COVER STORY Remote Access with VNC Remote GUI access with VNC SHARING vanda, Fotolia vanda, Once you only needed a command line to access remote computers, but today’s networks sometimes require a graphical connection. The VNC protocol provides a practical cross-platform screen sharing solution. We’ll take a close look at VNC and show you some leading no-cost VNC applications. BY JAMES MOHR work in a data center with hundreds With the X protocol, the local machine of updates. Therefore, a number of dif- of machines spread over two build- is responsible for managing the display ferent compression techniques have Iings. Usually we can perform the and windows. VNC uses the Remote been developed to further reduce the necessary management functions for the Frame Buffer (RFB) protocol, transmit- amount of information being transferred. Linux and Unix systems using ssh; how- ting mouse and keyboard events from Because it interacts directly with the ever, in a number of cases, a tool we the client to the server, then sending frame buffer, the RFB protocol – and need may not have a command-line in- screen updates back to the client. thus VNC – is platform independent. A terface, or the remote system may be The simplest method for updating the Windows machine can connect to Linux running some version of Windows that screen is to send the raw pixel data in just as well as it can connect to another requires access to the GUI. scanline order (left to right, top to bot- Windows machine. VNC can essentially Virtual Network Computing (VNC) is tom). Once the initial screen is drawn, work with any windowing system and is a popular alternative for sharing screens rather than refreshing the entire screen therefore ideal for both Windows and on heterogeneous networks. VNC beha- when something has changed, the VNC X11, as well as Macintosh systems. vior is slightly different from the X Win- protocol uses a simple primitive to place dowing system. One difference is that a rectangle of data at a particular loca- Getting Connected VNC shares the entire desktop. A user on tion. This way, only the areas that Like the Windows remote desktop client, one machine can see the current desktop change need updating. the VNC server stores all of the connec- of a user on another and control the Because more information is sent tion and session information. Therefore, mouse and keyboard of the remote sys- across the network than with X11, VNC you can disconnect a client while at one tem. This feature is useful for a range of is obviously slower; however, in the tests location, then reconnect later at a differ- activities, such as accessing a work com- I conducted, VNC did not cause any sig- ent location and start from where you puter from home, working with students nificant performance problems. left off. An X11 client typically cannot in a training environment, providing Even with limiting the data sent in this detach itself from the server and then re- tech support, or annoying your son fashion, it can still cause bandwidth connect itself (although there are some while he’s playing video games. problems on slow connections with a lot X11 apps that allow this). 22 ISSUE 85 DECEMBER 2007 Remote Access with VNC COVER STORY The controlling application or client is sure that both the server and client A couple of the VNC products I re- often called the “viewer” since it is used know which port to use. viewed also include the vncconfig to “view” the remote machine. This program, which provides two different name has a farther-reaching implication, What Goes Into VNC functions. The first function is to display as you can actually configure the server Packages typically come with five pro- or set Xvnc parameters for a running to be “read only” or “view only.” That grams, but the VNC server and viewer server. The second function is to help is, you can see the display, but you can- sometimes come in separate packages. with clipboard transfer to and from the not make any changes. We have used Although the behavior is generally the VNC viewer. this at work for remote monitoring of ap- same, you will find slight differences in Many Linux distributions provide a plications where we were not allowed to the various VNC alternatives. VNC server by default and it is usually change anything, just report when some- Packages typically appear as RPM and configured as “Remote Administration,” thing happened. tgz-files for Linux, or as self-extracting or something similar, although you can In a support environment, the techni- .exe or .zip files on Windows. Source use it for other things as well. In many cian can see the steps the user takes code is available for the open source ver- cases, all you can do within the respec- without being able to make changes. In sions, including Windows. tive administration GUI is to activate/ other cases, you can configure VNC to The vncserver script is what is typi- de-activate it and perhaps change the show a single display on multiple ma- cally run to start the VNC server. This firewall settings. chines, such as a training environment file can be in various directories such as Although the same programs exist on when the instructor is demonstrating /usr/bin, /usr/X11/bin, or /usr/local/bin, Windows, I found that the name for the something to a large number of students. depending on the product and how it server application differed from product Keep in mind that VNC needs to up- was installed (RPM or compiled). The to product. For example, TightVNC date the local display every time you script is simply a wrapper script to start named the server program WinVNC.exe. make a change such as moving or resiz- the Xvnc program, which is the actual Provided the necessary DLLs are accessi- ing a window. Not only does the win- server. This script accepts far few op- ble, you can start the server without dow itself need to get redrawn, the back- tions than Xvnc supports, but for the having to actually install it. ground behind the window needs to get most part, the options vncserver accepts Like Linux, the Windows VNC server updated as well. are sufficient. The client or viewer is can also be configured as a service that If you have a complex background, it provided by the vncviewer program. is started automatically when the system naturally takes longer to update. Also, Two support programs are also deliv- boots, but this usually means having to the higher the resolution, the more data ered. The vncpasswd program allows actually install the product. The prod- needs to be transmitted, which thus ef- you to set the password for the current ucts I looked at allow you to either dump fects the performance. user. Passwords must be six characters the respective programs into a directory long; the program will fail if the pass- and start them from there, or you can Xvnc word is shorter. If the read-only pass- actually install the programs, which cre- Some VNC versions provide not only word is too short, the primary password ates menus and desktop icons. VNC services, but X11 as well. Xvnc, the will be saved. Note also that, in most I ran into firewall problems with a actual server application on Linux, offers cases, only the first eight characters are couple of the Linux distributions I X11 and VNC, supporting multiple con- significant and the rest are ignored. tested. The ports used by VNC are typi- current X11 sessions on the same remote By default, the file $HOME/.vnc/ cally not open by default, so check out machine and includes connecting to ex- passwd is used, but you could specify a the firewall configuration if you are hav- isting X11 sessions as well as creating different file. For example, a system ad- ing trouble connecting. new, independent sessions. This means ministrator who wants to create a pass- I also ran into another problem with that what Xvnc is displaying on the cli- word file for a specific user (i.e., to reset Fedora 6, which offers a copy of ent is not necessarily the same as what a password) can specify the password RealVNC 4.1.2 that is well integrated is running on the server’s display. on the command-line, like this: into the system. The VNC server is set Like X11, VNC creates virtual displays or “screens” to each connection, but this vncpasswd filename is not the same as the virtual desktops you get with KDE. By default, VNC uses If, for example, the user’s home direc- ports 5900 through 5906, with each port tory is on a shared filesystem (i.e., corresponding to one of these screens, SAMBA or NFS) and you would like so you end up with screens :0 to :6. Note to make sure the VNC password file is the colon in front of the screen number, local, you can specify the -t option to which is the same way displays are num- vncpasswd, which will cause the appli- bered with X11. Depending on the prod- cation to write passwords into /tmp/ uct, there is a built-in HTTP server to $USER-vnc/passwd. which you can connect using ports 5800- The vncconnect program is used to 5806. In either case, you can use other connect a VNC server to a VNC viewer Figure 1: The Linux Viewer configuration ports, but you naturally need to make on a specific machine.
