LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices

Reply
 
LinkBack Search this Thread
Old 06-14-2007, 07:10 AM   #1
bobbrandt
LQ Newbie
 
Registered: Sep 2006
Posts: 23

Rep: Reputation: 0
How to configure vino-server


vino-server is a great idea!! Love it!! But...

VNC is rather insecure. I would love to use vino-server over ssh which has security, encryption and compression, but the problem is that vino-server is still listening to all network requests to port 5900.

I want to restrict vino-server to 127.0.0.1:5900 only. This way if forces someone to first SSH onto the workstation before controlling it.

I can find no documentation about vino nor can I find any configuration files!

Any ideas?

Bob
 
Old 06-15-2007, 04:58 PM   #2
{BBI}Nexus{BBI}
Senior Member
 
Registered: Jan 2005
Location: Nottingham, UK
Distribution: Mageia 3 / CrunchBang Linux 10 Statler / Easy Peasy
Posts: 4,293

Rep: Reputation: 205Reputation: 205Reputation: 205
Maybe this will help: http://ubuntuforums.org/showthread.php?t=266981
 
Old 06-18-2007, 05:17 AM   #3
bobbrandt
LQ Newbie
 
Registered: Sep 2006
Posts: 23

Original Poster
Rep: Reputation: 0
I had seen that thread before. It is a great thread for telling you how to setup vino from the command line, but in SuSE they have a GUI command called vino-preferences for that.

I also learned that I can just used the vncviewer command like below:
vncviewer -via root@192.168.1.10 127.0.0.1:0
instead of:
ssh -X -C root@192.168.1.10 "vncviewer 127.0.0.1:0"

However I still have the problem that someone could still run the command:
vncviewer 192.168.1.10:0

I want to FORCE helpdesk users to use SSH when "remote controlling" a workstation. Problem is that I can not find a way to force vino-server to bind to the lo (loopback) interface!
Without this, lazy helpdesk personnel could just skip SSH authentication. Also smart end-users could figure out how to remote control co-workers workstations.
 
Old 09-05-2008, 12:06 AM   #4
Tyler Oderkirk
LQ Newbie
 
Registered: Sep 2008
Posts: 1

Rep: Reputation: 0
Quote:
Originally Posted by bobbrandt View Post
I want to restrict vino-server to 127.0.0.1:5900 only.
Apologies for resurrecting this thread but that feature has been added. See Ubuntu bug 54312.

You can force vino to bind to the loopback adapter with the "Remote Desktop" GUI or this incantation:

Code:
gconftool-2 --set /desktop/gnome/remote_access/local_only --type bool true
You can confirm the setting took effect with:

Code:
lsof | grep vino-serv | grep TCP # forgive my ignorance of lsof's options
-Tyler

Last edited by Tyler Oderkirk; 09-05-2008 at 12:13 AM. Reason: zzz
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
tightvnc and vino fakie_flip Linux - Software 2 08-20-2006 08:22 AM
problem with vino tolstoyinlove Linux - Software 0 06-13-2006 11:25 PM
Having troubles connecting to a vino vnc server from windows xp using tightvnc,help? brynjarh Linux - Software 0 01-12-2005 04:28 AM
vino in Gnome 2.8? jstreed Linux - Software 2 10-28-2004 12:50 AM
can we configure a Linux server with mail server,file server and web server kumarx Linux - Newbie 5 09-09-2004 06:21 AM


All times are GMT -5. The time now is 05:26 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration