VNC server on OpenBSD

Here are quick notes on how to setup a VNC server on OpenBSD. This allows a remote connexion to a X11 session running on an OpenBSD server or workstation.

First of all, you’ll have to start the X Display Manager (xdm):

# vi /etc/rc.conf.local
xdm_flags=””
# /usr/X11R6/bin/xdm

Then, you’ll have to install a VNC server tool and enable it:

# pkg_add http://ftp2.fr.openbsd.org/pub/OpenBSD/4.9/packages/powerpc/x11vnc-0.9.12p7.tgz
# x11vnc -storepasswd vncpass /etc/x11vnc.passwd
stored passwd in file: /etc/x11vnc.passwd
# vi /etc/rc.conf.local
x11vnc_flags=”x11vnc_flags=”-listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*”
# /etc/rc.d/x11vnc start

You can now connect to the remote VNC server and have your X11 session kept when you disconnect from the VNC session. Note that it is quite unsecured not to encrypt this kind of connexion. You may choose to run the VNC server on localhost and use a SSH tunnel to connect to it. Or you may use a (self-signed) SSL connexion:

# x11vnc -ssl SAVE -listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*
— x11vnc loop: 1 —
— x11vnc loop: waiting for: 25000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e4:4e:25:62:75:7c:54:35
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, L=OpenBSD, OU=guarana.tumfatig.net-1304450489.430601, O=x11vnc, CN=x11vnc-SELF-SIGNED-CERT-25000/emailAddress=x11vnc@server.nowhere
(…)
—–END CERTIFICATE—–
Key PEM file:
/root/.vnc/certs/server.pem
(..)
Protect key with a passphrase? y/n n

PORT=5901
SSLPORT=5901
^C
# vi /etc/rc.conf.local
x11vnc_flags=”-ssl SAVE -listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*”
# /etc/rc.d/x11vnc start

You must enable SSL on the client side too! FYI, on my Mac, JollysFastVNC provides this feature.

That’s All Folks!

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

*

%d bloggers like this: