Welcome!

Linux Containers Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, Pat Romanski, Stefana Muller

Related Topics: Linux Containers

Linux Containers: Article

TightVNC: Remote X the secure, fast & easy way

Joe Barr takes remote control of his home desktop with TightVNC

(LinuxWorld) — My dear friend Susan is happily running Red Hat 8.0 on my Sony Vaio laptop in her new home while she waits for me to build her a real desktop machine. I set up an account for myself on the laptop so that when I visit her I can get online and check my e-mail. We both connect to the Internet using Time-Warner's Road Runner cable service.

Sometimes I forget to shut down Evolution on my own desktop before I leave home. As a result, every ten minutes it retrieves my e-mail and deletes it from the various servers where I have an account. Then, when I check it from Susan's house, there's nothing there. I needed a better solution. Discussing the problem on the #linuxhelp channel on the irc.freenode.net network, I was told that VNC (Virtual Network Computing) might be the answer. More specifically, I was told to give TightVNC a try.

The original VNC was created at the Olivetti and Oracle Research Labs in Cambridge, England. The software allowed a desktop on one computer to be used by others, usually providing Windows-users with access to applications running on Unix machines — a panacea for those cross-platform blues. VNC became so popular that Olivetti released it as free software licensed under the GPL. When ATT acquired Olivetti in 1999, the name of the labs was changed to the ATT Laboratories at Cambridge.

Constantin Kaplinski, a Russian teaching assistant at Tomsk Polytechnic Institute in Russia, and his team of TightVNC developers have enhanced the original VNC in a number of ways to make it faster, more flexible, and more secure. There are full versions of TightVNC for both Windows and Unix. If you're using a Mac, you can try the Java version, but only the viewer (client) is available in Java. TightVNC is licensed under the GPL, and the source code is available for download from the Web site.

I was a little hesitant to try TightVNC — not just because I had never used VNC, but also because I was pretty sure that the installation and configuration was going to be a real chore. Not to worry; that definitely is not the case. If you're running Red Hat 7.x or later, there are RPMS available to make installation a breeze. All in all, TightVNC was as easy to configure and use as it was to install, even when I opted for extra privacy by using a secure tunnel between Susan's machine and mine. Here's how I did it.

First, you make a roux

After downloading tightvnc-1.2.8-1.i386.rpm and tightvnc-server-1.2.8-1.i386.rpm from the tightVNC Web site, I quickly installed them by starting a terminal window, entering su and the root password to get superuser privileges, then entering the following command:

rpm -Uvh tightvnc*

After the client and server were installed, I decided to also install both on Susan's machine so I could test how it worked from home. Susan had previously determined her IP address (using ifconfig), so I entered ssh xxx.xxx.xxx.xxx from the command prompt to get a secure connection to her computer.

Once there, I attempted to ftp to my own machine from Susan's. Silly me. My firewall blocks ftp. I clicked on the Red Hat, then on Server Settings, then on Services. After providing the root password, I got a window listing all server services. I right-clicked on iptables and stopped it. Then I went back to my ssh session on Susan's machine, where I tried again to ftp the two tightVNC RPMS from my box. Now it worked. Of course, I remembered to restart iptables after I finished my ftp session.

I installed the RPMS on her computer just as I had done on mine, then started the tightVNC server by entering vncserver :1 at the command prompt. Nothing happened for a second, then the following lines appeared in the terminal window:

New 'X' desktop is palace:1

Starting applications specified in /home/warthawg/.vnc/xstartup
Log file is /home/warthawg/.vnc/palace:1.log

The Electric Kool-Aid Acid Test

Now it was time to give it a try. In a terminal window on my own desktop, I entered vncviewer -via xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx:1, where the xxx's represent Susan's IP address in both instances. The -via option directs tightVNC to use ssh for a secure tunnel through which to operate.

About a second later, I was prompted for my user-account password on Susan's machine. That logged me on to ssh. A second after that, I was asked for my password again to connect to the tightVNC server. Another second later, I had a new, windowed version of my Red Hat 8 desktop at Susan's house on my desktop. I was impressed but uncertain how well it would work.

The first thing I did was fire up Galeon. It took about 15 seconds to appear, but once it did, performance seemed to be only slightly slower than normal. The image below shows what the remote desktop and browser looked like on my machine.

TightVNC remote X session
Editor's note: The above image is reduced in size to allow it to display on this page. Click on this image to see the original.

I called Susan and asked her to load a CD with images from a digital camera in the laptop. She did, and I fired up GQView on the remote desktop. I would describe the performance as slightly sluggish — perfectly acceptable for the kind of use I intend, and, in fact, a little better than I'd expected. Naturally, your own mileage will vary depending on what sort of demands you put on the connection and the power of the machine the server is running on. Susan could notice a slowdown in her desktop as well.

Still not wanting to stop experimenting, I called Susan again and asked her to plug in the USB IBM PC Camera. She did, and I started xawtv running. Some strange error messages and password warnings showed up in the terminal window from which I started it, but the xawtv window appeared a second later, and I could see her typing away at the keyboard. Too cool! As you can see from the image below, Susan demanded I blank her face, but otherwise the image is just as she captured using the GIMP.

Local Web cam over tightVNC
Editor's note: The above image is reduced in size to allow it to display on this page. Click on this image to see the original.

The video from the cam became distorted when Susan moved, but it quickly snapped back into focus when she stopped. My only purpose for setting all this up is to get access to my own desktop from her place so that I can keep up with e-mail. It will serve that purpose splendidly.

To end my remote session completely, I clicked on the X in the upper right corner of the session window. Then, in the terminal window on which I had started vncserver on Susan's machine, I entered vncserver -kill :1. When I terminated the ssh connection, it was as if I had never been on Susan's machine, at least in terms of memory- and processor-usage.

There are many ways to keep up with the changing dynamic-IP addresses that Road Runner assigns. For Windows users, there is a program called BubbleIP that will do it for you. For everyone else, there are sites on the Web that will do the DNS for you so that you can run a server from a non-static address. For my usage, that would be a bit of overkill; a simple script is all I think I am going to need. In the meantime, while I am locating one, running ifconfig when I leave home works just fine.

Kaplinsky told me via e-mail that he had begun working on tightVNC in July of 2000. Release 1.2.0 was released in August of 2001. He says he's been working on the project fairly regularly ever since. Noticing the Pay Pal and Donate buttons on the tightVNC Web site, I asked him if the project was getting user support. He replied:

Yes, people are helping, but not much. That definitely does not compensate the development efforts even at 20%. From my experience, people just don't pay for free software, even for new features ("why should I pay if others will then use it for free?" -- it's a normal psychology of a healthy mind). That's why Cosource.com, SourceXchange.com etc. all have silently died.

In my case, there were a few companies and individuals that offered me interested VNC-related contracted work from time to time, and sponsored particular improvements for the public version of TightVNC. But obviously, they all were much more interested in additions useful for their particular environments.

The possibility to get good contracts and amounts of donations depend on the popularity of the software (especially, the popularity between Win32 users). I guess TightVNC simply has not reached its intended popularity level yet. ;-)

He's probably right. I made a small donation, and I know I will get more than my money's worth from TightVNC.

More Stories By Joe Barr

Joe Barr is a freelance journalist covering Linux, open source and network security. His 'Version Control' column has been a regular feature of Linux.SYS-CON.com since its inception. As far as we know, he is the only living journalist whose works have appeared both in phrack, the legendary underground zine, and IBM Personal Systems Magazine.

Comments (1)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in ...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...
Rafay enables developers to automate the distribution, operations, cross-region scaling and lifecycle management of containerized microservices across public and private clouds, and service provider networks. Rafay's platform is built around foundational elements that together deliver an optimal abstraction layer across disparate infrastructure, making it easy for developers to scale and operate applications across any number of locations or regions. Consumed as a service, Rafay's platform elimi...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessio...
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Ca...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...