jamesiswizard_1
Forum Master
- Joined
- Aug 26, 2012
- Posts
- 5,783
- Reaction
- 43,459
- Points
- 5,542
The following topics are covered in this guide -
VNC applications are usually comprised of a server and a viewer. The server should be installed on the SSH server set up earlier. If the preceding section of this guide was followed you will already have a working SSH server.
There are two distinct methods of running the TightVNC server, either as an application or as a service. If the VNC server is running as an application then it can only be accessed after logging in to the server using a valid user account, and will be closed when the user logs out or restarts the PC. Due to these restrictions we will be installing the VNC Server as a service. Running the VNC server as a service allows the PC on which it is installed to be accessed even when there is no user logged in - e.g. after a reboot before a user account is selected.
Two versions of TightVNC are covered in this guide, use version 2.0 if using Windows 7 as older versions of TightVNC are not fully compatible with this operating system and cannot register the TightVNC server as a service -
No further steps are required to configure the server. Connect to the SSH Server from the client PC using PuTTY before starting the VNC Client (see You do not have permission to view the full content of this post. Log in or register now.).
TightVNC Server (version 2.0 beta1)
As the VNC Server has been configured to allow loopback connections only it will not respond to attempts to connect via port 5900 (the default port) - all connections will be routed through a Secure Shell tunnel.
To create a Secure Shell tunnel through which to encrypt the VNC stream use PuTTY (follow the instructions You do not have permission to view the full content of this post. Log in or register now.)
TightVNC Client
To connect to the VNC server you will need a VNC viewer installed/copied to the client PC. We will be using the TightVNC viewer. Assuming that the server already has SSH installed with TightVNC server running and the client PC has opened an SSH tunnel using the settings in this guide -
- You do not have permission to view the full content of this post. Log in or register now.
- You do not have permission to view the full content of this post. Log in or register now.
- You do not have permission to view the full content of this post. Log in or register now.
- You do not have permission to view the full content of this post. Log in or register now.
"Although TightVNC encrypts VNC passwords sent over the net, the rest of the traffic is sent as is, unencrypted (for password encryption, VNC uses a DES-encrypted challenge-response scheme, where the password is limited by 8 characters, and the effective DES key length is 56 bits). So using TightVNC over the Internet can be a security risk....if you need real security, we recommend installing OpenSSH, and using SSH tunnelling for all TightVNC connections from untrusted networks."
Although TightVNC has been used in this guide it can easily be replaced with other versions of VNC. In fact, if the VNC version adheres to VNC code then a viewer from one version can be used to connect to a server using a different version.VNC applications are usually comprised of a server and a viewer. The server should be installed on the SSH server set up earlier. If the preceding section of this guide was followed you will already have a working SSH server.
There are two distinct methods of running the TightVNC server, either as an application or as a service. If the VNC server is running as an application then it can only be accessed after logging in to the server using a valid user account, and will be closed when the user logs out or restarts the PC. Due to these restrictions we will be installing the VNC Server as a service. Running the VNC server as a service allows the PC on which it is installed to be accessed even when there is no user logged in - e.g. after a reboot before a user account is selected.
Two versions of TightVNC are covered in this guide, use version 2.0 if using Windows 7 as older versions of TightVNC are not fully compatible with this operating system and cannot register the TightVNC server as a service -
- You do not have permission to view the full content of this post. Log in or register now.
- You do not have permission to view the full content of this post. Log in or register now.
- Install TightVNC. If the Windows installer package is used the default install location isC:\Program Files\TightVNC\.
- To install WinVNC as a service start a command prompt with Administrator privileges and enter the following command -
"C:\Program Files\TightVNC\WinVNC.exe" -install [enter]
- open a command prompt and start the VNC Server using the command -
net start winvnc [enter]
- The TightVNC configuration window should open. Enter a password in the Server tab settings - the password can be up to eight characters in length. After the password has been set click on the Apply button -
- Select the Administration tab and enable Allow loopback connections and Allow only loopback connections, then click on Apply and OK -
No further steps are required to configure the server. Connect to the SSH Server from the client PC using PuTTY before starting the VNC Client (see You do not have permission to view the full content of this post. Log in or register now.).
TightVNC Server (version 2.0 beta1)
- Install TightVNC. If the Windows installer package is used the default install location isC:\Program Files\TightVNC\.
- To install tvnserver as a service if this option was not selected during installation, start a command prompt with Administrator privileges and enter the following command then restart the PC -
"C:\Program Files\TightVNC\tvnserver.exe" -install [enter]
- Open the TightVNC Service Configuration windows via the icon in the taskbar and uncheck the Use passwords (VNC authentication) option in the Server tab-
Note - as we will only be allowing loopback connections to tunnel TightVNC through a SSH connection it is safe to disable password authentication.
- Select the Access Control tab and select Allow loopback connections and Allow only loopback connections, then click on Apply and OK -
As the VNC Server has been configured to allow loopback connections only it will not respond to attempts to connect via port 5900 (the default port) - all connections will be routed through a Secure Shell tunnel.
To create a Secure Shell tunnel through which to encrypt the VNC stream use PuTTY (follow the instructions You do not have permission to view the full content of this post. Log in or register now.)
TightVNC Client
To connect to the VNC server you will need a VNC viewer installed/copied to the client PC. We will be using the TightVNC viewer. Assuming that the server already has SSH installed with TightVNC server running and the client PC has opened an SSH tunnel using the settings in this guide -
- Start the TightVNC viewer (C:\Program Files\TightVNC\vncviewer.exe) on the client PC and enter 127.0.0.1:5900 in the VNC Server box -
Note - If TightVNC Server version 2.0beta1 is running on the server and the settings covered in this guide have been used no password is required and the viewer should automatically connect to the server.
- If TightVNC Server version 1.3.10 is running on the server you will be prompted to enter the password set in step 4 -
- You should now see the server's desktop - possibly with the wallpaper removed -
Last edited: