码
)(受保护)
模板:Languages/Lang
(
查看源代码
)(受保护)
返回至
UbuntuHelp:VNC/Servers
。