VNC server on OpenBSD

    

Here are quick notes on how to setup a VNC server on OpenBSD. This allows a remote connexion to a X11 session running on an OpenBSD server or workstation.

First of all, you’ll have to start the X Display Manager (xdm):

# vi /etc/rc.conf.local  
xdm_flags=""  
# /usr/X11R6/bin/xdm 

Then, you’ll have to install a VNC server tool and enable it:

# pkg_add http://ftp2.fr.openbsd.org/pub/OpenBSD/4.9/packages/powerpc/x11vnc-0.9.12p7.tgz  
# x11vnc -storepasswd vncpass /etc/x11vnc.passwd  
stored passwd in file: /etc/x11vnc.passwd  

# vi /etc/rc.conf.local  
x11vnc_flags="x11vnc_flags="-listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*"  

# /etc/rc.d/x11vnc start 

You can now connect to the remote VNC server and have your X11 session kept when you disconnect from the VNC session. Note that it is quite unsecured not to encrypt this kind of connexion. You may choose to run the VNC server on localhost and use a SSH tunnel to connect to it. Or you may use a (self-signed) SSL connexion:

# x11vnc -ssl SAVE -listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*  
(...)
---END CERTIFICATE---  
Key PEM file:  
/root/.vnc/certs/server.pem  
(..)  
Protect key with a passphrase? y/n n

PORT=5901  
SSLPORT=5901  
^C  

# vi /etc/rc.conf.local  
x11vnc_flags="-ssl SAVE -listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth /etc/X11/xdm/authdir/authfiles/A:0-*"  

# /etc/rc.d/x11vnc start 

You must enable SSL on the client side too! FYI, on my Mac, JollysFastVNC provides this feature.

That’s All Folks!